Azure 权限:无权执行此操作
Azure permission : not authorized to perform this operation
所以我有一个数据工厂,它调用一个读取 blob 存储的 Azure 函数。
我不明白为什么会出现此错误。
“此请求无权执行此操作”。是数据工厂、azure 存储还是 azure 函数的问题?
我还向 Storage Blob Data Contributor 添加了服务主体,但没有成功。
我应该在存储资源管理器中对此特定文件夹添加什么权限?
{
"name": "TPFunction",
"instanceId": "4ef6513ebfc6bb",
"runtimeStatus": "Failed",
"input": {
"environment": "dev",
"DateToProcess": "2013-04-08",
"SourceStorageType": "AdlsGen2",
"SourceAccountName": "storage06",
"SourceBlobContainer": "data",
"SourceFilePath": "file/file/file"
},
"customStatus": null,
"output": "Orchestratorfunction 'TPFunction' failed: Following error occurred during execution: The activity function 'TPFunction' failed: \"Error occurred getting list of files: This request is not authorized to perform this operation using this permission.\nRequestId:7b5e-e4a603\nTime:2013-04-08:02:27.0924606Z\r\nStatus: 403 (This request is not authorized to perform this operation using this permission.)\r\nErrorCode: AuthorizationPermissionMismatch\r\n\r\nHeaders:\r\nServer: Windows-Azure-HDFS/1.0,Microsoft-HTTPAPI/2.0\r\nx-ms-error-code: AuthorizationPermissionMismatch\r\nx-ms-request-id: 7b5e-e4a603\r\nx-ms-version: 2019-07-07\r\nx-ms-client-request-id: e7357b5e-e4a603cc52\r\r\nContent-Length: 227\r\nContent-Type: application/json; charset=utf-8\r\n\". See the function execution logs for additional details.",
"createdTime": "2021-01-04T19:02:24Z",
"lastUpdatedTime": "2021-01-04T19:02:27Z"
}
我post这里是'403 forbidden'的主要情况,还有post解决这个问题的相关方法
第一种情况,我们没有给函数app访问权限
Solution:
如果要访问存储blob数据,需要给相关服务'Storage Blob Data Contributor' RBAC角色。
第二种情况,存储已被防火墙保护。
Solution:
1、第一种方式,将web应用的出站IP加入存储白名单。
2、第二种方式,在azure上创建虚拟网络
然后将网络添加到存储的防火墙设置中:
所以我有一个数据工厂,它调用一个读取 blob 存储的 Azure 函数。
我不明白为什么会出现此错误。 “此请求无权执行此操作”。是数据工厂、azure 存储还是 azure 函数的问题?
我还向 Storage Blob Data Contributor 添加了服务主体,但没有成功。
我应该在存储资源管理器中对此特定文件夹添加什么权限?
{
"name": "TPFunction",
"instanceId": "4ef6513ebfc6bb",
"runtimeStatus": "Failed",
"input": {
"environment": "dev",
"DateToProcess": "2013-04-08",
"SourceStorageType": "AdlsGen2",
"SourceAccountName": "storage06",
"SourceBlobContainer": "data",
"SourceFilePath": "file/file/file"
},
"customStatus": null,
"output": "Orchestratorfunction 'TPFunction' failed: Following error occurred during execution: The activity function 'TPFunction' failed: \"Error occurred getting list of files: This request is not authorized to perform this operation using this permission.\nRequestId:7b5e-e4a603\nTime:2013-04-08:02:27.0924606Z\r\nStatus: 403 (This request is not authorized to perform this operation using this permission.)\r\nErrorCode: AuthorizationPermissionMismatch\r\n\r\nHeaders:\r\nServer: Windows-Azure-HDFS/1.0,Microsoft-HTTPAPI/2.0\r\nx-ms-error-code: AuthorizationPermissionMismatch\r\nx-ms-request-id: 7b5e-e4a603\r\nx-ms-version: 2019-07-07\r\nx-ms-client-request-id: e7357b5e-e4a603cc52\r\r\nContent-Length: 227\r\nContent-Type: application/json; charset=utf-8\r\n\". See the function execution logs for additional details.",
"createdTime": "2021-01-04T19:02:24Z",
"lastUpdatedTime": "2021-01-04T19:02:27Z"
}
我post这里是'403 forbidden'的主要情况,还有post解决这个问题的相关方法
第一种情况,我们没有给函数app访问权限
Solution:
如果要访问存储blob数据,需要给相关服务'Storage Blob Data Contributor' RBAC角色。
第二种情况,存储已被防火墙保护。
Solution:
1、第一种方式,将web应用的出站IP加入存储白名单。
2、第二种方式,在azure上创建虚拟网络
然后将网络添加到存储的防火墙设置中: