Why can some users see in a Synapse Workspace see a Linked Azure Data Lake Gen 2 resource and others can't?
Question
Recently, I created a second Linked Azure Data Lake Storage Gen2 within the Synapse Workspace using the Workspace's Managed Identity and adding it (together with the people that need to analyze it) as a Storage Blob Data Reader.
I do not have access to the actual resource, but I am able to see the new Linked Azure Data Lake Storage Gen2 resource in the Workspace after linking it. However 2 users that also have Synapse Administrator rights within the Workspace (and have read rights on the actual resource) cannot even see the newly Linked Data Lake in the Workspace. They both have Reader rights on the Workspace resource itself. I have Contributor rights on the Workspace and can see the Linked Data Lake even after removing myself from the firewall whitelist.
Any ideas what could cause this behavior?
1 answers
solution1
0 2021-07-27 10:12:23
Grant Synapse administrators or users the Azure Contributor role on the workspace.
If the workspace creator isn't the owner of the ADLS Gen2 storage account, then Azure Synapse doesn't assign the Storage Blob Data Contributor role to the managed identity.
Verify that the Storage Blob Data Contributor role is assigned to the managed identity
Below Role assignments on the Workspace's storage account using IAM (in your case the for the second linked DLS)
Refer: Grant Synapse administrators the Azure Contributor role on the workspace
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.