stackoom
  简体   繁体   中英

Access Azure Data Lake Storage Gen2 using the account key

 原文  2023-01-12 11:52:59       azure/ azure-databricks/ azure-data-lake-gen2

Question

I'm trying to retrieve all paths to directories in Azure Data Lake Storage Gen2 using method specified in doc: https://docs.databricks.com/external-data/azure-storage.html , in particular I'm trying to access only using the storgae account key (not via Azure service principals or SAS tokens).

The doc says the we just need to set this conf:

spark.conf.set(
    "fs.azure.account.key.<storage-account>.dfs.core.windows.net",
    dbutils.secrets.get(scope="<scope>", key="<storage-account-access-key>"))

But n.netheless I'm getting 403 permssion error:

ExecutionError: An error occurred while calling z:com.databricks.backend.daemon.dbutils.FSUtils.ls.
: Operation failed: "This request is not authorized to perform this operation using this permission.", 403, GET, https://<storage-account>.dfs.core.windows.net/<my-container>?upn=false&resource=filesystem&maxResults=5000&timeout=90&recursive=false, AuthorizationPermissionMismatch, "This request is not authorized to perform this operation using this permission. RequestId:ef2753bb-501f-00bf-3c6c-26d7f4000000 Time:2023-01-12T09:56:54.1924327Z"
    at shaded.databricks.azurebfs.org.apache.hadoop.fs.azurebfs.services.AbfsRestOperation.execute(AbfsRestOperation.java:248)

how come I'm still getting the error if I only use storage key? I'm a bit confusing becasue using service principal I have to grant the client_id on the storage but in this case what I have to grant? I'm just using the key..

any help is appreciated Thanks

1 answers

solution1
 0  2023-01-12 13:15:51

I tried to reproduce the same in my environment and got the below results

Go to storage account -> IAM -> +Add Storage Blob Contributor.

在此处输入图像描述

Configure storage account in two ways.

with key vault

spark.conf.set( "fs.azure.account.key.<storage_account>.dfs.core.windows.net", dbutils.secrets.get(scope="<scope_name>", key="<Access_key>"))

without key vault

spark.conf.set("fs.azure.account.key.<storage_account>.dfs.core.windows.net","Access_key")

在此处输入图像描述

for more information refer this SO thread.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Azure Data Lake Gen2 vs Storage account Azure Data Lake storage Gen2 permissions How to access captured data from Event Hub in Azure Data Lake Storage Gen2 using Python Grant access to Azure Data Lake Gen2 using a parameterized script What is the difference between Azure's "Data Lake Storage Gen2" and "Data Lake Gen2"? How to check whether the storage account V2 created is having data lake gen2 property or not in Azure? What is hierarchical namespace in Microsoft Azure Data Lake storage (Gen2)? Azure Data Lake Storage Gen2 create directory if not exists in python How do I retrieve all directory paths from Azure Data Lake Storage Gen2 using Python? Unable to access FileSystem of Azure Data Lake Gen2 with Angular using azure-sdk-for-js
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM