将带有私有终结点的 Azure 数据工厂连接到具有同一 VNet 中的另一个私有终结点的存储帐户
[英]Connect Azure Data Factory with Private Endpoint to Storage Account with another Private Endpoint in the same VNet
问题描述
Here is what I have:
这是我所拥有的:
- 1 VNet with Subnet1 and Subnet2. 1 个带有子网 1 和子网 2 的 VNet。
- 1 Storage Account with Private Endpoint in Subnet1子网 1 中具有私有端点的 1 个存储帐户
- 1 Azure Data Factory with Private Endpoint in Subnet2 1 在 Subnet2 中带有私有终结点的 Azure 数据工厂
- Public network access disabled for both of them.他们俩都禁用了公共网络访问。
I am trying to read and write a blob in the Storage Account using a Data Factory pipeline (Copy Data).我正在尝试使用数据工厂管道(复制数据)在存储帐户中读取和写入 blob。 With the above setup, the Pipleline times-out, which I believe is because it is unable to resolve the Private IP for Storage Account.通过上述设置,Pipleline 超时,我认为这是因为它无法解析存储帐户的私有 IP。
What step(s) am I missing to correctly use the Private Endpoints in my setup above to be able to R/W blob via Data Factory?我错过了哪些步骤才能正确使用上面设置中的私有端点以便能够通过数据工厂 R/W blob?
Note: If I create Managed Private Endpoint in the Data Factory to connect to the Storage Account, the pipeline works and is able to read/write blobs.注意:如果我在数据工厂中创建托管私有端点以连接到存储帐户,管道将工作并且能够读/写 blob。 Ref: https://docs.microsoft.com/en-us/azure/data-factory/managed-virtual-network-private-endpoint参考: https : //docs.microsoft.com/en-us/azure/data-factory/managed-virtual-network-private-endpoint
Are Managed Private Endpoints the only way to connect to the Storage Account?托管专用端点是连接到存储帐户的唯一方法吗? If not, how do I configure the normal Private Endpoints?如果没有,我该如何配置普通的私有端点?
1 个解决方案
解决方案1
-1 2020-11-05 07:16:48
Apart from managed private endpoints option there is another way to access Blob inside a VNET from ADF.除了托管私有端点选项之外,还有另一种方法可以从 ADF 访问 VNET 内的 Blob。 You can add Managed Identity ID of Datafactory in Blob Account > Access Control (IAM) and grant the ID "Storage Blob Data Contributor" role.您可以在 Blob 帐户 > 访问控制 (IAM) 中添加 Datafactory 的托管标识 ID,并授予 ID“存储 Blob 数据贡献者”角色。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.