Using custom roles we can create roles derived from the in-built one and customize the permissions a user can have when the role is assigned to him.
https://docs.microsoft.com/en-us/azure/role-based-access-control/custom-roles
With regards to Data Factory, is it a way to create a role with the scope to give permission to a user (r/w/d) only for a specific ADF Pipeline or Linked Service? Or do I need to create 2 Data Factories?
"actions": [
...
"Microsoft.DataFactory/dataFactories/*",
"Microsoft.DataFactory/factories/*",
... ]
You can create a custom role (which is not assignble scope) to give access on a specific pipeline via powershell.
“assignableScopes”: [
“/subscriptions/<<SubscriptionID>>/resourceGroups/<<RGName>>/providers/Microsoft.DataFactory/factories/<<ADFName>>/pipelines/<<PipelineName>>”
],
“permissions”: [
{
“actions”: [
“Microsoft.DataFactory/factories/pipelines/createrun/action”
],
“notActions”: [],
“dataActions”: [],
“notDataActions”: []
}
]
For details : https://datasharkx.wordpress.com/2021/07/26/security-access-to-trigger-a-specific-pipeline-in-azure-data-factory/
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.