Creating linked service(Azure Data Factory V2) for Azure Sql supports SQL Authentication. I want to know if it also supports Azure Active Directory Integrated Authentication.
Asked
Active
Viewed 1,347 times
1 Answers
0
As of today (Feb '18),
ADFV2 can connect to some sources using Managed Service Identity (MSI). In short, the ADFV2 instance is given an identity in the Active Directory as an Active Directory Application. See the docs here. Then the ADFV2 can connect to data sources as that identity.
Although Azure SQL supports Managed Service Identity, accessing Azure SQL Server through MSI is not available for ADFV2 yet. From the docs:
ConnectionString: Specify information needed to connect to the Azure SQL Database instance for the connectionString property. Only basic authentication is supported. Mark this field as a SecureString to store it securely in Data Factory, or reference a secret stored in Azure Key Vault.
As the docs state, you can use the ADFV2 Managed Service Identity to connect to KeyVault and use keys and secrets stored there, which is probably your best best for limiting security information in configuration.
Keep in mind that the UI for ADFV2 is still quite far behind the API, so you may need to use PowerShell or Azure command line to set it up properly.
Murray Foxcroft
- 12,785
- 7
- 58
- 86
-
Is this supported now? – Pratik Bhattacharya Sep 24 '18 at 12:36
-
I have not tested recently. Add the MSI to a group, then the group to SQL and see if ADFV2 can write to it. – Murray Foxcroft Sep 24 '18 at 13:22