azureazure-data-factoryazure-storageazure-virtual-network

Copy fileshare data between the subscriptions - here the target subscription is in virtual network


I forgot to mention the key point in this question:

how to copy the fileshare data between the subscriptions of storage accounts - scenario given in description

Here the target subscription storage account is in virtual network with public access disabled. we also have private endpoints created for each storage service like blob, file, queue and table.

Thanks to @RakeshGovindula for the answer given but need your help on this scenario.

I have tried the same solution given by you, but the pipeline got failed as I said the target subscription resources are in virtual network.

So, I'm getting the error like:

ErrorCode=UserErrorInvalidCredential,'Type=Microsoft.DataTransfer.Common.Shared.HybridDeliveryException,
Message=Fail to connect to https://targetstorageacc.file.core.windows.net/targetfs1: 
Error Message: This request is not authorized to perform this operation. 
(ErrorCode: 403, Detail: This request is not authorized to perform this operation.,
1. Please check storage network setting whether public network access is disabled. 
If disabled, use Managed Virtual Network IR and create Private Endpoint to access.
 https://docs.microsoft.com/en-us/azure/data-factory/managed-virtual-network-private-endpoint. 
https://docs.microsoft.com/en-us/azure/data-factory/tutorial-copy-data-portal-
private</value> 2. Make sure the credential provided is
 valid.,Source=Microsoft.DataTransfer.ClientLibrary,''Type=Microsoft.DataTransfer.Common.Shared.HybridDeliveryException,
Message=The file is forbidden to access:

Solution

  • enter image description here

    To resolve above error, you can follow the procedure below:

    1. Create an integration runtime with virtual network configuration as shown below:

    enter image description here

    1. Go to the Azure Data Factory manage tab and create a new private endpoint by clicking the "New" option. Select the # Azure File Storage option and choose your account name from the list. Click on "Create." This action will require approval from the storage account.

    2. In the blob storage account, go to the networking tab and select "Private endpoint connections." You will see a hyperlink that leads you to approve the private endpoint at the storage account level. Click on the hyperlink and approve it, as shown below:

    enter image description here

    1. After approving successfully, connect via created integration runtime with the required details. The linked service will be tested successfully, as shown below:

    enter image description here