Share via

Azure Purview - Data access policy pre-requirements

Manuel Bustamante 42 Reputation points
2022-05-10T09:53:53.123+00:00

tutorial-data-owner-policies-storage

I have some questions concerning the pre-requirements mentioned in the link here above:

  1. Where can I see the storage account version (81.X.X)?

201091-capture2.png

  1. Does this mean that I cannot create Purview data policies for my existing storage accounts? Should I create a new one and move all my data to the new one? I have more than 50TB and several ADF/Synapse pipelines, without mentioning that my final users access to the storage account via serverless views. There is any method to activate this feature in old storage accounts? There is something in the roadmap concerning this?
Microsoft Purview
Microsoft Purview
A Microsoft data governance service that helps manage and govern on-premises, multicloud, and software-as-a-service data. Previously known as Azure Purview.
1,056 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. PRADEEPCHEEKATLA-MSFT 85,351 Reputation points Microsoft Employee
    2022-05-11T07:13:30.187+00:00

    Hello @Manuel Bustamante ,

    Thanks for the question and using MS Q&A platform.

    UPDATE: (06/07/2022): Here is the response from the product team: It applies to both Blob Storage and ADLS Gen2. The Storage team is completing the roll-out that removes this restriction in the next few days. A good portion of Storage tenants have already been completed and for those policies can be enforced in older Storage accounts.

    ----------------------------------------

    Regarding the storage account version, we are reaching out to the internal team to get more details on this.

    As per the repro from our end, you can create Purview data policies for my existing storage accounts.

    Here are the steps to create Purview data policies for my existing storage accounts:

    Currently, Microsoft Purview access policies can only be enforced in the following Azure Storage regions: (Which means the storage account should be in this region).

    • France Central
    • Canada Central
    • East US
    • East US2
    • South Central US
    • West US
    • West US2
    • North Europe
    • West Europe
    • UK South
    • Southeast Asia
    • Australia East

    Step1: Enable access policy enforcement for the Azure Storage account.

    If you’re executing these commands locally, be sure to run PowerShell as an administrator. Alternatively, you can use the Azure Cloud Shell in the Azure portal: https://shell.azure.com 

    # Install the Az module  
Install-Module -Name Az -Scope CurrentUser -Repository PSGallery -Force  
# Login into the subscription  
Connect-AzAccount -Subscription <SubscriptionID>  
# Register the feature  
Register-AzProviderFeature -FeatureName AllowPurviewPolicyEnforcement -ProviderNamespace Microsoft.Storage

    Step2: Go to the Data Map section => Sources => Registered data sources and Enable Data use management option as shown below:

    200836-purview-datauseenable.gif

    Step3: Go to the Data Policy and create a data policy as shown below:

    200884-purview-blobaccess.gif
    Hope this will help. Please let us know if any further queries.

    ------------------------------

    • Please don't forget to click on 130616-image.png or upvote 130671-image.png button whenever the information provided helps you. Original posters help the community find answers faster by identifying the correct answer. Here is how
    • Want a reminder to come back and check responses? Here is how to subscribe to a notification
    • If you are interested in joining the VM program and help shape the future of Q&A: Here is how you can be part of Q&A Volunteer Moderators