无法使用 SQL 管理员凭据在 Azure Synapse 中查询无服务器池视图

Unable to Query Serverless Pool View in Azure Synapse using SQL Admin Credentials

我在 Azure Synapse 中设置了无服务器 SQL 池,它正在查询我设置的链接 Azure Data Lake 的视图。

CREATE VIEW DeviceTelemetryView
AS SELECT corporationid, deviceid, version, Convert(datetime, dateTimestamp, 126) AS dateTimeStamp, deviceData FROM
   OPENROWSET(
       BULK 'https://test123.dfs.core.windows.net/devicetelemetry/*/*/*/*/*/',
       FORMAT = 'PARQUET'
    ) AS [result]
GO

将我的 Azure AD 凭据与 synapse studio 或 SSMS 结合使用,我可以毫无问题地查询此视图。当我尝试使用我的 SQL 管理员帐户进行查询时,出现以下错误:

Cannot find the CREDENTIAL 'https://test123.dfs.core.windows.net/devicetelemetry/////*/', because it does not exist or you do not have permission.

重要的是我能够使用 SQL Admin Creds 进行查询,因为我们想通过我们的应用程序查询此视图以获得各种报告,因此不想使用 AAD creds。

我试过这里提供的SO解决方案:GRANT Database Scoped Credential syntax gives mismatched input error

GRANT REFERENCES ON DATABASE SCOPED CREDENTIAL::[WorkspaceSystemIdentity] TO [sqlAdmin];

因为这似乎是在将我的 DataLake 链接到 Synapse 时创建的默认凭据,但是当 运行 针对我的视图所在的数据库时,这给了我以下错误:

Cannot find the database scoped credential 'WorkspaceSystemIdentity', because it does not exist or you do not have permission.

您需要 create server-scoped credential 才能允许访问存储文件。

Server-scoped credential

These are used when SQL login calls OPENROWSET function without DATA_SOURCE to read files on some storage account. The name of server-scoped credential must match the base URL of Azure storage (optionally followed by a container name). However, SQL users can't use Azure AD authentication to access storage and serverless SQL pool doesn't return subfolders unless you specify /** at the end of path.