Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automate adding ADF managed identity into Purview Data Curator role. #196

Closed
andrehass opened this issue Oct 22, 2021 · 4 comments
Closed

Automate adding ADF managed identity into Purview Data Curator role. #196

andrehass opened this issue Oct 22, 2021 · 4 comments
Assignees
@andrehass @marvinbuss
Labels
blocked Blocked item feature Feature Requests

Comments

@andrehass
Copy link

Unable to push lineage to Purview because Purview Data Curator role is not granted to factory's managed identity.
ADF can't connect to purview to push lineage.

purview-connection

After adding ADF Managed Identity in the Purview Data Curator role, ADF can connect and send data lineage to Purview.
purview-connected
@andrehass andrehass added the feature Feature Requests label Oct 22, 2021
@andrehass andrehass pinned this issue Oct 22, 2021
@marvinbuss marvinbuss unpinned this issue Oct 24, 2021
@marvinbuss
Copy link
Collaborator

Thanks @andrehass for submitting this. Suggestion until now was to add all Data Factories and Synapse workspaces to a security group and then assign them. But you are right, we should probably include the option to automatically have this set up for the user. I will look into it next week.

@marvinbuss marvinbuss added this to the v1.2.0 milestone Oct 24, 2021
@marvinbuss marvinbuss added the committed Committed item label Oct 24, 2021
@marvinbuss
Copy link
Collaborator

marvinbuss commented Oct 24, 2021
edited
Loading

We will first get #190 and Azure/data-management-zone#209 in main and then work on this enhancement, ok?

@marvinbuss marvinbuss added backlog Backlog item and removed committed Committed item labels Oct 26, 2021
@marvinbuss
Copy link
Collaborator

Hi @andrehass,
I just looked into this and sadly, we are not able to automate this without a self-hosted agent. The endpoints are on the data plane and AAD also does not expose any ARM APIs to automatically create a group in which all ADF MSIs are included. I would mark this item as blocked and raise this with PG.

@marvinbuss marvinbuss added blocked Blocked item and removed backlog Backlog item labels Oct 26, 2021
@marvinbuss
Copy link
Collaborator

I will close this since it is the same issue as #114.

@marvinbuss marvinbuss removed this from the v1.2.0 milestone Oct 26, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@andrehass andrehass

@marvinbuss marvinbuss

Labels
blocked Blocked item feature Feature Requests
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@andrehass @marvinbuss