none
ADLS not authorized to perform the requested operation

    Question

  • Hi,

    I have created one Azure DataFactory, where I am trying to copy from BLOB storage to AAzure Data Lake. I have given access on data lake root folder, but then also I am getting below error,

    {"RemoteException":{"exception":"AccessControlException","message":"OPEN failed with error 0x83090aa2 (Forbidden. ACL verification failed. Either the resource does not exist or the user is not authorized to perform the requested operation.). [e1a2d8cc-ae8d-4416-baec-e98083c57c57] failed with error 0x83090aa2 (Forbidden. ACL verification failed. Either the resource does not exist or the user is not authorized to perform the requested operation.). [e1a2d8cc-ae8d-4416-baec-e98083c57c57][2019-03-01T05:28:05.9416657-08:00]","javaClassName":"org.apache.hadoop.security.AccessControlException"}}

    Could you please let me know what I need to do to resolve this issue.

    Thanks,

    Vipin Jha


    Thankx & regards, Vipin jha MCP

    Friday, March 1, 2019 2:41 PM

Answers

  • Vipin , I know its late , wanted to add this here as it may help someone in future .

    Assuming that the you are trying to access something like https://foo.azuredatalakestore.net/webhdfs/v1/mytempdir/myinputfile.txt and the intend is to read the file . There are three level of access which needs to be set ( you do this from the portal)  .  

    /(root) -> RWX

    /mytempdir -> RWX 

    myinputfile.txt -> R 

    HTH 

    Himanshu 


    Thanks Himanshu

    • Marked as answer by Vipin jha Thursday, April 11, 2019 8:31 AM
    Thursday, April 11, 2019 5:29 AM
    Moderator

All replies

  • Hi Vipin,

    Are you using a self-hosted Integration Runtime (IR) ? If yes, then you need to allow the IP of your selfhosted IR machine access your ADLS because the copy will happen on your selfhosted IR.

    Also, please make sure, you have the right access granted on Data Lake Store (access control doc). As for Data Factory, it has to have access to the ADLS with right permissions. Please make sure that you have that in place too.

    Hope this helps.


    MSDN

    Monday, March 4, 2019 12:12 PM
    Moderator
  • Vipin , I know its late , wanted to add this here as it may help someone in future .

    Assuming that the you are trying to access something like https://foo.azuredatalakestore.net/webhdfs/v1/mytempdir/myinputfile.txt and the intend is to read the file . There are three level of access which needs to be set ( you do this from the portal)  .  

    /(root) -> RWX

    /mytempdir -> RWX 

    myinputfile.txt -> R 

    HTH 

    Himanshu 


    Thanks Himanshu

    • Marked as answer by Vipin jha Thursday, April 11, 2019 8:31 AM
    Thursday, April 11, 2019 5:29 AM
    Moderator
  • Thanks, Himanshu for your post, it really helped me to understand the access level of ADLS

    Thankx & regards, Vipin jha MCP

    Thursday, April 11, 2019 8:31 AM