Hi,

I am trying to access a blob storage container to retrieve files. It's throwing this error.

: Operation failed: "This request is not authorized to perform this operation using this resource type.", 403, GET,

I have tried sas key at container and storage account levels

This is what i see as the parameters in my SAS token

sp=rli
&st=2025-01-13T11:28:48Z
&se=2026-05-31T19:28:48Z
&spr=https
&sv=2022-11-02
&sr=c
&sig=

Maybe there is someone else that can be suggested to make this work if it's not sas token settings

Does anyone have a screenshot of correct privileges to list and read files from the blob to make this work?

This is my code

from azure.storage.blob import BlobServiceClient, BlobClient, ContainerClient
#from azure.keyvault.secrets import SecretClient
#from azure.identity import DefaultAzureCredential
from pyspark.sql import SparkSession
from pyspark.sql import DataFrame

def list_blobs(spark: SparkSession):
    files = dbutils.fs.ls("abfss://audits@storagedev1.blob.core.windows.net/")
    display(files)
if __name__ == "__main__":
    spark = SparkSession \
        .builder \
        .appName("Python Spark SQL data source example") \
        .getOrCreate()
    #Key1 = "Auditkey"
    #Key2 = "auditkey2"
    key_scope= "DataBricksDevSecrets"
    key_secret = "auditkey2"
    storage_account = "storagedev1"

    fs_sas_fixed_string = "fs.azure.sas.fixed.token." + storage_account + ".blob.core.windows.net"
    fs_auth_string = "fs.azure.account.auth.type."+ storage_account + ".blob.core.windows.net"
    fs_sas_provider_string = "fs.azure.sas.token.provider.type."+ storage_account + ".blob.core.windows.net"

    spark.conf.set(fs_auth_string, "SAS")
    spark.conf.set(fs_sas_provider_string, "org.apache.hadoop.fs.azurebfs.sas.FixedSASTokenProvider")
    spark.conf.set(fs_sas_fixed_string, dbutils.secrets.get(scope=key_scope, key=key_secret))