azure-sdk-for-python: TLS error when using HTTPS/TLS URL (not permitted for non-TLS protected (non-https) URLs.)
Ubuntu 19.10 Linux rio-t460p 5.3.0-26-generic #28-Ubuntu SMP Wed Dec 18 05:37:46 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux Python 3.7.5 azure-core==1.2.0 azure-identity==1.2.0 azure-storage-blob==12.1.0
Describe the bug When trying to do a batch delete blob using a blob client created using a HTTPS URL the code errors with:
“Bearer token authentication is not permitted for non-TLS protected (non-https) URLs.” azure.core.exceptions.ServiceRequestError: Bearer token authentication is not permitted for non-TLS protected (non-https) URLs.
This same blob client connection can successfully be used to list blobs in a container. The credentials used to create the client are service principal with rbac (client/secret/tenant) and the role is set to “Storage Blob Data Owner”.
Steps to reproduce Here is some example code to reproduce the error:
STORAGE_URL = 'https://' + STORAGE_ACCOUNT + '.blob.core.windows.net'
client_credentials = ClientSecretCredential(client_id=AZURE_CLIENT, client_secret=AZURE_SECRET, tenant_id=AZURE_TENANT)
blob_service_client = BlobServiceClient(account_url=STORAGE_URL, credential=client_credentials)
container_client = blob_service_client.get_container_client(STORAGE_CONTAINER)
def run_azure_blob_list():
result = []
blob_list = container_client.list_blobs(name_starts_with=STORAGE_FOLDER)
for blob in blob_list:
if blob.last_modified < IGNORE_DATE:
result.append([blob.name, blob.last_modified])
return result
blob_list = run_azure_blob_list()
container_client.delete_blobs(*blob_list)
Container endpoint:
print(container_client.primary_endpoint)
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Reactions: 1
- Comments: 15 (12 by maintainers)
Released part of 12.3.1 (see tags of this commit)