Hello Murali R,
Thank you for posting your query here!
I have a doubt, if we add this action ( "Microsoft.Storage/storageAccounts/read") to the custom role which deploys nsg flow log, will this issue gets resolved
Adding the action "Microsoft.Storage/storageAccounts/read" to the custom role used in deploying NSG flow logs could help, but primarily from an access perspective. This permission allows the role to read the properties of storage accounts, which is necessary for operations that need to fetch details about the storage account (like its resource ID or status) before performing actions on it.
However, regarding the specific error you're encountering "An operation is currently performing on this storage account that requires exclusive access. (Code: StorageAccountOperationInProgress)" this error is more about the state of the storage account at the time of operation rather than the permissions of the role. The error indicates that some exclusive operation is currently being performed on the storage account, which needs to be completed before another operation can be initiated.
So, while it will ensure that the role has the necessary permissions to read storage account details, which could be critical if your deployment script needs to check the status or other properties of the storage account before initiating the NSG flow log deployment. It ensures that there are no permission-related blocks when the script checks storage account details.
However, operation-wise it won't prevent the storage account from being in a state where exclusive operations prevent other operations.
I hope this helps! Please let me know if the issue persists or if you have any other questions.
Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.