Azure-storage-azcopy: blob-to-blob OAuth support for both

Created on 14 Feb 2019 · 3Comments · Source: Azure/azure-storage-azcopy

Which version of the AzCopy was used?

AzCopy 10.0.7-Preview

Which platform are you using? (ex: Windows, Mac, Linux)

Windows

What command did you run?

azcopy login
azcopy copy 'https://[account1].blob.core.windows.net/[container1]/log.txt' 'https://[account2].blob.core.windows.net/[container2]/log.txt'

This gives the error:

Scanning...
Using OAuth token for authentication.

failed to perform copy command due to error: cannot start job due to error: cannot copy the entire container or directory without recursive flag. Please use --recursive flag.

--recursive is not relevant in this case, and if I add the flag I get a 404 The specified resource does not exist. which is a typical error if you are not authenticated too. Adding SAS exclusively to the source works:

azcopy copy 'https://[account1].blob.core.windows.net/[container1]/log.txt?[SAS]' 'https://[account2].blob.core.windows.net/[container2]/log.txt'

But adding SAS to the destination does not:

azcopy copy 'https://[account1].blob.core.windows.net/[container1]/log.txt' 'https://[account2].blob.core.windows.net/[container2]/log.txt?[SAS]'

What problem was encountered?

It would be nice if the Azure Block Blob (OAuth ) <-> Azure Block Blob (OAuth) pair could be supported.

How can we reproduce the problem in the simplest way?

Setup 2 blobs that both require OAuth and transfer between them.

enhancement service issue

Source

Mmdixon

Most helpful comment

Hi @Mmdixon, thanks for reaching out!

The actual copy is done by the service, which means that the service (destination account) must be able to read your source blob. It wouldn't be safe to give the service your OAuth token, so we require the source to have a SAS. However, there will be a new feature soon that would enable your suggestion. Please stay tuned. 😄

@jiacfan We should definitely improve the error message.