I have few APIM proxies which inserts incoming payloads into different ADLS Gen2 folders.
i.e. /api/v1/customer will store payload into "mycontainer/customers" folder at ADLS Gen2
/api/v1/product will store payload into "mycontainer/products" folder at ADLS Gen2
APIM using MSI to access storage account using contributor role.
Can I fine grain security using ACL and give access at folder level to specific APIM proxy? (i.e. using above scenario /api/v1/customer must only post data into "mycontainer/customers" folder, and should throw error if try to post payload into wrong folder such as "mycontainer/products").