skip to Main Content

I have a Data Factory (live mode) with a KeyVault linked service (Test connection: successful):
KeyVault linked service

When I try to use this linked service in a new linked service to connect to a SQL Server, it fails to load the secrets in the keyvault:
SQL server linked service

I just get the following error description:

Error code: DEDICATED_DPERRORCODE0
Activity ID: (bunch of characters)
Details: Operation returned an invalid status code ‘NotFound’

The ADF Service Principal was already added to the access policy of the Key Vault resource. My KeyVault access configuration is set to use Access policy.

The adf and the keyvault are in different resource groups but in the same region.

ADF name: adf-qa -> resource group: rg-qa
KeyVault name: kv-common -> resource group: rg-common

What I have tried:

RBAC: I added adf-qa Managed Identity with contributor role to kv-common just to discard this could be the reason. Still cannot load the secret names from the kv-common.

I have another Data Factory (configured with a git repository): adf-dev -> resource group: rg-dev. Creating the same KeyVault linked service pointing to kv-common, and then creating a linked service to connect to a SQL Server, I was ABLE TO LOAD the secret names and choose the correct one, and NO ERRORS.

adf-dev Service Principal was also previously added to the access policy of kv-common, no need to grant access through RBAC.

The only difference between adf-dev and adf-qa is that the first is configured with a git repo, the second is in Live Mode. The rest is exactly the same as of general configurations of this data factories.

2

Answers


  1. Chosen as BEST ANSWER

    SOLVED: In the end, everything was because of a typo... an extra space at the end of my keyvault url.

    After solving that, it worked just fine either with Access policy permission model or RBAC.


  2. I have also tried the same and faced similar error to resolve this error I gave Key Vault Secrets User role to managed Identity of my ADF in key vault.

    Go to your key vault >> Access control (IAM) >> Add >> Add role Assignment >> select Key Vault Secrets User this role >> next >> Assign to manage Identity select member as your ADF >> review and assign.

    enter image description here

    Now I am able to access secrets from my key vault:

    enter image description here

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search