You can create a managed private endpoint for this file share and access this resource from ADF
ADF Linked Service for Azure File Share can't access Storage Account that does not allow all networks
I'm setting up ADF Azure-SSIS runtime which runs SSIS package on Azure SQL Managed Instance. I'm trying to store SSIS package files on Azure File Share. I would not want to allow access to my Storage Account from all networks.
I came across this post that Managed Identity is a supported authentication method for Blob and Data Lake gen2. Many users are commenting since 2019 that it still lacks support of Azure File Share.
When I set my storage account to allow connection from selected networks + allow trusted Azure services, the "Test Connection" feature will fail when creating ADF Linked Service for Azure File Storage saying "This request is not authorized to perform this operation (ErrorCode 403)". If I set my Storage Account to allow from all networks, the test will succeed.
Is there a plan to support managed identity for Azure File Share? Since running SSIS package is obviously one of the most-used features on ADF and storing SSIS package files on Azure File Share is very common, it is weird that managed identity is not supported here. Does this mean customers are forced to set their Storage Accounts to allow access from all networks? Is there any workaround that I don't have to allow connection to Storage Account from all networks?
Thanks.
1 answer
Sort by: Most helpful
-
Raunak Jhawar 1 Reputation point Microsoft Employee
2021-09-30T13:00:08.407+00:00