Understanding and creating RBAC in Azure for ADLS Gen-2
In this chapter, you will be learning how to allow AAD users to securely access the files and directories in an ADLS Gen-2 storage account using AAD authentication from Azure Databricks. ADLS Gen-2 supports two methods for securing access to the data lake via security principals:
- Role-Based Access Control (RBAC): Used to restrict access to the Storage Account and to individual containers in theStorage Account.
- POSIX-like Access Control Lists (ACLs): Used to restrict access to individual folders and files.
In this recipe, you will learn how to use RBAC to control access at the container level in an ADLS Gen-2 Storage Account.
Getting ready
RBAC uses role assignments to apply sets of permissions to a user, group, service principal, or managed identity that is present in Azure Active Directory (AAD) and is requesting access to Azure resources.
With RBAC, Azure resources are constrained as top-level resources...
