Data Factory无法与受VNet/Subnet限制的Key Vault一起使用 [英] Data Factory not working with Key Vault with VNet/Subnet restrictions

问题描述

Hi everyone.
I don't know if this is the place to ask this question but hope to have your understanding.

I setup Azure Key Vault and Azure Data Factory and I can test connection to the KV linked service in ADF successfully.
I have added the ADF principal in AKV policies to be able to GET secrets.
My AKV is restricted in terms of networking to two VNETs/Subnets and I have allow trusted Microsoft services to bypass this firewall on.

The problem is that everytime I try to get a secret I get an exception saying:

"The error message is: Client address (xxx.xxx.xxx.xxx) is not authorized and caller is not a trusted service"

Why is this happening? Should not ADF be a trusted service? How to configure this in terms of Firewall/VNet?

Thank you

推荐答案

您是否尝试过设置自托管的IR，并将自托管的IP地址列入白名单IR机器，然后使用自托管的IR连接您的数据存储吗?

Have you tried setting up a selfhosted IR and whitelist the IP address of your selfhosted IR machine and then use the selfhosted IR to connect your data store?

这篇关于Data Factory无法与受VNet/Subnet限制的Key Vault一起使用的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！