I have an Azure AI Search Service created in Subscription2, it has private endpoint(Vnet2-Subnet2) and dns entry added for this private endpoint ip in private dns zone. From this private dns zone, virtual network link added to VNet1 in Subscription1.
In Subscription1, there is a VM in VNet1-Subnet1 which has python application running to connect to Azure AI Search Service using API Key.
Along with the private dns zone- virtual network private link, NSG group rules are added at the subnet(subnet2) level for accepting the inbound connections, vnet peering is setup between vnet1 <=> vnet2 along with the routing rules.
dns resolution and connectivity has been established with the above setup, even though i'm calling- azure ai search service endpoint with api key, it is returning error message "Failed to get Azure RBAC authorization decision. Please wait and retry your request later.".
To fix this I tried following, but it still resulted the same error:
- recycled the keys.
- Tried with "API Access control" option setting to "API keys" alone & also "Both" option including "Role-based access control" along with "API keys" option
- I tried adding the managed identity to VM and providing contributor access for this identity on azure ai search service.
curl -k -X POST "https://.privatelink.search.windows.net/indexes/products?api-version=2020-06-30" -H "Content-Type: application/json" -H "api-key: " -d @index.json
Warning: Couldn't read data from file "index.json", this makes an empty POST. {"error":{"code":"","message":"Failed to get Azure RBAC authorization decision. Please wait and retry your request later."}}
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 9%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 59%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)