Power BI and Azure Key vault

Question

Simple question ( perhaps) . Is it possible to use Azure Key vault with Power BI. i have searched for documentation but there doesn't seem to be anything clear ( that I can see) , if its possible ; is this a simple set up or needs a lot configuration changes ? I am trying to connect a power bi dashboard to an azure sql database I would be interested in knowing what are the challenges. Thanks

Answer 1

1. Yes you can use azure key vault with power BI premium. Power BI encrypts data at-rest and in process. By default, Power BI uses Microsoft-managed keys to encrypt your data. In Power BI Premium you can also use your own keys for data at-rest that is imported into a dataset . This approach is often described as bring your own key (BYOK). We can configure Azure Key Vault, a tool for securely storing and accessing secrets, like encryption keys. You can use an existing key vault to store encryption keys, or you can create a new one specifically for use with Power BI.

Configure your key vault in the following way:

- Add the Power BI service as a service principal for the key vault, with wrap and unwrap permissions.

• Create an RSA key with a 4096-bit length (or use an existing key of this type), with wrap and unwrap permissions

• Recommended: Check that the key vault has the soft delete option enabled.

  Note: Power BI BYOK supports only RSA keys with a 4096-bit length. Configure Key vault and service principal

2. We can connect azure sql db with power BI. The process is not much complicated. All the steps are straight forward.

• first you need to configure firewall settings for azure sql db server.
• use sql DB connector to connect to SQL DB
• select the sql server and database to query the data. Reference

If in case if you want to use your azure ad credentials to connect sql db with power Bi please refer to this thread Connect Power BI with Azure SQL Database Server Using AAD Credentials - Stack Overflow