If i have storage accounts data tagged to log analytics workspace what can be the kusto query to see who has created the container or deleted or modified

hello Pradeep
So if you are using a llinked self hosted IR for your instance you need to increase the nodes of sharing IR machine right?
And is it possible to have linked self hosted ID and a normal self hosted ir to switch over when one is not available?

Hi Jaffer
You need to go to the Factory 'owning' the SHIR, and grant permissions to the other Factories. Permissions are not migrated during the CI/CD process

My SHIR owning factory is in dev subscription of azure..and according to above comment we need to grant permission to the production datafactory? But these are in 2 subscriptions

Hello @MartinJaffer-MSFT ,
Need more clarification on the point "You need to go to the Factory 'owning' the SHIR, and grant permissions to the other Factories. Permissions are not migrated during the CI/CD process"

Let me try to explain my query in a better way with examples

I have a adf-ingest instance in DEV subscription with Self Hosted IR installed in a VM and configured .I have another instance adf-dev in the same same subscription.
Instead of reducing VM cost we shared the selfHosted IR that is in adf-ingest by granting the permissions to adf-dev

Now in production subscription we have another instance adf-prod and now we have to migrate all the pipelines in dev to prod which lead to error.

The sources in dev are in one vnet and for prod the vnet for source are different.

So could you please help us to understand the below point with example
You need to go to the Factory 'owning' the SHIR, and grant permissions to the other Factories. Permissions are not migrated during the CI/CD process

Thank you

Hi Jaffer,
I have deleted the private endpoint for the storage account and it worked

yeah @ManuPhilip tried with Storage Blob Data Contributor and still the same error

I tried with all the storage roles and nothing got worked.
However i found the issue if the storage account is in a vnet or having private endpoint t was not getting connected. not with the selected networks too. I have changed the networking to all networks only then if was connecting to.

However i dont want the storage to be available for all networks as we have sensitive data so request you all to let us know how to connect to blob storage with PE

So even the person is having the Contributor role on the storage account and service principle having Storage Data Blob Contributor on the storage account but the person is not an Admin in databricks instance but have access to create cluster ,databricks SQL access cant create the database in the storage account.

@PRADEEPCHEEKATLA-MSFT

test.db is a folder and not a container . i already checked the activity log and i can see only the below values on the date when test.db was deleted

List Storage Account Keys
Returns Storage Account SAS token
Update Storage Account Create

Yes Martin
Please find the attached document which tell us the steps we followed and the issue we are facing.
35353-adf-managed-vnet-issue.pdf

After creating Managed virtual network we are getting Limited icon but not full running state why?

Thanks Martin for the explanation

yes got the answer

So for SQL server on VM also we need to run the same command?