You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/purview/how-to-access-policies-storage.md
+14-3Lines changed: 14 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -20,10 +20,19 @@ This guide describes how to configure Azure Storage to enforce data access polic
20
20
> These capabilities are currently in preview. This preview version is provided without a service level agreement, and should not be used for production workloads. Certain features might not be supported or might have constrained capabilities. For more information, see [Supplemental Terms of Use for Microsoft Azure
- We highly encourage you to register all data sources for use governance and manage all associated access policies from a single Azure Purview account.
25
+
- If you want to use multiple Purview accounts, be aware of these valid and invalid configurations. In the diagram below:
26
+
-**Case 1** shows a valid configuration where a Storage account is being registered in a Purview account in the same subscription.
27
+
-**Case 2** shows a valid configuration where a Storage account is being registered in a Purview account in a different subscription.
28
+
-**Case 3** shows an invalid configuration arising because Storage accounts S3SA1 and S3SA2 both belong to Subscription 3, but are being registered to different Purview accounts.
29
+
30
+
:::image type="content" source="./media/how-to-access-policies-storage/valid-and-invalid configurations.png" alt-text="Diagram shows valid and invalid configurations when using multiple Purview accounts to manage policies.":::
31
+
32
+
23
33
## Important limitations
24
34
1. The access policy feature is only available on new Azure Purview and Azure Storage accounts.
25
-
2. Register all data sources for use governance and manage all associated access policies in a single Azure Purview account.
26
-
3. This feature can only be used in the regions listed below, where access policy management and enforcement functionality are deployed.
35
+
2. This feature can only be used in the regions listed below, where access policy management and enforcement functionality are deployed.
27
36
28
37
### Supported regions
29
38
@@ -106,7 +115,9 @@ During registration, enable the data source for access policy through the **Data
106
115
:::image type="content" source="./media/how-to-access-policies-storage/register-data-source-for-policy.png" alt-text="Image shows how to register a data source for policy.":::
107
116
108
117
> [!NOTE]
109
-
> The behavior of the toggle will enforce that all the data sources in a given subscription can only be registered for data use governance in a single Purview account. That Purview account itself could be in any subscription in the tenant.
118
+
> The behavior of the toggle will enforce that all the data sources in the same subscription can only be registered for data use governance in a single Purview account. That Purview account itself could be in any subscription in the tenant.
0 commit comments