Assign Azure Reader role to Azure Purview MSI at Data Landing Zone subscription #115
Comments
|
@zeinab-mk Thanks for submitting this! |
|
This is also related to #114. Both items will be closed, once we add a role assignment to the subscription. Optimally. This should even be done at the Management group layer, to capture all data sources within the tenant. But this is out of our scope, which is why we will move forward with the data landing zone subscription scope for now. |
|
We will not add this for now, since SHIR and Service Principal are required anyways for scans, if all services are behind private endpoints (e.g. Purview, Synapse, Data Factory, etc.). Therefore, we will hold off for now, since this is not something that is actually required when using private endpoints end-to-end. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When Data Landing Zone is deployed, it is nice to have Azure RBAC Reader role automatically assigned to Azure Purview MSI at subscription level. This step is required so customers can register and scan data sources in Purview.
The text was updated successfully, but these errors were encountered: