You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/search/search-howto-managed-identities-sql.md
+17-11Lines changed: 17 additions & 11 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,7 +6,7 @@ description: Learn how to set up an indexer connection to Azure SQL Database us
6
6
author: gmndrg
7
7
ms.author: gimondra
8
8
manager: nitinme
9
-
9
+
ms.custom: subject-rbac-steps
10
10
ms.service: cognitive-search
11
11
ms.topic: conceptual
12
12
ms.date: 02/11/2022
@@ -66,21 +66,27 @@ DROP USER IF EXISTS [insert your search service name or user-assigned managed id
66
66
67
67
## 2 - Add a role assignment
68
68
69
-
In this step you will give your Azure Cognitive Search service permission to read data from your SQL Server.
69
+
In this section you'll give your Azure Cognitive Search service permission to read data from your SQL Server. For detailed steps, see [Assign Azure roles using the Azure portal](../role-based-access-control/role-assignments-portal.md).
70
+
71
+
1. In the Azure portal, navigate to your Azure SQL Server page.
72
+
73
+
1. Select **Access control (IAM)**.
74
+
75
+
1. Select **Add > Add role assignment**.
76
+
77
+
:::image type="content" source="../../includes/role-based-access-control/media/add-role-assignment-menu-generic.png" alt-text="Screenshot that shows Access control (IAM) page with Add role assignment menu open.":::
78
+
79
+
1. On the **Roles** tab, select the appropriate **Reader** role.
70
80
71
-
1. In the Azure portal navigate to your Azure SQL Server page.
72
-
2. Select **Access control (IAM)**
73
-
3. Select **Add** then **Add role assignment**
81
+
1. On the **Members** tab, select **Managed identity**, and then select **Select members**.
74
82
75
-
![Add role assignment](./media/search-managed-identities/add-role-assignment-sql-server.png"Add role assignment")
83
+
1. Select your Azure subscription.
76
84
77
-
4. Select the appropriate **Reader** role.
78
-
5. Leave **Assign access to** as **Azure AD user, group or service principal**
79
-
6. If you're using a system-assigned managed identity, search for your search service, then select it. If you're using a user-assigned managed identity, search for the name of the user-assigned managed identity, then select it. Select **Save**.
85
+
1. If you're using a system-assigned managed identity, select **System-assigned managed identity**, search for your search service, and then select it.
80
86
81
-
Example for Azure SQL using a system-assigned managed identity:
87
+
1. Otherwise, if you're using a user-assigned managed identity, select **User-assigned managed identity**, search for the name of the user-assigned managed identity, and then select it.
82
88
83
-
![Add reader role assignment](./media/search-managed-identities/add-role-assignment-sql-server-reader-role.png"Add reader role assignment")
89
+
1. On the **Review + assign** tab, select **Review + assign** to assign the role.
0 commit comments