Hi,
I have successfully linked to my Synapse workspace different Data Lake Gen2 (Abfss) storage accounts, and Blob storage accounts. I can explore the content, and even during the linking process, I get the connection test successful. All using managed identity and registered as Blob contributor on each storage account.
The Gen2 account all work ok (having them as private), very practical to right-click and load the data in Spark or SQL.
For the Blob storage accounts, only SQL on-demand works. The Spark pool does not work, and I get the error "public access is disabled on storage account".
If this is a linked service, and even using the automatically generated notebooks, why this error? Why the SQL on demand is authorized and not the Spark pool? I even tried passing a SAS token to the Spark session, but I get the same error.
I also do not understand, why when using the Synapse workspace, I need to white list my IP on the Storage account firewall (Vnet is active). I have whitelisted the Synapse IPs for my region, as well as listed the Synapse workspace in the resource instances and marked to allow Azure trusted services.
If anyone has any experience with all the different configurations necessary to access a blob storage from Synapse, please let me know how can I solve my issue and/or modify my configuration to keep all secured but be able to work with my data.