Reputation: 129
Right way to give Service Principals access to ADLS files
We have an Azure Datalake Store with a lot of directories and files in it. Now we want to give access to a subset of these files to a growing list of service principals. Because it would take very long to add each service principal on its own, we would like to use a different/bundled approach. What is the best way to do this in Azure? Using groups, roles or permissions for example?
Thanks for your help!
Upvotes: 1
Views: 3048
Answers (1)
Reputation: 42063
You could create an Azure AD security group in Azure Active Directory -> Groups -> New Group, see this link, then add it in the Access of your ADLS file with the permissions you need.
Then if you want to give the permissions to the new service principal, just add it in the Members -> Add members of the group.
For more details, you could refer to Securing data stored in Azure Data Lake Storage Gen1.
Upvotes: 1
Related Questions
- Connecting to Data Lake Gen 2 from Azure Function using Service Principal is throwing AuthorizationPermissionMismatch error
- Manage ADLSGen2 ACLs with Shared Key Access Disabled?
- Grant service principal access to application in other tenant
- Azure Data Lake gen2 (Data Lake Storage) Access Control on container level with Managed Identity
- Azure : Permission for Service Principal to get list of Service Principals
- How to restrict a Service Principle access to specific folder in ADLS Gen2?
- Connecting to ADLS Gen 2 using Service Principals
- Managed Service Identity configuration for Azure Data Lake Storage Gen2
- Azure ADLS gen2 listing folders given authentication error using rest api and service principal
- Creating a a multi-tenant azure AD application's Service Principal to expose its permissions in a different AAD tenant