This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Tech Community.
We recently launched Azure Purview Data Use Governance feature in public preview. You will be able to read more about this feature here. In this blog, we explain how data can be accessed when permission is granted at file level using Azure Purview’s Data Policy App.
After a data source is registered for Data Use Governance, and then scanned, Azure Purview’s Policy author role will be able to create policies in the Policy management interface.
To learn more about creating and publishing policies use this article.
User will not be able to browse to the asset using Azure Portal or Storage explorer if the only permission granted is read/modify access at file level of storage account. Hence, it provides organizations the ability to not only secure their data perimeter but also grant users minimum required access to datasets to complete their day-to-day tasks.
When file or folder level access is granted, the user can open the file in Azure Synapse analytics workspace. The easiest way to achieve this is by ensuring that the Azure Purview account that has the Storage account’s metadata is linked to Azure Synapse workspace. For more details on how to connect a synapse workspace to Azure purview, refer to this article.
The user needs to login to the synapse workspace and then search for the file-customeraddress. parquet.
Select the file to which the access has been granted and select Develop - New SQL script - Select top 100.
This will generate a SQL query, which can be executed against a built-in serverless SQL engine.
Conclusion:
Data policies within Azure Purview ensure that data consumers only have adequate permission to perform their day-to-day tasks. It is easy to get started with the new data policy feature within Azure Purview. You can get started by going through our documentation here and demo video here.