使用 AtlasClient 在权限中创建图集实体时遇到授权问题

问题描述 投票:0回答:1

我正在尝试运行下面的代码并得到 AtlasException:

{"requestId":"36fb4fc3-bc6b-4583-b6a1-faac6a5723b4","errorCode":"ATLAS-403-00-001","errorMessage":"5133fd99-b486-4723-ac91-c8acc375a4ed 无权执行创建实体:类型=测试文件”}

注意:我只能访问 Purview 中的特定集合。我无法在根集合中创建实体。

from azure.identity import ClientSecretCredential
from pyapacheatlas.auth import ServicePrincipalAuthentication
from pyapacheatlas.core import AtlasClient, collections
from pyapacheatlas.core import AtlasEntity, RelationshipTypeDef
import requests
import os
import json
import pandas as pd
import pydicom

# Azure AD credentials
tenant_id = "xxxxxxxxxxxxxxxxxxxx"
client_id = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
client_secret = "xxxxxxxxxxxxxxxxxxxxxxxxxxx"

# Purview account details
purview_account_name = "account-name"
collection_name = "abcde"

# Authenticate using AAD
credential = ClientSecretCredential(tenant_id, client_id, client_secret)
auth = ServicePrincipalAuthentication(
       tenant_id=tenant_id,
       client_id=client_id,
       client_secret=client_secret
   )

# Create an Atlas client
client = AtlasClient(
       endpoint_url=f"https://{purview_account_name}.purview.azure.com/catalog/api/atlas/v2",
       authentication=auth
   )

entity_up = AtlasEntity(
       name="API_TEST_NEW",
       typeName='test file',
       qualified_name="TESTING_API_NEW",
       attributes={
        "description": "A sample entity with custom attributes",
        "businessAttributes": {
            "businessAttribute1": "Business Value 1",
            "businessAttribute2": "Business Value 2"
        },
        "customAttributes": {
            "customKey1": "Custom Value 1",
            "customKey2": "Custom Value 2"
        }
    },
    collectionId = 'abcde', 
    domainId = 'account-name',
       contacts = {
      "Expert": [
        {
          "id": "xxxxxxxxxxxxxxxxx",
          "info": "Example Expert Info"
        }
      ],
      "Owner": [
        {
          "id": "xxxxxxxxxxxxxxxxxxxxxxxxxx",
          "info": "Example Owner Info"
        }
      ]
    },
   )
client.upload_entities(entity_up)

如何使用AtlasClient在特定集合中(不在根目录中)创建实体?我可以通过 PurviewClient 创建它,但在使用 AtlasClient 时遇到问题。

azure-purview
1个回答
0
投票

errorMessage":"5133fd99-b486-4723-ac91-c8acc375a4ed 无权执行创建实体:

您使用的客户端没有在特定集合中创建实体所需的权限,这可能是出现上述错误的原因。根据 MS 文档 客户端应具有以下角色才能对集合执行操作:

  • 收藏管理员
  • 数据源管理员
  • 数据管理者
  • 数据读取器

对于每个角色,选择 编辑角色分配 按钮,然后选择要将服务主体添加到的角色。或者选择每个角色旁边的 Add 按钮,然后通过搜索其名称或客户端 ID 添加服务主体,如下所示:

enter image description here

然后您将能够在特定集合中创建实体。欲了解更多信息,您可以参考以下内容:

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.