I have a Data Factory (live mode) with a KeyVault linked service (Test connection: successful):
KeyVault linked service
When I try to use this linked service in a new linked service to connect to a SQL Server, it fails to load the secrets in the keyvault:
SQL server linked service
I just get the following error description:
Error code: DEDICATED_DPERRORCODE0
Activity ID: (bunch of characters)
Details: Operation returned an invalid status code ‘NotFound’
The ADF Service Principal was already added to the access policy of the Key Vault resource. My KeyVault access configuration is set to use Access policy.
The adf and the keyvault are in different resource groups but in the same region.
ADF name: adf-qa -> resource group: rg-qa
KeyVault name: kv-common -> resource group: rg-common
What I have tried:
RBAC: I added adf-qa Managed Identity with contributor role to kv-common just to discard this could be the reason. Still cannot load the secret names from the kv-common.
I have another Data Factory (configured with a git repository): adf-dev -> resource group: rg-dev. Creating the same KeyVault linked service pointing to kv-common, and then creating a linked service to connect to a SQL Server, I was ABLE TO LOAD the secret names and choose the correct one, and NO ERRORS.
adf-dev Service Principal was also previously added to the access policy of kv-common, no need to grant access through RBAC.
The only difference between adf-dev and adf-qa is that the first is configured with a git repo, the second is in Live Mode. The rest is exactly the same as of general configurations of this data factories.
2
Answers
SOLVED: In the end, everything was because of a typo... an extra space at the end of my keyvault url.
After solving that, it worked just fine either with Access policy permission model or RBAC.
I have also tried the same and faced similar error to resolve this error I gave
Key Vault Secrets User
role to managed Identity of my ADF in key vault.Now I am able to access secrets from my key vault: