Forum Discussion
Spark notebook can't read storage account
Hello, I have a synapse workspace connected to it's default storage account and I can read data from blobs into a synapse pipeline using a copy task with no issues.
When I go to execute a simple spark command in a notebook such as
path = f'abfss://email address removed for privacy reasons/'
schema_df = spark.read.load(path + 'sample.csv', format = 'csv', header = True)
display(schema_df)I get a 403 error stating forbidden access.
If I change public access to "all networks", I can read the file fine but if I Enabled from selected virtual networks and IP addresses then the 403 error occurs. It is the default SA of the workspace and the workspace has "Storage Blob Data Contributor". There are no vnets or managed endpoints in play.
can anyone advise what else it could be that is causing the 403?
Thanks,
Cosmic
2 Replies
What is running the notebook? It could be that either a user account, or the managed identity (if you're using it) that doesn't have the Storage Blob Data Contributor role.
- If you're running the notebook as yourself, provide that role to the user(s) that need it in Access control (IAM).
- If the managed identity is running the notebook, again make sure it has the role AND also make sure the notebook is running as the managed identity.
Upper Left of Notebook (Config).
Inside the config at the bottom of the tab:
