From cfd940bf5395ae02816b6ff90fe8e70815302e6f Mon Sep 17 00:00:00 2001
From: magodo <wztdyl@sina.com>
Date: Tue, 10 Jan 2023 07:55:03 +0800
Subject: [PATCH] `azurerm_storage_account` - Add 403 (previously only 401) as
 a valid status code for lacking permissions to list keys (#19645)

Co-authored-by: kt <kt@katbyte.me>
Fix https://github.com/hashicorp/terraform-provider-azurerm/issues/19622
---
 internal/services/storage/storage_account_resource.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/internal/services/storage/storage_account_resource.go b/internal/services/storage/storage_account_resource.go
index d798b05b9b3c..d93401053533 100644
--- a/internal/services/storage/storage_account_resource.go
+++ b/internal/services/storage/storage_account_resource.go
@@ -1921,7 +1921,7 @@ func resourceStorageAccountRead(d *pluginsdk.ResourceData, meta interface{}) err
 		if e, ok := err.(azautorest.DetailedError); ok {
 			if status, ok := e.StatusCode.(int); ok {
 				hasWriteLock = status == http.StatusConflict
-				doesntHavePermissions = status == http.StatusUnauthorized
+				doesntHavePermissions = (status == http.StatusUnauthorized || status == http.StatusForbidden)
 			}
 		}