Describe the bug
Since Azure CLI version 2.79, the az storage file list command no longer works correctly when using OAuth authentication. This issue appeared in the same release that introduced fixes related to az storage file list, which may indicate a regression. Meanwhile, az storage file upload and az storage file download continue to function without any issues. Rolling back to version 2.78 resolves the problem, confirming that the behavior is specific to 2.79 and above. Upgrading to version 2.81 does not fix the issue either.
Related command
az storage file list --account-name [STORAGE_ACCOUNT_NAME] --share-name [FILESHARE_NAME] --path [FOLDER_NAME] --enable-file-backup-request-intent --auth-mode login
Errors
You do not have the required permissions needed to perform this operation.
Depending on your operation, you may need to be assigned one of the following roles:
"Storage Blob Data Owner"
"Storage Blob Data Contributor"
"Storage Blob Data Reader"
"Storage Queue Data Contributor"
"Storage Queue Data Reader"
"Storage Table Data Contributor"
"Storage Table Data Reader"
If you want to use the old authentication method and allow querying for the right account key, please use the "--auth-mode" parameter and "key" value.
Issue script & Debug output
/
Expected behavior
The az storage file list command should work correctly with OAuth authentication, just like az storage file upload and az storage file download. Listing files should succeed without error in Azure CLI 2.79+ and behave the same way it does under version 2.78.
The command should not fail due to role validation errors unrelated to File Share access. The Service Principal used already has the proper role assigned : Storage File Data Privileged Contributor so file listing should be allowed without requiring any additional, unrelated permissions.
Environment Summary
azure-cli 2.81.0
python 3.12
Additional context
No response
Describe the bug
Since Azure CLI version 2.79, the az storage file list command no longer works correctly when using OAuth authentication. This issue appeared in the same release that introduced fixes related to az storage file list, which may indicate a regression. Meanwhile, az storage file upload and az storage file download continue to function without any issues. Rolling back to version 2.78 resolves the problem, confirming that the behavior is specific to 2.79 and above. Upgrading to version 2.81 does not fix the issue either.
Related command
az storage file list --account-name [STORAGE_ACCOUNT_NAME] --share-name [FILESHARE_NAME] --path [FOLDER_NAME] --enable-file-backup-request-intent --auth-mode login
Errors
You do not have the required permissions needed to perform this operation.
Depending on your operation, you may need to be assigned one of the following roles:
"Storage Blob Data Owner"
"Storage Blob Data Contributor"
"Storage Blob Data Reader"
"Storage Queue Data Contributor"
"Storage Queue Data Reader"
"Storage Table Data Contributor"
"Storage Table Data Reader"
If you want to use the old authentication method and allow querying for the right account key, please use the "--auth-mode" parameter and "key" value.
Issue script & Debug output
/
Expected behavior
The az storage file list command should work correctly with OAuth authentication, just like az storage file upload and az storage file download. Listing files should succeed without error in Azure CLI 2.79+ and behave the same way it does under version 2.78.
The command should not fail due to role validation errors unrelated to File Share access. The Service Principal used already has the proper role assigned : Storage File Data Privileged Contributor so file listing should be allowed without requiring any additional, unrelated permissions.
Environment Summary
azure-cli 2.81.0
python 3.12
Additional context
No response