ArtifactDeletionTask status: 403; status message: Forbidden

Ajay Rana 0 Reputation points
2024-06-05T23:19:10.4066667+00:00

Hi,

We have a synapse pipeline that is used to copy data to cosmos DB and using the Synapse workspace deployment

task in Azure DevOps to migrate from Dev to QA. While migrating we are getting error as below:

2024-05-05T21:30:06.5454516Z Getting Artifacts which should be deleted from workspace.

2024-05-05T21:30:06.7659956Z Artifact not found in template. deleting XXXXX of type Microsoft.Synapse/workspaces/managedVirtualNetworks/managedPrivateEndpoints

2024-05-05T21:30:06.7675550Z Deleting XXXXX of type managedPrivateEndpoints

2024-05-05T21:30:07.0132885Z For Artifact: XXXXXXX: ArtifactDeletionTask status: 403; status message: Forbidden

Synapse and Cosmos db are in different subscriptions and we have setup managed end points in both environments.

what could be the issue as those artifacts are required and should not be deleted.

Azure Synapse Analytics
Azure Synapse Analytics
An Azure analytics service that brings together data integration, enterprise data warehousing, and big data analytics. Previously known as Azure SQL Data Warehouse.
4,553 questions
Azure Cosmos DB
Azure Cosmos DB
An Azure NoSQL database service for app development.
1,496 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Smaran Thoomu 11,370 Reputation points Microsoft Vendor
    2024-06-06T07:58:10.53+00:00

    Hi @Ajay Rana

    Thanks for the question and using MS Q&A platform.

    Based on the error message you provided, it seems like the Azure DevOps deployment task is trying to delete an artifact (managed private endpoint) that is required for the Synapse pipeline to copy data to Cosmos DB. This is causing a 403 Forbidden error.

    To resolve this issue, you can try the following steps:

    1. Check the permissions for the Azure DevOps service principal or user account that is being used to deploy the Synapse workspace. Make sure that it has the necessary permissions to manage the managed private endpoints in both subscriptions.
    2. Check the managed private endpoints in both subscriptions to make sure that they are configured correctly and have the necessary permissions to access the resources they need. Make sure that the private endpoints are configured to allow traffic between the Synapse workspace and Cosmos DB.
    3. If none of the above steps resolve the issue, you can try deploying the Synapse workspace and Cosmos DB in the same subscription. This can simplify the configuration and management of the managed private endpoints and reduce the risk of errors during deployment.
    4. Check if the user has set up the managed endpoints correctly. Ensure that the user has set up the managed endpoints correctly in both the Dev and QA environments.

    I hope this helps! Let me know if you have any further questions.

    0 comments No comments