Python PUT request always returning 401 Error despite working in Postman

Question

So I'm trying to call a PUT request to create an inventory policy: https://learn.microsoft.com/en-us/rest/api/storagerp/blob-inventory-policies/create-or-update

I'm using Ansible custom modules and Python to create it.

Python

def create_inventory_rule(bearer_token,azure_subscription, azure_storage_account, azure_resource_group):
management_url = "https://management.azure.com/subscriptions/{}/resourceGroups/{}/providers/Microsoft.Storage/storageAccounts/{}/inventoryPolicies/default?api-version=2021-04-01".format(azure_subscription,azure_resource_group,azure_storage_account)
body= get_body()

headers = {
    'Authorization':  bearer_token
}

try:
  request = requests.put(management_url, headers= headers, data = body)
  request.raise_for_status()
except requests.exceptions.RequestException as e:
    raise

I can confirm that I am able to fetch all the variables in the management_url, as well as the Bearer token. I took the management_url created and the bearer token in the ansible run, used it in Postman, and it returned a 200 OK. I'm just wondering if I'm missing anything here.

- name: Create Access Token
create_token:
  azure_resource : "{{ azure_resource }}"
  azure_tenant_id: "{{ azure_tenant_id }}"
  azure_client_id: "{{ azure_client_id }}"
  azure_client_secret: "{{ azure_client_secret }}"
register: c_access_token

- name: Create Inventory Policy Rule
create_inventory_rules:
  bearer_token: "{{ c_access_token }}"
  azure_subscription: "{{ azure_subscription }}"
  azure_storage_account: "{{ azure_storage_account }}"
  azure_resource_group: "{{ azure_resource_group }}"

Can anyone help me what else to check here I'm really lost atm. Might just be something I'm overlooking.

Get body:

def get_body():
body = {
  "properties": {
"policy": {
  "enabled": "True",
  "type": "Inventory",
  "rules": [
    {
      "enabled": "True",
      "name": "inventoryPolicyRule",
      "destination": "inventory-report",
      "definition": {
        "filters": {
          "blobTypes": [
            "blockBlob",
            "appendBlob"
          ],
          "prefixMatch": [
            "raw",
            "refined",
            "produced"
          ],
          "includeSnapshots": "True",
          "includeBlobVersions": "True"
        },
        "format": "Csv",
        "schedule": "Daily",
        "objectType": "Blob",
        "schemaFields": [
          "Name",
          "Creation-Time",
          "Last-Modified",
          "Content-Length",
          "Content-MD5",
          "BlobType",
          "AccessTier",
          "AccessTierChangeTime",
          "Snapshot",
          "VersionId",
          "IsCurrentVersion",
          "Metadata"
        ]
      }
    }
  ]
}
 }
  }
    return body

It means unauthorized, right? But I checked the bearer token being produced in postman and it's working fine. — Alexander Espiritu, Sep 13 '21 at 14:12
so its work under postman? "Ask" postman to covert the request to python -https://learning.postman.com/docs/sending-requests/generate-code-snippets/ . Try to run the py code - does it work? — balderman, Sep 13 '21 at 14:14

score 0 · Answer 1 · answered Jan 13 '22 at 16:40

Try adding a debug after you register c_access_token. When you register in ansible there is an object so you will need to define exactly where the token will be at.

- debug: var=c_access_token

I suspect that your task that you pass in your registered variable should be something like this

bearer_token: "{{ c_access_token.results.someOtherObjectKey }}"

Python PUT request always returning 401 Error despite working in Postman

1 Answers1