I was working with one of my clients and they wanted to clean up old backup blobs from Azure. I have already blogged and shared my script. In this blog we would learn how to fix error: (403) Forbidden – This request is not authorized to perform this operation. SQL SERVER – PowerShell Script – Remove Old SQL Database Backup Files From Azure Storage
This was their on-premise SQL Server where the backups were taken directly to Azure Blob rather than local disk. I have modified the script as per their environment and used Automation Account and Run Book to schedule it. They informed me that this was not working as expected. No 7 days old files were getting deleted!
I look at the output of runbook and was able to reproduce the error by a running script in PowerShell ISE.
Here is the text of the message
Get-AzureStorageBlob : The remote server returned an error: (403) Forbidden. HTTP Status Code: 403 – HTTP Error Message: This request is
not authorized to perform this operation.
At line:1 char:9
+ $blobs= Get-AzureStorageBlob -Container $ContainerName -Context $cont …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Get-AzureStorageBlob], StorageException
+ FullyQualifiedErrorId : StorageException,Microsoft.WindowsAzure.Commands.Storage.Blob.Cmdlet.GetAzureStorageBlobCommand
I used Azure Storage Explorer to connect to storage via Access Key and that also failed.
Interestingly, when I used Storage Explorer on the SQL Server machine, it was able to open.
WORKAROUND/SOLUTION
While there might be other reasons for the same error, my situation was unique. So, check this first and if it doesn’t solve the issue,
Since we were able to connect from SQL Server machine but not from others, I knew it would be someplace where they have blocked the access. I remembered such setting in the storage account, so I checked “Firewall and Virtual Networks” and found that they have allowed IP for SQL Server machine.
Once I modified the setting as per their environment, the run book job executed fine and other backups were deleted.
Reference: Pinal Dave (https://blog.sqlauthority.com)