This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(76.8, 77%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
Hello,
I'm facing the below error while I was trying to import data from a CSV file stored in blob storage to SQL Azure Database.
Error: Cannot bulk load because the file "filename.csv" could not be opened. Operating system error code 5(Access is denied.)
My storage account and SQL database are behind the firewall and reside in the same Vnet with private endpoints. I have added the SQL identity to the trusted Resource instances in the storage account and also granted the blob contributor access to the SQL identity still facing the issue.
Code:
CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'password'
CREATE DATABASE SCOPED CREDENTIAL rawblobcred
WITH IDENTITY = 'SHARED ACCESS SIGNATURE',
SECRET = 'SAS Key' //without ?
CREATE EXTERNAL DATA SOURCE rawblobread
WITH (
TYPE = BLOB_STORAGE,
LOCATION = 'https://storage.blob.core.windows.net',
CREDENTIAL = rawblobcred
)
BULK INSERT [dbo].[TotalSale] FROM 'raw/sales.csv'
WITH (DATA_SOURCE = 'rawblobread', FIRSTROW = 2, FIELDTERMINATOR = ',', ROWTERMINATOR = '\n')
Can you please help me with this? Thanks in advance!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 4%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hi
PP007 •,
Welcome to Microsoft Q&A forum.
As I understand, you are facing the below error while I was trying to import data from a CSV file stored in blob storage to SQL Azure Database.
Error: Cannot bulk load because the file "filename.csv" could not be opened. Operating system error code 5(Access is denied.)
Could you please let us know what Azure service is used for import of data?
Thanks
@ShaktiSingh-MSFT We are using Azure SQL database
You verified the Azure SQL Firewall,. Could you please verify you are allowing traffic from that VNET on the Azure Storage Account also?
This troubleshooting guide may be useful too.
Yes we have already added the same Vnet in storage
Hi
PP007 •,
If public network access is disabled in the security (firewall) on the Azure Storage side, you cannot perform a BULK INSERT into Azure SQL Database using data on an Azure Storage blob. If the firewall on the Azure Storage side sets public network access to "Enable from all networks" or "Enable from selected virtual networks and IP addresses", BULK INSERT is possible from SQL Database. However, depending on the public network access settings on the Azure Storage side mentioned above, the advance preparation and setting items required for BULK INSERT differ, and each procedure is explained below. < when the firewall on the Azure Storage side sets public network access to "Enable from all networks"> You can use Shared Access Signatures (SAS) to access Azure Storage and perform BULK INSERTS from SQL Database.
USE THE CREDENTIALS YOU CREATED OR AN EXTERNAL DATA SOURCE TO PERFORM A BULK INSERT. Sample query Create authentication information using SAS tokens CREATE DATABASE SCOPED CREDENTIAL testCredential WITH IDENTITY = 'SHARED ACCESS SIGNATURE', SAS token starting with SECRET = 'sv (leading ? except)'; Use credentials to register an external data source CREATE EXTERNAL DATA SOURCE testSource WITH ( TYPE = BLOB_STORAGE, LOCATION = 'https://<storageacount>.blob.core.windows.net/<container> ', CREDENTIAL = testCredential ); Perform BULK INSERT BULK INSERT tableA FROM 'file_name.csv' WITH (DATA_SOURCE = 'testSource', FORMAT = 'CSV');
In the firewall on the Azure Storage side, if you set public network access to "Enable from selected virtual network and IP address"
Managed Identity allows you to access Azure Storage and perform BULK INSERTS into SQL Database.
1.On the target SQL Database server, have system-assigned managed identity enabled. 2.In the network settings of the Storage Account,check Allow Azure services in the list of trusted services to access this storage account and save. 3.In Storage Account access control, grant "Storage Blob Data Reader Permissions" to the managed identity of the target SQL Database from the role assignment. 4.Connect to SQL Database, add credentials and data sources, and perform BULK INSERTS. Create a master key, create credentials as Managed Identity, and create an external data source, as shown in the following example query.
USE THE CREDENTIALS YOU CREATED OR AN EXTERNAL DATA SOURCE TO PERFORM A BULK INSERT.
Sample query Create a master key (if it already exists, there is no problem with the existing one) CREATE MASTER KEY ENCRYPTION BY PASSWORD = '<password>'; Use Managed Identity to create credentials CREATE DATABASE SCOPED CREDENTIAL msi WITH IDENTITY = 'MANAGED IDENTITY'; Use credentials to register an external data source CREATE EXTERNAL DATA SOURCE storageAccount WITH (TYPE = BLOB_STORAGE, LOCATION = 'https://<storageacount>.blob.core.windows.net/<container> ', CREDENTIAL = msi ) Perform BULK INSERT BULK INSERT tableA FROM 'file_name.csv' WITH (DATA_SOURCE = 'storageAccount', FORMAT = 'CSV');
Hope this helps.
Let us know if further queries.
Thanks