volume 'sftpvolume' can't be accessed

Question

volume 'sftpvolume' can't be accessed

Closed this issue 3 years ago · 17 comments

I am getting the following error when trying to deploy SFTP to Azure either using a new or existing Azure Files.

"The Azure storage account 'sftpstgv46evzd4z2o72' in volume 'sftpvolume' can't be accessed: 'The remote server returned an error: (400) Bad Request.'. This can be caused by incorrect Azure storage account key or Azure storage firewalls."

Please advise,

Answer 1 · 2019-07-30T15:28:28.000Z

@NFCES is this the error you are seeing when you are using the new storage account while creating or using the existing storage account?

Answer 2 · 2019-07-30T15:41:49.000Z

Either creating or existing.

Answer 3 · 2019-08-02T10:13:55.000Z

Ok just found out that we need to enter everything in lower case. Odd that MSFT did not complain about when entering names and titles.

Answer 4 · 2019-08-02T12:22:15.000Z

This is documented here: https://docs.microsoft.com/en-us/azure/architecture/best-practices/naming-conventions#storage

Although it is a shame we can't validate this in the ARM template

Answer 5 · 2019-08-15T09:31:42.000Z

Is there any way to change the user name and/or password after creating the SFTP? If so, where is this done? I have searched all the options and setting but there is nothing there to allow me to change this.

Also not see the PoSH, Linux, and Mac OS commands to mount the SFTP site.

Answer 6 · 2019-08-15T10:44:23.000Z

Ok found the commands but still no way to change user name and password. Please advise..

Answer 7 · 2019-08-16T12:26:06.000Z

Is there any way to change the user name and/or password after creating the SFTP? If so, where is this done? I have searched all the options and setting but there is nothing there to allow me to change this.

You can change these by updating the generated environment variable with a new username/password and restarting the ACI. However, it may be easier to just re-deploy a new ACI with the same backing Azure Files share

Answer 8 · 2020-06-03T08:33:47.000Z

Hi,
I too am getting a similar error when redeploying an existing modified template.

I exported the initial template used to create the SFTP login, and modified a handful parameters to create separate share, login and home directory.

The error is below
{ "code": "DeploymentFailed", "message": "At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.", "details": [ { "code": "BadRequest", "message": "{\r\n \"error\": {\r\n \"code\": \"InvalidStorageAccountKey\",\r\n \"message\": \"The Azure storage account key in volume 'sftpvolume' is invalid.\"\r\n }\r\n}" } ] }

I'm not entirely sure why it's complaining about the InvalidStorageAccountKey , as I didn't modify this. I even copied and pasted the key again.

all the changes I made were in lowercase.

Any ideas?

Answer 9 · 2020-06-04T08:05:25.000Z

Hmm, odd one! The error is pretty explicit: could you try cycling the storage account keys and trying again?

If you try connecting to the Storage account using e.g. Storage Explorer and the account key, does that work?

Answer 10 · 2020-06-04T09:50:51.000Z

Hello.
Many thanks for replying :)
I have checked the storage account and can see the new template has created a new file share despite the error, see below.

I'm able to connect to the file share remotely using the same key.

However, I'm unable to connect to the file share via SFTP

The code to the left if the initial code used to create the UAT share, and code to the right is the new SFTP share that fails. I the changes are highlighted using a diffchecker.

Could the error be a red herring?

Answer 11 · 2020-06-04T10:10:52.000Z

Looks like you haven't provided the Storage Account Key as part of the volume mount definition:
"volumes": [
{
"name": "sftpvolume",
"azureFile": {
"readOnly": false,
"shareName": "[parameters('fileShareName')]",
"storageAccountName": "[variables('storageAccountName')]",
"storageAccountKey": "[listKeys(variables('storageAccountName'),'2018-02-01').keys[0].value]"
}
}
]

Answer 12 · 2020-06-04T10:34:52.000Z

Hi, thanks that worked, however, it's broken the initial UAT login I created. I thought this would create another file share and user account. What would be the quickest way to restore the previous login ?

Answer 13 · 2020-06-04T13:46:39.000Z

@bhummerstone Hi, I managed to restore the previous user account by using your Multiple user template. I had to fiddle about with it for a while to get the script working
https://github.com/bhummerstone/azure-templates/blob/master/compute/sftp/sftp-existing-stg-multi-user.json

I manually added the storage key and added the FQDN entry, as each time I deployed the script it was dropping the hostname from container;

"ipAddress": { "ports": [ { "protocol": "TCP", "port": 22 } ], "ip": "51.******", "type": "Public", "dnsNameLabel": "laa********" },

Sorry if I hijacked the thread.

Answer 14 · 2020-06-05T08:48:41.000Z

No worries: glad you got it working! :)

Answer 15 · 2021-06-23T13:46:24.000Z

Closing this issue as it has been idle for a while

Answer 16 · 2021-11-12T10:06:28.000Z

@bhummerstone is your multi user json file available?

Answer 17 · 2021-11-12T10:49:56.000Z

Yes, apologies: did some refactoring so it's now here: https://github.com/bhummerstone/azure-templates/blob/master/arm/compute/sftp/sftp-existing-stg-multi-user.json