Reputation: 11
Azure Management API - Failed to retrieve Data Masking settings
I am calling the below Azure management API and got the "Failed to retrieve Data Masking settings" exception. I don't know why it is occurring.
Can anyone tell, what is the reason for this exception?
Any help will be appreciated.
Upvotes: 0
Views: 268
Answers (1)
Reputation: 4544
The data you trying to get using mentioned Azure Management API might be sensitive and therefore need masking of the column in which you are inserting it.
Dynamic data masking helps prevent unauthorized access to sensitive data by enabling customers to designate how much of the sensitive data to reveal with minimal impact on the application layer. It’s a policy-based security feature that hides the sensitive data in the result set of a query over designated database fields, while the data in the database is not changed.
You can apply Dynamic Data Masking in the Azure SQL database using the Azure portal. Please refer the example given below.
Log in to the Azure portal and click on SQL Databases.
Click on the database where you are going to set up Dynamic Data Masking.
Under the Security section, click on Dynamic Data Masking. This page shows the list of tables and columns in the database that is recommended for masking.
Click on Add mask button to mask the column using the default Dynamic Data Masking function. Click on Save to apply the masking.
Now if you run SELECT query to retrieve the data from the database, you still be able to see the unmasked data as you have the appropriate permissions to view data.
Execute the following script to add new user and assign db_datareader rule.
CREATE USER myuser WITH PASSWORD = '<pwd>'
ALTER ROLE [db_datareader] ADD MEMBER [myuser]
Now if you login using the credentials of this new user, and run any SELECT query, you can observe that the column which you have masked showing XXXX. It implies that masking has been applied to this column and an unauthorized user won’t be able to see the data.
I suggest you to please go through Dynamic data masking for more information.
Upvotes: 0
Related Questions
- APIM - response data masking
- Azure Management API: HTTP Post StatusCode: 403, ReasonPhrase: 'Forbidden'
- privacySetting parameter value is not part of the allowed values - SQL Connection for Azure LogicApps
- How to save modified mask value into azure SQL database with original value but not an mask value?
- Azure API returning 204 No Content for Db-Calls with content
- APIM Masking PII Data in Azure Application Insights
- Azure API Management issue with OData
- Microsoft Azure : API Access error DisallowedOperation
- Dynamic Data Masking not applying for unprivileged users on Azure SQL Database
- Dynamic Data Masks stopped working