Table of Contents

Search

  1. Preface
  2. Introduction to PowerExchange for Microsoft Azure Data Lake Storage Gen2
  3. PowerExchange for Microsoft Azure Data Lake Storage Gen2 Configuration
  4. Microsoft Azure Data Lake Storage Gen2 Connections
  5. PowerExchange for Microsoft Azure Data Lake Storage Gen2 Data Objects
  6. Microsoft Azure Data Lake Storage Gen2 Mappings
  7. Appendix A: Microsoft Azure Data Lake Storage Gen2 Datatype Reference

PowerExchange for Microsoft Azure Data Lake Storage Gen2 User Guide

PowerExchange for Microsoft Azure Data Lake Storage Gen2 User Guide

Configure Access to Microsoft Azure Data Lake Storage Gen2

Configure Access to Microsoft Azure Data Lake Storage Gen2

As an administrator, you must perform the following tasks:
  • Create a storage account to use with Microsoft Azure Data Lake Storage Gen2 and enable
    Hierarchical namespace
    in the Azure portal. You can use role-based access control or access control lists to authorize the users to access the resources in the storage account.
    • Role-based access control
      If you use role-based access control, assign the Contributor role or Reader role to the users.
      The contributor role grants you full access to manage all resources in the storage account, but does not allow you to assign roles.
      The reader role allows you to view all resources in the storage account, but does not allow you to make any changes.
      To add or remove role assignments, you must have write and delete permissions, such as an Owner role.
    • Access control lists
      If you use access control lists, you can provide read, write, and execute permissions to each directory and file for users.
  • Register an application in Azure Active Directory to authenticate users to access the Microsoft Azure Data Lake Storage Gen2 account. You can use role-based access control or access control lists to authorize the application.
    • Role-based access control
      If you use role-based access control, assign the Storage Blob Data Contributor or Storage Blob Data Reader role to the application.
      The Storage Blob Data Contributor role lets you read, write, and delete Azure Storage containers and blobs in the storage account.
      The Storage Blob Data Reader role lets you only read and list Azure Storage containers and blobs in the storage account.
    • Access control lists
      If you use access control lists, you can provide read, write, and execute permissions to each directory and file in the container.
  • Create a file system for Microsoft Azure Data Lake Storage Gen2.
  • To access objects from an HDI 4.0 Kerberised cluster, configure the impersonation user details in your Azure Data Lake Storage Gen2 account.
    Provide the impersonation user the contributor role and full access to the container used in the internal storage account of the HDInsight Data Lake Storage Gen2 cluster.

0 COMMENTS

We’d like to hear from you!