Share via

Service principal best practices

Chand, Anupam SBOBNG-ITA/RX 466 Reputation points
2021-10-26T15:28:18.677+00:00

We are attempting to connect our databricks cluster to Azure SQL Paas using service principal as documented HERE. I wanted to check what is the best practice to create a service principal for our cluster. We already have an existing service principal which we are using to connect to our Azure data lake. The SQL is within the same tenant as the databricks and data lake.

  • Is it a best practice to reuse the existing service principal to access SQL? This would in turn decrease the operation overhead to manage the credentials.
  • Or should we create a new service principal to access SQL?
Microsoft Security | Microsoft Entra | Microsoft Entra ID

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Siva-kumar-selvaraj 15,721 Reputation points
    2021-10-27T19:35:58.447+00:00

    Hello @Chand, Anupam SBOBNG-ITA/RX ,

    Thanks for reaching out.

    You can use same or have different Service principal for accessing Azure resources in general but we recommend following best practices highlighted here and general guidance about Securing service principals also more importantly [monitor service principal sign-ins][3] which enables you to assess whether and how you need to respond to potential issues such as unauthorized access.

    Hope this helps.

    ------
    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    [3] : https://learn.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-sign-ins

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.