Below is my scenario for which I have created a power shell task in Azure DevOps pipeline
Scenario= I am trying to query the files from ADLS blob storage in azure synapse workspace. To do this I need to grant "Storage Blob Data Reader" Role to my ADLS blob storage to run/query the data(csv/parquet) files in synapse Workspace. I have run the below script in power shell task in azure Devops pipeline and getting below error.
New-AzRoleAssignment -ObjectID "xxxxxxxxxxxxxxxx" -RoleDefinitionName "Storage Blob DataReader"
I have passed Object ID (tried both App ID, Object ID of the service principal ),Subscription id, resource group name and storage account.
operation returned an invalid status code 'Forbidden' . Power shell exited with code '1'
I am not really sure what I am missing here. Please share your valuable suggestions.