Azure Datafactory SSIS IR configure Vnet integration with Custom DNS

Prannoy Seal (US) 0 Reputation points
2024-04-11T13:04:30.5166667+00:00

Configure Azure Datafactory SSIS IR Express Vnet integration with Custom DNS.

Followed below document, but it used Blob SAS URI which is not compliant.

https://learn.microsoft.com/en-us/azure/data-factory/azure-ssis-integration-runtime-express-virtual-network-injection#dns

Is there any alternative option to configure this.

Azure Data Factory
Azure Data Factory
An Azure service for ingesting, preparing, and transforming data at scale.
10,872 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Sina Salam 12,086 Reputation points
    2024-04-11T13:51:33.06+00:00

    Hello Prannoy Seal (US),

    Welcome to the Microsoft Q&A and thank you for posting your questions here.

    Problem

    Sequel to your questions, I understand that there is a need to configure Azure Data Factory SSIS Integration Runtime (IR) Express with Virtual Network integration to use a custom DNS for hostname resolution within the virtual network. However, the current documentation relies on Blob SAS URI, which may not be compliant with certain requirements. There is a lack of alternative methods provided in the documentation, leaving you without clear guidance on how to achieve this configuration.

    Scenarios

    1. Organizations with strict compliance requirements, such as those in regulated industries like finance or healthcare, may need to ensure that Blob SAS URI usage is restricted due to security or regulatory concerns.
    2. Enterprises with complex networking setups or specific DNS requirements may need to configure SSIS IR Express with Virtual Network integration to use a custom DNS server for hostname resolution within the virtual network.

    Solution

    To solve the problem of configuring Azure Data Factory SSIS Integration Runtime (IR) Express with Virtual Network integration using a custom DNS instead of Blob SAS URI, we can follow these steps:

    1. Set up Virtual Network (VNet) and Custom DNS:
      1. Create a Virtual Network in Azure if not already created.
      2. Configure the Virtual Network to use your custom DNS server. This can be done by navigating to the Virtual Network settings in the Azure portal and updating the DNS server settings.
    2. Deploy SSIS IR Express with VNet Integration:
      1. Follow the standard procedure to deploy SSIS IR Express in your Azure Data Factory.
      2. During the deployment process, choose the option to integrate the SSIS IR with a Virtual Network.
    3. Private Endpoint for Azure Blob Storage (Optional): If Blob SAS URI usage is not compliant, consider setting up a Private Endpoint for Azure Blob Storage.
      1. Create a Private Endpoint for Azure Blob Storage within the same Virtual Network where SSIS IR Express is deployed.
      2. Associate the Private Endpoint with the Blob Storage account.
    4. Configure SSIS IR Express to Use Custom DNS:
      1. Once the SSIS IR Express is deployed within the Virtual Network, update its DNS settings to use the custom DNS server.
      2. This can be done by accessing the SSIS IR Express settings in the Azure portal and updating the DNS configuration to point to the custom DNS server.

    Finally

    1. Test DNS Resolution and Connectivity:
      1. Verify that SSIS IR Express can resolve hostnames using the custom DNS server within the Virtual Network.
      2. Test connectivity to Azure Blob Storage or any other resources that require DNS resolution to ensure that the custom DNS configuration is working as expected.
    2. Ensure Compliance:
      1. Review the compliance requirements of your organization or regulatory standards to ensure that the configuration meets the necessary security and compliance standards.
      2. Document the configuration and any compliance measures taken for auditing purposes.

    By following these steps, you can successfully configure Azure Data Factory SSIS IR Express with Virtual Network integration using a custom DNS instead of Blob SAS URI.

    This ensures secure and compliant access to resources within your Azure environment while meeting your organization's specific networking and compliance requirements.

    References

    Kindly read more information in additional resources provided by the right side of this page.

    I hope this is helpful! Do not hesitate to let me know if you have any other questions.

    Please remember to "Accept Answer" if answer helped, so that others in the community facing similar issues can easily find the solution.

    Best Regards,

    Sina Salam


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.