Share via

Error while mounting ADLS Gen 2 using databricks

Keerthana J 71 Reputation points
2023-03-27T07:12:54.1066667+00:00

I am trying to mount an ADLS Gen 2 from databricks using secret key. I have used the below code. I'm getting the error like "Unsupported Azure Scheme: abfss"

configs = {"fs.adl.oauth2.access.token.provider.type": "ClientCredential",
           "fs.adl.oauth2.client.id": "clientid",
           "fs.adl.oauth2.credential": dbutils.secrets.get(scope="key",key="secret"),
           "fs.adl.oauth2.refresh.url": "https://login.microsoftonline.com/directoryid/oauth2/token"}

dbutils.fs.mount(
  source = "abfss://******@demogen2mig.dfs.core.windows.net/sample",
  mount_point = "/mnt/demogen2mig/sample/",
  extra_configs = configs)
Azure Data Lake Storage
Azure Data Lake Storage
An Azure service that provides an enterprise-wide hyper-scale repository for big data analytic workloads and is integrated with Azure Blob Storage.
1,559 questions
Azure Databricks
Azure Databricks
An Apache Spark-based analytics platform optimized for Azure.
2,514 questions
Accepted answer
  1. PRADEEPCHEEKATLA 90,641 Reputation points Moderator
    2023-03-27T10:17:07.0733333+00:00


    KEERTHANA JAYADEVAN     - Thanks for the question and using MS Q&A platform.

    Could you please share the stack trace of the error message and the Azure Databricks runtime which you are using?

    As per the repro, I'm able to successfully able to run the above command and able to access the files:

    User's image

    For more details, refer to Access Azure Data Lake Storage Gen2 or Blob Storage using OAuth 2.0 with an Azure service principal.

    Hope this helps. Do let us know if you any further queries.

    If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Keerthana J 71 Reputation points
    2023-09-15T12:21:11.77+00:00

    I was again trying out mounting, but this time I am constantly getting the below error:

    com.databricks.common.client.DatabricksServiceHttpClientException: PERMISSION_DENIED: Invalid permissions on the specified KeyVault https://kvmigrn.vault.azure.net/. Wrapped Message: Status code 403, {"error":{"code":"Forbidden","message":"Caller is not authorized to perform action on resource.\r\nIf role assignments, deny assignments or role definitions were changed recently, please observe propagation time.\r\nCaller: name=AzureDatabricks;appid=eudu6348455;oid=abcd;iss=https://sts.windows.net/3456ghjbd/\r\nAction: 'Microsoft.KeyVault/vaults/secrets/getSecret/action'\r\nResource: '/subscriptions/xxxxxx/resourcegroups/rsggen2demo/providers/microsoft.keyvault/vaults/kvmigrn/secrets/clientid'\r\nAssignment: (not found)\r\nDecisionReason: 'DeniedWithNoValidRBAC' \r\nVault: kvmigrn;location=eastus2\r\n","innererror":{"code":"ForbiddenByRbac"}}}

    What role is missing here? I followed exactly the MS documentation.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.