Storage Accoung V2 access with firewall, VNET to data factory V2

Question

I have blob containers in storage account V2 having firewall settings with VNet and only allowed access to Microsoft Trusted Services. Now, as long as the firewall is restricting other services, I am unable to get test connection succeeded for data factory V2 while I am trying to set up Linked Service and I am getting an error:

Connection failed ADLS Gen2 operation failed for: Operation returned an invalid status code 'Forbidden'. Account: 'mufgpresales'. FileSystem: 'filesystem'. ErrorCode: 'AuthorizationFailure'. Message: 'This request is not authorized to perform this operation.'. RequestId: 'fdc2149f-401f-0027-0b8f-c464ff000000'.. Operation returned an invalid status code 'Forbidden' Activity ID: 439d7a8c-254b-4af6-8697-1ff8770e1c40.

I read many posts about using Managed Identity and integration runtime. So, I used Managed Identity Application ID of Data factory and given all permissions on 1 blob container and still, I cannot get it to succeed.

It's hard for me to sale Integration runtime bit and an extra VM to host it. I am looking for a solution using AzureRuntime which I believe is possible but don't know exactly how. Any suggestions?

Answer 1

Did you face the error like this?

Cause: The reason is your Data Factory don't have the access permission to your Storage Account.

Solution:

Then click 'Add role assignment',

With these steps, the connection must be work.

Let me know if you have more doubts.