Azure SQL外部数据源对虚拟网络上私有BLOB的访问被拒绝
我已经为下面所示的外部数据源的大容量插入设置了一些SQL。外部数据源是一个私有blob,因此我使用(自由的)SAS机密Azure SQL外部数据源对虚拟网络上私有BLOB的访问被拒绝,azure,Azure,我已经为下面所示的外部数据源的大容量插入设置了一些SQL。外部数据源是一个私有blob,因此我使用(自由的)SAS机密 CREATE DATABASE SCOPED CREDENTIAL mycred WITH IDENTITY = 'SHARED ACCESS SIGNATURE', SECRET = 'sv=2019-10-10&ss=bfqt&srt=sco&sp=rwdlacup&se=2025-04-30T01:41:12Z&st=2020-04
CREATE DATABASE SCOPED CREDENTIAL mycred WITH IDENTITY = 'SHARED ACCESS SIGNATURE', SECRET = 'sv=2019-10-10&ss=bfqt&srt=sco&sp=rwdlacup&se=2025-04-30T01:41:12Z&st=2020-04-29T17:41:12Z&spr=https,http&sig=[REDACTED]';
CREATE EXTERNAL DATA SOURCE sqlinput WITH (
TYPE = BLOB_STORAGE,
LOCATION = 'https://test.blob.core.windows.net/mycontainer',
CREDENTIAL = mycred,
);
BULK INSERT dbo.target
FROM 'data.csv'
WITH (DATA_SOURCE = 'sqlinput', FORMAT = 'CSV');
这很有效!然而,当我想将BLOB防火墙从所有网络更改为选定网络时,我的噩梦就开始了。遵循此SQL将产生以下错误:
Cannot bulk load because the file "data.csv" could not be opened. Operating system error code 5(Access is denied.).
我当时的做法是:
Cannot bulk load because the file "data.csv" could not be opened. Operating system error code 12175(failed to retrieve text for this error. Reason: 317).
在VM上,我尝试使用Storage Explorer,并更新连接字符串以包含privatelink,但在尝试浏览BLOB容器时,它最终进入了递归循环。我怀疑这并不是一个进步和死胡同,因为虚拟网络应该可以很好地解决所有问题
注意:所有资源都在同一订阅/资源组/区域中