Managing Access and Roles in ADF
Learn about access control in ADF, including user, group, role, and permission management, using Azure Portal and Azure CLI.
ADF excels in handling access and roles for its resources, a vital aspect of safeguarding sensitive data. Ensuring only authorized users access resources is key to controlling actions and data views. Here we'll explore diverse methods for managing access and roles in Azure Data Factory.
Azure IAM services
Azure Identity and Access Management (IAM) is a service that provides centralized management of users, groups, and permissions across all Azure services. It is used to control and manage access to Azure resources by defining security principals (users, groups, and applications) and assigning them roles that grant specific permissions to access resources.
The following are the different IAM services offered by Azure:
Azure Active Directory (AAD): This is an identity and access management service that provides authentication and authorization services for applications and services running in Azure. It can be used to manage user identities, secure access to applications and services, and provide single sign-on across multiple applications. To use Azure AD for authentication in Azure Data Factory, we must first create an Azure AD application and a service principal. The service principal represents the application and is used to authenticate the application to Azure Data Factory. We can then use RBAC to assign roles to users and groups within Azure AD.
Role-based access control (RBAC): This is a service that provides access management to Azure resources. It allows us to assign permissions to users, groups, and applications at different levels (subscription, resource group, or resource) based on predefined roles or custom roles.
Azure Resource Manager (ARM): This is a management service that provides a unified API for managing Azure resources. It provides a common infrastructure for managing and deploying Azure resources and enables role-based access control for resource management.
Azure Policy: This is a service that provides governance for Azure resources. It allows us to create, assign, and manage policies that enforce rules and standards for resources. We can use policies to enforce compliance, ...