Failure when deleting image after packer build #363
Comments
|
Oh hey @jpalermo, it's been a while! I hope you are well! I miss playing haxball with all the Pivotal folks, This is a good call and something we definitely missed in the release notes, thanks for calling this out. As part of the v2.0.0 release we switched to using managed authentication for storage accounts as opposed to account keys, and was requested in this issue #250 due to Microsoft's security recommendations to stop using account keys as they are very permissive. The plugin now requires the configured authenticated principal to have delete access to the storage account, otherwise the temporary images the plugin creates during the build will be left behind during build. To resolve this you need to grant your user access to delete things from the storage account, you can create individual roles and assign them to your user. Let us know if you have any trouble setting up those permissions, I will update the release notes to capture this breaking change, thanks again for calling this out. |
|
Closing since there have been no updates to the issue. If you believe this is still an issue please open a new bug issue with the information requested in the template. |
Overview of the Issue
After upgrading to 2.0.2 from 1.4.0 as part of an upgrade from packer 1.9.5 to 1.10 we started getting failures during cleanup at the end of packer build:
Rolling back to packer 1.9.5 with the built in plugin and using the same config still works.
AuthorizationPermissionMismatch - This request is not authorized to perform this operation using this permissionseems to imply that we are misconfiguring something, although we didn't see anything in the release notes or configuration about changes to auth, and it was able to fully build the image with the credentials provided.Are we missing something or are the credentials somehow not properly passed to the library performing this image delete action?
The text was updated successfully, but these errors were encountered: