DataLake Desgin for Private and Public Access

RajNair 216 Reputation points
2022-09-16T16:43:56.39+00:00

We are planning to use azure datalake for storing data for two different department. We are trying to use single data lake only issue is the access level. Dept 1 uses data for internal consumption and public access is not required for their data. On the other hand for Dept 2, data is consumed by third party and require public access...

What is the best approach to follow for private and public access on a single datalake shared between them....

What all things we need to be careful while allowing both type access on a single datalake... is there any guidelines

Azure Data Lake Storage
Azure Data Lake Storage
An Azure service that provides an enterprise-wide hyper-scale repository for big data analytic workloads and is integrated with Azure Blob Storage.
1,463 questions
Azure Disk Storage
Azure Disk Storage
A high-performance, durable block storage designed to be used with Azure Virtual Machines and Azure VMware Solution.
628 questions
0 comments No comments
{count} votes

Accepted answer
  1. PRADEEPCHEEKATLA-MSFT 88,716 Reputation points Microsoft Employee
    2022-09-19T12:28:48.007+00:00

    Hello @RajNair ,

    Thanks for the question and using MS Q&A platform.

    Azure Storage supports optional anonymous public read access for containers and blobs. By default, anonymous access to your data is never permitted. Unless you explicitly enable anonymous access, all requests to a container and its blobs must be authorized. When you configure a container's public access level setting to permit anonymous access, clients can read data in that container without authorizing the request.

    The following table summarizes how both settings together affect public access for a container.

    242515-image.png

    Based on the requirement - you can create two containers named Dept1 with private access and Dept2 with public access. On the private container you can use the RBAC access control to grant the permissions as per your need.

    Data Lake Storage Gen2 supports the following authorization mechanisms:

    • Shared Key authorization
    • Shared access signature (SAS) authorization
    • Role-based access control (Azure RBAC)
    • Access control lists (ACL)

    For more details, refer to Configure anonymous public read access for containers and blobs and Access control model in Azure Data Lake Storage Gen2

    Hope this will help. Please let us know if any further queries.

    ------------------------------

    • Please don't forget to click on 130616-image.png or upvote 130671-image.png button whenever the information provided helps you. Original posters help the community find answers faster by identifying the correct answer. Here is how
    • Want a reminder to come back and check responses? Here is how to subscribe to a notification
    • If you are interested in joining the VM program and help shape the future of Q&A: Here is jhow you can be part of Q&A Volunteer Moderators
    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.