You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/purview/tutorial-azure-purview-checklist.md
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -31,8 +31,8 @@ This article lists prerequisites that help you get started quickly on Azure Purv
31
31
|13 |Deploy Self-hosted integration runtime VMs inside your network. |Azure: *Virtual Machine Contributor* <br> On-prem: Application owner |Use this step if you're planning to perform any scans using [Self-hosted Integration Runtime](manage-integration-runtimes.md). |
32
32
|14 |Create a Self-hosted integration runtime inside Azure Purview. |Data curator <br> VM Administrator or application owner |Use this step if you're planning to use Self-hosted Integration Runtime instead of Managed Integration Runtime or Azure Integration Runtime. <br><br> <br> [download](https://www.microsoft.com/en-us/download/details.aspx?id=39717)|
33
33
|15 |Register your Self-hosted integration runtime | Virtual machine administrator |Use this step if you have **on-premises** or **VM-based data sources** (e.g. SQL Server). <br> Use this step are using **Private Endpoint** to scan to **any** data sources. |
34
-
|16 |Grant Azure RBAC **Reader** role to **Azure Purview MSI** at data sources' Subscriptions |*Subscription owner* or *User Access Administrator*|Use this step if you're planning to register [multiple](register-scan-azure-multiple-sources.md) or **any** of the following data sources: <ul><li>[Azure Blob Storage](register-scan-azure-blob-storage-source.md)</li><li>[Azure Data Lake Storage Gen1](register-scan-adls-gen1.md)</li><li>[Azure Data Lake Storage Gen2](register-scan-adls-gen2.md)</li><li>[Azure SQL Database](register-scan-azure-sql-database.md)</li><li>[Azure SQL Database Managed Instance](gister-scan-azure-sql-database-managed-instance.md)</li><li>[Azure Synapse Analytics](register-scan-synapse-workspace.md)</li></ul> |
35
-
|17 |Grant Azure RBAC **Storage Blob Data Reader** role to **Azure Purview MSI** at data sources Subscriptions. |*Subscription owner* or *User Access Administrator*|**Skip** this step if you are using Private Endpoint to connect to data sources. Use this step if you have these data sources:<ul><li>[Azure Blob Storage](register-scan-azure-blob-storage-source#using-a-system-or-user-assigned-managed-identity-for-scanning)</li><li>[Azure Data Lake Storage Gen2](register-scan-adls-gen2#using-a-system-or-user-assigned-managed-identity-for-scanning)</li></ul> |
34
+
|16 |Grant Azure RBAC **Reader** role to **Azure Purview MSI** at data sources' Subscriptions |*Subscription owner* or *User Access Administrator*|Use this step if you're planning to register [multiple](register-scan-azure-multiple-sources.md) or **any** of the following data sources: <ul><li>[Azure Blob Storage](register-scan-azure-blob-storage-source.md)</li><li>[Azure Data Lake Storage Gen1](register-scan-adls-gen1.md)</li><li>[Azure Data Lake Storage Gen2](register-scan-adls-gen2.md)</li><li>[Azure SQL Database](register-scan-azure-sql-database.md)</li><li>[Azure SQL Database Managed Instance](register-scan-azure-sql-database-managed-instance.md)</li><li>[Azure Synapse Analytics](register-scan-synapse-workspace.md)</li></ul> |
35
+
|17 |Grant Azure RBAC **Storage Blob Data Reader** role to **Azure Purview MSI** at data sources Subscriptions. |*Subscription owner* or *User Access Administrator*|**Skip** this step if you are using Private Endpoint to connect to data sources. Use this step if you have these data sources:<ul><li>[Azure Blob Storage](register-scan-azure-blob-storage-source.md#using-a-system-or-user-assigned-managed-identity-for-scanning)</li><li>[Azure Data Lake Storage Gen2](register-scan-adls-gen2.md#using-a-system-or-user-assigned-managed-identity-for-scanning)</li></ul> |
36
36
|18 |Enable network connectivity to allow AzureServices to access data sources: <br> e.g. Enable "**Allow trusted Microsoft services to access this storage account**". |*Owner* or *Contributor* at Data source |Use this step if **Service Endpoint** is used in your data sources. (Don't use this step if Private Endpoint is used) |
37
37
|19 |Enable **Azure Active Directory Authentication** on **Azure SQL Servers**, **Azure SQL Database Managed Instance** and **Azure Synapse Analytics**|Azure SQL Server Contributor |Use this step if you have **Azure SQL DB** or **Azure SQL Database Managed Instance** or **Azure Synapse Analytics** as data source. **Skip** this step if you are using **Private Endpoint** to connect to data sources. |
38
38
|20 |Grant **Azure Purview MSI** account with **db_datareader** role to Azure SQL databases and Azure SQL Database Managed Instance databases |Azure SQL Administrator |Use this step if you have **Azure SQL DB** or **Azure SQL Database Managed Instance** as data source. **Skip** this step if you are using **Private Endpoint** to connect to data sources. |
@@ -47,7 +47,7 @@ This article lists prerequisites that help you get started quickly on Azure Purv
47
47
|29 | Create a new connection to Azure Key Vault from Azure Purview Studio | *Data source admin* | Use this step if you are planing to use any of the following [authentication options](manage-credentials.md#create-a-new-credential) to scan a data source in Azure Purview: <ul><li>Account key</li><li>Basic Authentication</li><li>Delegated Auth</li><li>SQL Authentication</li><li>Service Principal</li><li>Consumer Key</li></ul>
48
48
|30 |Deploy a private endpoint for Power BI tenant |*Power BI Administrator* <br> *Network contributor*|Use this step if you're planning to register a Power BI tenant as data source and your Azure Purview Purview account is set to **deny public access**. <br> For more information, see [How to configure private endpoints for accessing Power BI](/power-bi/enterprise/service-security-private-links). |
49
49
|31 |Connect Azure Data Factory to Azure Purview from Azure Data Factory Portal. **Manage** -> **Azure Purview**. Select **Connect to a Purview account**. <br> Validate if Azure resource tag **catalogUri** exists in ADF Azure resource. |Azure Data Factory Contributor / Data curator |Use this step if you have **Azure Data Factory**. |
50
-
|32 |Verify if you have at least one **Microsoft 365 required license** in your Azure Active Directory tenant to use sensitivity labels in Azure Purview. |Azure Active Directory *Global Reader*|Perform this step if you're planning in extending **Sensitivity Labels from Microsoft 365 to Azure Purview** <br> |
50
+
|32 |Verify if you have at least one **Microsoft 365 required license** in your Azure Active Directory tenant to use sensitivity labels in Azure Purview. |Azure Active Directory *Global Reader*|Perform this step if you're planning in extending **Sensitivity Labels from Microsoft 365 to Azure Purview** <br> For more information, see [licensing requirements to use sensitivity labels on files and database columns in Azure Purview](sensitivity-labels-frequently-asked-questions.md#licensing-and-setup)|
51
51
|33 |Consent "**Extend labeling to assets in Azure Purview**" |Compliance Administrator <br> Azure Information Protection Administrator |Use this step if you are interested in extending Sensitivity Labels from Microsoft 365 to Azure Purview. <br> Use this step if you are interested in extending **Sensitivity Labels** from Microsoft 365 to Azure Purview. |
52
52
|34 |Create new collections and assign roles in Azure Purview |*Collection admin*|[Create a collection and assign permissions in Azure Purview](/quickstart-create-collection.md). |
53
53
|36 |Register and scan Data Sources in Azure Purview |*Data Source admin* <br> *Data Reader* or *Data Curator*| For more information, see [supported data sources and file types](azure-purview-connector-overview.md)|
0 commit comments