The synapse link is not able to write the data in Azure data lake gen 2 storage account

Abhishek Sajjan 0 Reputation points
2024-05-24T08:27:24.22+00:00

Hi Team,

The synapse link is not able to write the data in Azure data lake gen 2 storage account. I am getting the following error message.

{"code":"AuthorizationFailed","message":"The client 'ASajjan@revolutiondance.com' with object id '07f0f1c6-8e4a-408e-85dd-f5343442f4cf' has an authorization with ABAC condition that is not fulfilled to perform action 'Microsoft.Authorization/roleAssignments/write' over scope '/subscriptions/49c7487b-406c-4c7f-a9f0-8a203fa2ca0b/resourceGroups/D365DataLakeSandboxGroup/providers/Microsoft.Storage/storageAccounts/pocd/providers/Microsoft.Authorization/roleAssignments/7ed62c22-9247-4a2d-b753-61d8b1a67b89' or the scope is invalid. If access was recently granted, please refresh your credentials."}

Session Id: 5f1cb5c0-8496-4311-a6aa-7d373bfb4c08

Target ADLS account has the permissions of Owner and Storage Blob Data Contributor. The namespace is hierarchical and storage key access is enabled.

Can you anyone help on this?

Azure Data Lake Storage
Azure Data Lake Storage
An Azure service that provides an enterprise-wide hyper-scale repository for big data analytic workloads and is integrated with Azure Blob Storage.
1,499 questions
Azure Synapse Analytics
Azure Synapse Analytics
An Azure analytics service that brings together data integration, enterprise data warehousing, and big data analytics. Previously known as Azure SQL Data Warehouse.
5,041 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Vinodh247 25,201 Reputation points MVP
    2024-05-25T13:25:32.4366667+00:00

    Hi Abhishek Sajjan,

    Thanks for reaching out to Microsoft Q&A.

    Please see the link below which has answers to your questions with screenshot guidance. I believe this should be able to help you, try this and let me know.

    https://stackoverflow.com/questions/42134892/the-client-with-object-id-does-not-have-authorization-to-perform-action-microso

    Please 'Upvote'(Thumbs-up) and 'Accept' as an answer if the reply was helpful. This will benefit other community members who face the same issue.

    0 comments No comments

  2. AnnuKumari-MSFT 33,636 Reputation points Microsoft Employee
    2024-05-28T08:32:04.67+00:00

    Hi Abhishek Sajjan ,

    Welcome to Microsoft Q&A platform and thanks for posting your query here

    From the description of your query, it seems you are trying to leverage Synapse link to connect from source to ADLS. However, it seems it's throwing error that the client is not authorized to perform the action.

    Could you please share information like what is the source for synapse link? Azure SQL/SQL/Dataverse?

    Kindly Check if the Azure Entra ID and workspace MSI both have access to the ADLS Gen2 account.

    You can create a custom role with action Microsoft.Authorization/roleAssignments/write and assign it.

    Hope it helps. Please accept the answer by clicking on Accept answer button. Thankyou

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.