Skip to content

Commit 800d27d

Browse files
julieMSFTjulieMSFT
committed
updates
1 parent c7c84c2 commit 800d27d

File tree

1 file changed

+6
-6
lines changed

1 file changed

+6
-6
lines changed

articles/synapse-analytics/sql/develop-storage-files-storage-access-control.md

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -88,13 +88,13 @@ DROP CREDENTIAL [UserIdentity];
8888

8989
If you want to re-enable it again, refer to the [force Azure AD pass-through](#force-azure-ad-pass-through) section.
9090

91-
### [Managed Identity](#tab/managed-identity)
91+
### Managed Identity
9292

9393
**Managed Identity** is also known as MSI. It's a feature of Azure Active Directory (Azure AD) that provides Azure services for SQL on-demand. Also, it deploys an automatically managed identity in Azure AD. This identity can be used to authorize the request for data access in Azure Storage.
9494

9595
Before accessing the data, the Azure Storage administrator must grant permissions to Managed Identity for accessing the data. Granting permissions to Managed Identity is done the same way as granting permission to any other Azure AD user.
9696

97-
### [Anonymous access](#tab/public-access)
97+
### Anonymous access
9898

9999
You can access publicly available files placed on Azure storage accounts that [allow anonymous access](/azure/storage/blobs/storage-manage-access-to-resources.md).
100100

@@ -191,7 +191,7 @@ CREATE CREDENTIAL [UserIdentity]
191191
WITH IDENTITY = 'User Identity';
192192
```
193193

194-
### [Managed Identity](#tab/managed-identity)
194+
### Managed Identity
195195

196196
The following script creates a server-level credential that can be used by `OPENROWSET` function to access any file on Azure storage using workspace managed identity.
197197

@@ -200,7 +200,7 @@ CREATE CREDENTIAL [https://<mystorageaccountname>.blob.core.windows.net/<mystora
200200
WITH IDENTITY='Managed Identity'
201201
```
202202

203-
### [Public access](#tab/public-access)
203+
### Public access
204204

205205
The following script creates a server-level credential that can be used by `OPENROWSET` function to access any file on publicly available Azure storage. Create this credential to enable SQL principal that executes `OPENROWSET` function to read publicly available files on Azure storage that matches URL in credential name.
206206

@@ -230,7 +230,7 @@ WITH IDENTITY = 'SHARED ACCESS SIGNATURE', SECRET = 'sv=2018-03-28&ss=bfqt&srt=s
230230
GO
231231
```
232232

233-
### [Azure AD Identity](#tab/user-identity)
233+
### Azure AD Identity
234234

235235
The following script creates a database-scoped credential that is used by [external table](develop-tables-external-tables.md) and `OPENROWSET` functions that use data source with credential to access storage files using their own Azure AD identity.
236236

@@ -240,7 +240,7 @@ WITH IDENTITY = 'User Identity';
240240
GO
241241
```
242242

243-
### [Managed Identity](#tab/managed-identity)
243+
### Managed Identity
244244

245245
The following script creates a database-scoped credential that can be used to impersonate current Azure AD user as Managed Identity of service.
246246

0 commit comments

Comments
 (0)