0

I am working on this Tutorial from Microsoft Azure team to implement Access provisioning by data owner to Azure Storage datasets. As shown in the image below, the Data Owner Policy is supposed to allow Grady Archie a Read permission on Azure Data Lake Gen2 storage account called acct4dlsgen2. But for some reasons, when Grady Archie logs into Azure portal in the same network, he is unable to access acct4dlsgen2 storage.

Question: What I may be doing wrong, and how can we fix the issue?

Remarks:

  1. I have satisfied all the prerequisites of the same article mentioned above.
  2. Have also given Grady Archie the Read permissions on the Purview Collection where this storage account is registered in Purview.
  3. When I give Grady Archie a Read permission directly by going through that storage account via Azure portal, Grady Archie can access that storage after he logs-in. But this defeats the purpose of implementing Data Access using Purview as described here by Microsoft team.

enter image description here

nam
  • 21,967
  • 37
  • 158
  • 332

1 Answers1

0

One of the pre-requisites you have done is to configure the subscription for Purview policies using a PowerShell script

But this configuration is only applied to newly created storage accounts. And maybe your storage account was already existing when you configured the subscription for purview policies

if you create a new storage account inside your subscription, I believe your purview policies will work on this account.

Fdagosti
  • 1
  • 1