|
1 | 1 | --- |
2 | 2 | title: Use managed identities to access Azure SQL Database or Azure Synapse Analytics - Azure Stream Analytics |
3 | 3 | description: This article describes how to use managed identities to authenticate your Azure Stream Analytics job to Azure SQL Database or Azure Synapse Analytics output. |
4 | | -author: enkrumah |
5 | | -ms.author: ebnkruma |
| 4 | +author: an-emma |
| 5 | +ms.author: raan |
6 | 6 | ms.service: stream-analytics |
7 | 7 | ms.topic: how-to |
8 | | -ms.date: 05/04/2022 |
| 8 | +ms.date: 01/31/2023 |
9 | 9 | --- |
10 | 10 |
|
11 | 11 | # Use managed identities to access Azure SQL Database or Azure Synapse Analytics from an Azure Stream Analytics job |
@@ -64,7 +64,9 @@ First, you create a managed identity for your Azure Stream Analytics job. |
64 | 64 |
|
65 | 65 | A service principal for the Stream Analytics job's identity is created in Azure Active Directory. The life cycle of the newly created identity is managed by Azure. When the Stream Analytics job is deleted, the associated identity (that is, the service principal) is automatically deleted by Azure. |
66 | 66 |
|
67 | | -1. When you save the configuration, the Object ID (OID) of the service principal is listed as the Principal ID as shown below: |
| 67 | +1. You can also switch to [user-assigned managed identities](stream-analytics-user-assigned-managed-identity-overview.md). |
| 68 | + |
| 69 | +3. When you save the configuration, the Object ID (OID) of the service principal is listed as the Principal ID as shown below: |
68 | 70 |
|
69 | 71 |  |
70 | 72 |
|
@@ -209,6 +211,17 @@ Ensure you have created a table in your Azure Synapse database with the appropri |
209 | 211 |
|
210 | 212 | --- |
211 | 213 |
|
| 214 | +## Additional Steps with User-Assigned Managed Identity |
| 215 | + |
| 216 | +Repeat the steps if you selected user-assigned managed identity to connect ASA to Synapse: |
| 217 | +1. Create a contained database user. Replace ASA_Job_Name with User-Assigned Managed Identity. See the example below. |
| 218 | + ```sql |
| 219 | + CREATE USER [User-Assigned Managed Identit] FROM EXTERNAL PROVIDER; |
| 220 | + ``` |
| 221 | +2. Grant permissions to the User-Assigned Managed Identity. Replace ASA_Job_Name with User-Assigned Managed Identity. |
| 222 | + |
| 223 | +For more details, please refer to the sections above. |
| 224 | + |
212 | 225 | ## Remove Managed Identity |
213 | 226 |
|
214 | 227 | The Managed Identity created for a Stream Analytics job is deleted only when the job is deleted. There is no way to delete the Managed Identity without deleting the job. If you no longer want to use the Managed Identity, you can change the authentication method for the output. The Managed Identity will continue to exist until the job is deleted, and will be used if you decide to use Managed Identity authentication again. |
|
0 commit comments