azure-synapseazure-bicep
There is a way to set up Synapse Administrators with a BICEP module?
I would like to set Synapse access control with a bicep module but I can't find a proper resource to use.
Please, can someone point me in the right direction?
UPDATE: basend on evgeny answer, I tryed in this way but it seems not working:
resource syRBAC1 'Microsoft.Synapse/workspaces/administrators@2021-06-01' = {
name: 'activeDirectory'
parent: synapse_workspace
properties: {
administratorType: 'Synapse SQL Administrator'
login: '[email protected]'
sid: ELSCId
tenantId: TenantId
}
}
It does not produce any error but it does not change any change into the access control list.
Probably it sets only this:
Solution
Since I came across the same problem and bicep does not offer a way to assign the role (yet) I added an AzureCLI task to my pipeline and grant the role via az synapse role assignment create after the deployment.
Output defined in the bicep file to pass the name of the newly created synapse workspace along to the AzureCLI task:
output synapse_workspace_name string = synapse_workspace.name
Tasks in the deployment pipeline's yml file :
// deployment task via "main.bicep" file
- task: AzureResourceManagerTemplateDeployment@3
inputs:
connectedServiceName: $(ServiceConnectionName)
location: $(DeploymentDefaultLocation)
resourceGroupName: $(ResourceGroupName)
csmFile: main.bicep
overrideParameters: >
-aad_admin_developer_group_object_id $(AadAdminDeveloperGroupObjectId)
deploymentOutputs: deployment_output
// Grant "Synapse Administrator"
- task: AzureCLI@1
displayName: 'Assign role "Synapse Administrator" on the newly created Synapse workspace to the developer AAD-Group'
inputs:
azureSubscription: 'my_subscription'
scriptLocation: 'inlineScript'
inlineScript: 'az synapse role assignment create --workspace-name $(deployment_output.synapse_workspace_name.value) --role "Synapse Administrator" --assignee $(AadAdminDeveloperGroupObjectId)'
- SQL Unpivot Rolling Date/Week Calculation
- Azure Synapse API returns empty array with filters in POST request, but works without them
- How to parse an XML embedded in a nvarchar column?
- Azure Synapse severless SQL pool - query execution fails
- ADF Web Activity Error: The request content is not valid and could not be deserialized: 'After parsing a value an unexpected character was encountered
- How to avoid adf pipeline converting the date fields to datetime while writing CSV files?
- Synapse pipeline datasets
- is it possible to limit simultaneous requests towards azure function using threadspool in python?
- Disable activity within pipeline in Azure Synapse/Data Factory
- Split multiple tables from a single sheet in excel using data flows
- Is it possible to create Linked Service in Azure Data Factory to a Synapse Lake database
- Azure Synapse Apache Spark Pools: .gz package added but notebook run error says not found
- Creating External table in Azure SQL Database using ADLS2 Datasource
- Is there a way for notebooks in synapse to take in pipeline variables?
- Azure Synapse: How to get notebook magic command %pip to work in a pipeline
- SQL Query to calculate size of each schemas in Azure data warehouse and to find last access time?
- Azure synapse serverless pool couldn't read external delta table properly
- Date-Querying A View v/s Same in Table [Azure Synapse DB]
- How to call Logic App from azure synapse analytics?
- Data Type differences between Synapse Tables and Delta Lake Tables
- Azure Data Factory: Get the max-value from a table with the help of CreatedAt-column within an variable expression
- Authorize Azure Synapse managed identity to access https://management.azure.com/ api
- Is there a way to include partition paths of the file path as a column in Azure Synapse SQL?
- CROSS APPLY OPENJSON on Dictionary<string, object[]>
- Split a json string row or flatten transformation in data flow (ADF)
- Spark Large single Parquet file to Delta Failure with Spark SQL
- Xml pagination in Azure Data Factory
- Azure Synapse CI/CD Pipeline - Override Apache Spark Pool Name in Notebooks
- Synapse: Pass lookup value (column name) into a stored procedure parameter
- Azure Synapse - Connect to Azure SQL from Notebook using Managed identity