I have created linked services for Blob storage to read the data from and Azure SQL Db to write the data in ADF for Production instance with user assigned managed identity authentication to enhance the security by assigning 'Storage Blob Data Contributor', Storage Blob Data Reader' and 'SQL DB Contributor' roles to this particular user managed identity. The test connections were also successful.
Afterwards, when I start testing the pipelines, I have been facing with the below error.
- This request is not authorized to perform this operation.', 403
- 1. For source: In Storage Explorer, grant the MI/SP at least Execute permission for ALL upstream folders and the file system, along with Read permission for the files to copy. Alternatively, in Access control (IAM), grant the MI/SP at least the Storage Blob Data Reader role. 2. For sink: In Storage Explorer, grant the MI/SP at least Execute permission for ALL upstream folders and the file system, along with Write permission for the sink folder. Alternatively, in Access control (IAM), grant the MI/SP at least the Storage Blob Data Contributor role. Also please ensure that the network firewall settings in the storage account are configured correctly as turning on firewall rules for you.
Since I already assigned roles and also checkmarked 'Allow Azure services on the trusted services list to access this storage account' in the storage account firewall, I am not sure why it is throwing this error particulary at the Data flow activity in debug mode. Surprisingly, copy data activity is working fine in the Blob storage itself.
Please suggest on how to resolve this error.