1

Adding Customer managed key to brand new Data factory failing with below error message. Same error when i tried from Azure Portal or REST API (PUT https://management.azure.com/subscriptions/#####/resourceGroups/####/providers/Microsoft.DataFactory/factories/ )

I just created Data factory and it is empty. Following below link https://learn.microsoft.com/en-us/azure/data-factory/enable-customer-managed-key

{
  "error": {
    "code": "AddCMKToExistingFactoriesWithEntities",
    "message": "Update factory failed. You cannot add CMK settings for factories with existing entities",
    "target": null,
    "details": null
  }
}
Improve this question

3 Answers 3

Reset to default
0

Can I suggest you to please try and create a new test ADF and select the Enable encryption using CMK ? It should work that way .

enter image description here

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I tried this option. When it is enabled it expects to provide user managed identity for keys in Keyvault. And when i provide user managed identity which has access to keyvault, it does not create identity for ADF itself (System assigned identity) which causes problem for me as i need System assigned identity for ADF
0

Microsoft resolved this issue last week. Able to add CMK keys to new data factories with no entities.

Improve this answer

3 Comments

Can I know what was the fix ?
Wer u able to add CMK with system assigned identity ?
Yes i was able to add CMK in data factory portal -> "manage" section
0

I also encounter this issue, and nobody gives me a satisfactory answer in the community.

After a while, I found I shouldn't believe Azure UI in some situations. Especially for some unimportant features.

  1. Create ADF by Azure CLI (THIS IS IMPORTANT!!!)
az datafactory create --location "Japan East" \
--name "ADF-CMK" \
--resource-group "<YOUR GROUP>"
  1. Copy the identity object ID of ADF

enter image description here

  1. Create an access policy

enter image description here

enter image description here

  1. input your CMK URL to your ADF

enter image description here

See also: https://learn.microsoft.com/en-us/azure/data-factory/data-factory-service-identity#retrieve-managed-identity

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.