Hello @Anonymous ,
Thanks for the question and using MS Q&A platform.
Yes, it is possible to download a file marked as Read only from Azure Data Lake Gen2.
To access blob data with the account access key, you must have an Azure role assigned to you that includes the Azure RBAC action Microsoft.Storage/storageAccounts/listkeys/action. This Azure role may be a built-in or a custom role. Built-in roles that support Microsoft.Storage/storageAccounts/listkeys/action include the following, in order from least to greatest permissions:
- The Reader and Data Access role
- The Storage Account Contributor role
- The Azure Resource Manager Contributor role
- The Azure Resource Manager Owner role
As per the repro - I had provide the user with
Reader and Data Access role
permission on the ADLS gen2 account.
And I'm able to successfully download the file from Azure Data Lake Gen2 account.
For more details, refer to Choose how to authorize access to blob data in the Azure portal
Hope this will help. Please let us know if any further queries.
------------------------------
- Please don't forget to click on or upvote button whenever the information provided helps you. Original posters help the community find answers faster by identifying the correct answer. Here is how
- Want a reminder to come back and check responses? Here is how to subscribe to a notification
- If you are interested in joining the VM program and help shape the future of Q&A: Here is jhow you can be part of Q&A Volunteer Moderators