I have a private file share on my storage account (setup with private link) which connects with my Azure file sync service (currently not private). I have a sync group setup with the could endpoint added, pointing private file share.
The underlying Microsoft.StorageSync service (service principle) constantly requests SAS token from storage account flooding our logs. The issue starts when the cloud endpoint is added to the sync group -- at this point there is no server endpoint configured but as I tested the issue persists even when the complete sync is setup and working. There is no problem with the syncing of files to the file share the constant logs are the problem.
Q1: Is this an expected behavior?
Q2: Why this is happening and is there a way to stop these logs?
Storage Account: Standard GZRS ,StorageV2, Hot
File Share: Transaction optimized, 5 TiB
File Sync: Vanilla deployment no additional change
All this are being deployed using ARM templates.
I have already checked the possibility of this because of private endpoint setup on file share but that is not the issue.
I already marked "Allow trusted Microsoft services to access this storage account" as exception in Firewall and Virtual Networks setting.
Another observation is that this issue still continues even hours after the File Sync Service is deleted.
This is an expected behavior of Storage Sync Service. I would still say that that many logged activity for SAS token operation must be silent as we do not have control whatsoever.
