[spacer] [spacer] [spacer]

Sign up with your email address to be the first to know about new publications

[mc4wp_form id="4946"] [spacer]

Azure Data Factory Locks

Introduction

Azure Data Factory Locks allow you to extend your Role-Based Access Control (RBAC) security and define some policies to prevent people from deleting resources. 

Have you been working on a project when somebody accidentally deleted a solution? Me too. 

With a little bit of experience, you soon realize how important it is to establish strong security and RBAC policies.  

In Azure Data Factory, you can create your own custom role to allow users to explore solutions without the ability to edit. But what if an admin or developer deletes a solution accidentally in Production? While rolling back the changes by using code version control is an easy fix, prevention is the best method. 

In this article, you’ll look at Locks that allow you to easily define some restrictions within your Azure Data Factory. 

Post Contents: 

  • Access required to apply Azure Locks 
  • Azure Data Factory Locks 
  • Configure Azure Data Factory Locks 
  • Test Azure Data Factory Locks 

Access required to apply Azure Locks 

To begin, to apply Azure Locks, you need to meet one of the following requirements: 

  • Be a member of the Owner or User Access Administrator roles 
  • Have access to Microsoft.Authorization/* or Microsoft.Authorization/locks/* actions 

Azure Data Factory Locks 

You can find Locks within your Azure Data Factory. 

Find locks within Azure Data Factory

Locks are not only enabled for Azure Data Factory. They are a feature available as part of all Azure services so you can create policies that prevent changes to resources. 

In the following screenshot, you can see that you have the options to configure resource group and subscription lock policies.  

Resource Group locks 

Resource group locks

Subscription locks 

Subscription locks

Configure Azure Data Factory Locks 

Next, define Read-Only or Delete locks. 

Let’s create a Delete lock. 

After you save the lock, it becomes available immediately on the list. 

Test Azure Data Factory Locks 

Now, it’s time to test it. It this example, I am using my admin account. 

Try to delete a pipeline. 

Remember: make sure you are using code version control in case you missed something during the configuration and you have to rollback the changes. 

Then, publish the changes. 

A list of the pending changes appears before you can click publish. 

Finally, you can see that you are not able to publish the changes. 

Summary 

In this post, you’ve learned how easy it is to configure Azure Locks. It’s a no-code experience that allows you to secure your resources. 

Final Thoughts 

This feature certainly complements other security features and must be taken into account for Production environments. 

Other security features: 

What’s Next? 

In upcoming blog posts, we’ll continue to explore some of the features within Azure Services.      

Please  follow Tech Talk Corner on Twitter for blog updates, virtual presentations, and more!    

As always, please leave any comments or questions below.    

No Comments Yet.

Do you want to leave a comment?

Your email address will not be published. Required fields are marked *