Tuesday 24 March 2020

Issue while connecting Azure Data Factory (v2) to Azure Data Lake Gen2 using Managed Service Identity (MSI)


Issue while connecting Azure Data Factory (v2) to Azure Data Lake Gen2 using Managed Service Identity (MSI)

Usually documentation of Microsoft is too good but for errors it does not offers much help. One is case when I was trying to connect to ADF v2 to ADLS Gen2 using Managed Identity. I was getting error 

ADLS Gen2 operation failed for: Operation returned an invalid status code 'Forbidden'. Account: 'adlsgen2rk'. FileSystem: 'filesystem'. ErrorCode: 'AuthorizationPermissionMismatch'. Message: 'This request is not authorized to perform this operation using this permission.'. RequestId: 'd26ce7e5-601f-004f-4bda-017884000000'.. Operation returned an invalid status code 'Forbidden' Activity ID: f49c8379-d827-40d9-8c13-2206c8fd0c01.


There was no help available online so connected with Microsoft to solve this.



Steps to solve are:
  1. Go to ADLS Gen2 where you want to connect
  2. On left navigation pan select "Access control (IAM)"
  3. Click on "+Add" button, select "Add role assignment"
  4. In form, in Role drop down select "Storage Blob Data Contributor"
  5. In Select, select your Azure Data Factory name and click "Save"
IMPORTANT: Wait for 5 to 10 minutes before it reflects in Azure Data Factory

Go to Azure Data Factory again and try creating Connection, it should be successful now 😊 !

Happy Coding!!

No comments:

Post a Comment