Connect Azure Data Factory with Private Endpoint to Storage Account with another Private Endpoint in the same VNet
Question
Here is what I have:
- 1 VNet with Subnet1 and Subnet2.
- 1 Storage Account with Private Endpoint in Subnet1
- 1 Azure Data Factory with Private Endpoint in Subnet2
- Public network access disabled for both of them.
I am trying to read and write a blob in the Storage Account using a Data Factory pipeline (Copy Data). With the above setup, the Pipleline times-out, which I believe is because it is unable to resolve the Private IP for Storage Account.
What step(s) am I missing to correctly use the Private Endpoints in my setup above to be able to R/W blob via Data Factory?
Note: If I create Managed Private Endpoint in the Data Factory to connect to the Storage Account, the pipeline works and is able to read/write blobs. Ref: https://docs.microsoft.com/en-us/azure/data-factory/managed-virtual-network-private-endpoint
Are Managed Private Endpoints the only way to connect to the Storage Account? If not, how do I configure the normal Private Endpoints?
1 answers
solution1
-1 2020-11-05 07:16:48
Apart from managed private endpoints option there is another way to access Blob inside a VNET from ADF. You can add Managed Identity ID of Datafactory in Blob Account > Access Control (IAM) and grant the ID "Storage Blob Data Contributor" role.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.