stackoom
  简体   繁体   中英

Azure Storage Explorer failing with Access Control Lists

 原文  2021-08-08 11:49:22       azure/ acl/ azure-data-lake-gen2/ azure-storage-explorer

Question

I've set up my Azure data lake gen2 with Access Control List (ACL) access via AAD groups only (no RBAC). The container folder has been granted execute and read permission, as has the relevant sub folder and files.

I can confirm access to the ACL controlled files, via Power BI, however Azure Storage Explorer appears not to recognise the ACL permission. Is the lack of support for ACL a know limitation for Azure Storage Explorer, or is there a way to make Azure Storage Explorer recognise allocated ACL's?

Steps taken;

-created storage account as an Azure administrator, defaulted all options, except for adding hierarchical name support

-created container raw

-against container, selected Manage ACL, and added permissions for me, both Access and Default 在此处输入图像描述

-Saved ACL settings

-Uploaded a file to the folder

-Opened Azure Storage Explorer

-I can see the new file under the admin account, but not under my account

在此处输入图像描述

I expected to be able to see the storage account in the yellow section. I am using version 1.20 of storage explorer

If I click on the containers Manage ACL under the user I created the storage account as, I can see permissions added as expected, I just cannot see the container under my account in Storage Explorer

在此处输入图像描述

1 answers

solution1
 1  2021-10-07 11:45:15

just been struggling with similar. Not sure if your situation is the same as mine but here is what I have found.

If a user has no RBAC over the storage account then they aren't able to list the containers so you wouldn't expect the account or containers to appear under there user account in Storage Explorer.

That doesn't mean you can't manually add the container though.

Goto Local&Attached>StorageAccounts . Right Click and choose Connect to Azure Storage .

在此处输入图像描述

Then select ADLS Gen2 Container or Directory

在此处输入图像描述

and then choose Azure AD as the auth method, select the relevant account if prompted, and then finally enter the full path of your container.

ie https:// adls storage account name .dfs.core.windows.net/ container name

在此处输入图像描述

And you should be good to go. Good luck!

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Why does azure storage explorer keep crashing? Azure Blob Storage file access How to open Storage Container in Azure Storage Explorer w/ only Storage Blob Data Contributor Role? Uploading folders on Azure Datalake storage failed using Azure Storage Explorer and python SDK both Need to move files from VM and put into storage explorer - Azure Azure Storage Explorer - Save results of query into a variable to be used in another query Azure Data Storage Access from Databrikcs Access Azure Table Storage in SQL Server Access azure key vault from azure blob storage (static website) Unable to access a Pulumi Created Azure Storage Table - Access Forbidden (403)
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM