This is now resolved. I used the name of the Data factory as the service principal and it then worked so this is now sorted
Data Factory using Key vault for linked Services Information
Im using the following information
https://learn.microsoft.com/en-us/azure/data-factory/store-credentials-in-key-vault
I go through. get the Managed Identity Object ID from data Factory
In Key vault I do an Access Policy with GET. and I used the Management Option ID to set Select Principal and Authorised Application
I then create a secret. the Key to my Azure Data Lake Gen 2 Storage Account
Then In Data Factory I go to Linked Services and Add the Key vault as A linked Service.
I then go to the Data Lake Gen 2 Linked Service and change it to use Key vault. However its failing
Caller was not found on any access policy in this key vault, secretName: AzureDataLakeStorageGen2LSaccountKey, secretVersion: , vaultBaseUrl: https://dev-uks-Project-kv.vault.azure.net/. The error message is: The user, group or application 'name=Microsoft.DataFactory/factories;appid= ID NO' does not have secrets get permission on key vault 'dev-uks-Project-kv;location=uksouth'
So clearly the part where I set up the Access Policy in Key vault isnt working but I dont know why because Im sure I did what it said in the documentation
Any help would be great because Im very blicked with this at the moment
2 answers
Sort by: Most helpful
-
-
Raphael Ramos Da Silva 1 Reputation point
2021-10-15T19:50:38.72+00:00 I faced the same issue and solved granting my ADF instance access to my key vault secrets.
However, the secret I'm storing is an authentication header value:
Basic <base64 hash>
Although the connection was verified, my pipeline is now failing to execute and I'm sure it's related to the key vault secret.
I'm assuming that the retrieved value for this secret is a JSON object with more properties other than the value one.
Any workarounds on this? Many thanks!