问题描述
我只是尝试使用terraform创建一个Azure Synapse分析池。我几乎可以创建所需的所有其他资源,但是在存储帐户中创建FileSystem会引起问题(我需要一个文件系统,因为Synapse池需要一个需要文件系统的工作区)。我收到如下错误:
下面是我的脚本,有人成功完成了吗?:
# Configure the Microsoft Azure Provider.
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = ">= 2.26"
}
}
}
provider "azurerm" {
features {}
}
# Create a resource group
resource "azurerm_resource_group" "rg" {
name = "kjTEST"
location = "eastus"
}
#** Storage account ** will most likely replace with references to existing storage accounts
resource "azurerm_storage_account" "storage" {
name = "kjastoragetest"
resource_group_name = azurerm_resource_group.rg.name
location = azurerm_resource_group.rg.location
account_tier = "Standard"
is_hns_enabled = "true"
account_replication_type = "lrs"
account_kind = "StorageV2"
}
resource "azurerm_storage_container" "container" {
name = "testcontainer"
storage_account_name = azurerm_storage_account.storage.name
container_access_type = "blob"
}
# File system
resource "azurerm_storage_data_lake_gen2_filesystem" "filesystem" {
name = "filesystem"
storage_account_id = azurerm_storage_account.storage.id
}
# Synapse
resource "azurerm_synapse_workspace" "workspace" {
name = "example"
resource_group_name = azurerm_resource_group.rg.name
location = azurerm_resource_group.rg.location
storage_data_lake_gen2_filesystem_id = azurerm_storage_data_lake_gen2_filesystem.filesystem.id
sql_administrator_login = "usnername89"
sql_administrator_login_password = "########"
}
#
resource "azurerm_synapse_sql_pool" "synapsepool" {
name = "kjatestsqlpool"
synapse_workspace_id = azurerm_synapse_workspace.workspace.id
sku_name = "DW100c"
create_mode = "Default"
}
解决方法
要在Azure Synapse工作区中成功启动Spark池,Azure Synapse托管身份需要此存储帐户上的Storage Blob Data Contributor角色。
参考: Grant the managed identity permissions to ADLS Gen2 storage account