You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A data factory or Synapse pipeline can be associated with a [system-assigned managed identity for Azure resources](data-factory-service-identity.md#system-assigned-managed-identity), which represents that resource for authentication to other Azure services. You can use this system-assigned managed identity for Azure Files authentication. To learn more about managed identities for Azure resources, see [Managed identities for Azure resources](../active-directory/managed-identities-azure-resources/overview.md)
209
+
A data factory or Synapse pipeline can be associated with a [system-assigned managed identity for Azure resources](data-factory-service-identity.md#system-assigned-managed-identity), which represents that resource for authentication to other Azure services. You can use this system-assigned managed identity for Azure Files authentication. To learn more about managed identities for Azure resources, see [Managed identities for Azure resources](../active-directory/managed-identities-azure-resources/overview.md).
210
210
211
211
To use system-assigned managed identity authentication, follow these steps:
212
212
213
213
1.[Retrieve system-assigned managed identity information](data-factory-service-identity.md#retrieve-managed-identity) by copying the value of the system-assigned managed identity object ID generated along with your factory or Synapse workspace.
214
214
215
-
2. Grant the managed identity permission in Azure Files. For more information on the roles, see [Use the Azure portal to assign an Azure role for access to blob and queue data](../role-based-access-control/built-in-roles/storage.md#storage-file-data-smb-share-reader).
215
+
2. Grant the managed identity permission in Azure Files. For more information on the roles, see this [article](../role-based-access-control/built-in-roles/storage.md#storage-file-data-smb-share-reader).
216
216
217
217
-**As source**, in **Access control (IAM)**, grant at least the **Storage File Data SMB Share Reader** role.
218
218
-**As sink**, in **Access control (IAM)**, grant at least the **Storage File Data SMB Share Contributor** role.
@@ -225,6 +225,9 @@ These properties are supported for an Azure Files linked service:
225
225
| serviceEndpoint | Specify the Azure Files service endpoint with the pattern of `https://<accountName>.file.core.windows.net/`. | Yes |
226
226
| fileShare | Specify the file share. | Yes |
227
227
228
+
>[!NOTE]
229
+
>System-assigned managed identity authentication is only supported by Azure integration runtime.
230
+
228
231
**Example:**
229
232
230
233
```json
@@ -242,7 +245,7 @@ These properties are supported for an Azure Files linked service:
242
245
243
246
### User-assigned managed identity authentication
244
247
245
-
A data factory can be assigned with one or multiple [user-assigned managed identities](data-factory-service-identity.md#user-assigned-managed-identity). You can use this user-assigned managed identity for Azure Files authentication, which allows to access and copy data from or to Azure Files. To learn more about managed identities for Azure resources, see [Managed identities for Azure resources](../active-directory/managed-identities-azure-resources/overview.md)
248
+
A data factory can be assigned with one or multiple [user-assigned managed identities](data-factory-service-identity.md#user-assigned-managed-identity). You can use this user-assigned managed identity for Azure Files authentication, which allows to access and copy data from or to Azure Files. To learn more about managed identities for Azure resources, see [Managed identities for Azure resources](../active-directory/managed-identities-azure-resources/overview.md).
246
249
247
250
To use user-assigned managed identity authentication, follow these steps:
0 commit comments