Quickstart: Share and receive Azure Storage data in-place with Microsoft Purview Data Sharing (preview)
This article provides a quick guide on how to share data and receive shares from Azure Data Lake Storage (ADLS Gen2) or Blob storage accounts.
Microsoft Purview prerequisites
- A Microsoft Purview account. You can also use two Microsoft Purview accounts, one for data provider and one for data consumer to test both scenarios.
- Your recipient's Azure sign-in email address that you can use to send the invitation to. The recipient's email alias won't work.
Azure Storage account prerequisites
Your Azure subscription must be registered for the AllowDataSharing preview feature. Follow the below steps using Azure portal or PowerShell.
- In Azure portal, select your Azure subscription that you'll use to create the source and target storage account.
- From the left menu, select Preview features under Settings.
- Select AllowDataSharing and Register.
- Refresh the Preview features screen to verify the State is Registered. It could take 15 minutes to 1 hour for registration to complete.
- In addition, to use data share for storage accounts in East US, East US2, North Europe, South central US, West Central US, West Europe, West US, West US2, West US3: Select AllowDataSharingInHeroRegion and Register
For more information, see Register preview feature.
The RegistrationState should be Registered. It could take 15 minutes to 1 hour for registration to complete. For more information, see Register preview feature.
The following are supported storage account configurations:
- Azure regions: Canada Central, Canada East, UK South, UK West, Australia East, Japan East, Korea South, and South Africa North
- Additional Azure Regions: East US, East US2, North Europe, Southcentral US, West Central US, West Europe, West US, West US2, West US3
- Performance: Standard
- Redundancy options: LRS
Source and target storage accounts created after the registration step is completed. Both storage accounts must be in the same Azure region as each other. Both storage accounts need to be ADLS Gen2 or Blob Storage accounts. Your storage accounts can be in a different Azure region from your Microsoft Purview account.
Latest version of the storage SDK, PowerShell, CLI and Azure Storage Explorer. Storage REST API version must be February 2020 or later.
The storage accounts need to be registered in the collections where you'll send or receive the share. If you're using one Microsoft Purview account, this can be two different collections, or the same collection. For instructions to register, see the ADLS Gen2 or Blob storage data source pages.
If the source or target storage accounts are in a different Azure subscription than the one for Microsoft Purview account, the Microsoft.Purview resource provider is automatically registered in the Azure subscription where the data store is located at the time of share provider adding an asset or share consumer mapping an asset and ONLY if the user has permission to do the /register/action operation for the resource provider. The permission is included in the Contributor and Owner roles.
This registration is only needed the first time when sharing or receiving data into a storage account in the Azure subscription.
Here are required roles for sharing data and receiving shares.
|Azure Storage account roles||Microsoft Purview collection roles|
|Data provider||One of the following roles:
|Data consumer||One of the following roles:
If you created the Microsoft Purview account, you're automatically assigned all the roles to the root collection. Refer to Microsoft Purview permissions to learn more about the Microsoft Purview collection and roles.
Create a share
There are two ways you can create a data share:
Create share from asset
You can create a share by starting from Data Catalog
Within the classic Microsoft Purview governance portal or the new Microsoft Purview portal, find the Azure Storage or Azure Data Lake Storage (ADLS) Gen 2 data asset you would like to share data from using either the data catalog search or browse.
Once you have found your data asset, select the Data Share button.
Select +New Share.
Follow the rest of the steps to create your data share.
Create share from application
If you're using the new Microsoft Purview experience You can create a share by starting from the Data Catalog.
Open the Microsoft Purview portal. Navigate to the Data Catalog application. Then select Shares from the left navigation. Select +New Share.
If you're using the classing Microsoft Purview experience You can create a share by starting from the Data Map.
Open the Microsoft Purview governance portal. Select the Data Map icon from the left navigation. Then select Shares. Select +New Share.
From either location, select the Storage account type and the Storage account you want to share data from. Then select Continue.
Follow the rest of the steps to create your data share.
Specify a name and a description of share contents (optional). Then select Continue.
Search for and add all the assets you'd like to share out at the container, folder, or file level, and then select Continue.
You can edit the display names the shared data will have, if you like. Then select Continue.
Select Add Recipient and select User or App.
To share data to a user, select User, then enter the Azure sign-in email address of who you want to share data with. By default, the option to enter email address of user is shown.
To to share data with a service principal, select App. Enter the object ID and tenant ID of the recipient you want to share data with.
Select Create and Share. Optionally, you can specify an Expiration date for when to terminate the share. You can share the same data with multiple recipients by selecting Add Recipient multiple times.
You've now created your share. The recipients of your share will receive an invitation and they can view the pending share in their Microsoft Purview account.
You can view your share invitations in any Microsoft Purview account. Open the Microsoft Purview governance portal by browsing directly to the classic portal or the new Microsoft Purview portal and selecting your Microsoft Purview account.
In the classic portal, select the Data Map icon from the left navigation. In the new portal, navigate to the Data Catalog application.
Select Share invites. If you received an email invitation, you can also select the View share invite link in the email to select a Microsoft Purview account.
If you're a guest user of a tenant, you'll be asked to verify your email address for the tenant before viewing share invitation for the first time. You can see our guide for steps. Once verified, it's valid for 12 months.
Alternately, within the Microsoft Purview portal, find the Azure Storage or Azure Data Lake Storage (ADLS) Gen 2 data asset you would like to receive the share into using either the data catalog search or browse. Select the Data Share button. You can see all the invitations in the Share invites tab.
Select name of the share to view or configure.
If you don't want to accept the invitation, select Delete.
If you delete an invitation, if you want to accept the share in future it will need to be resent. To deselect the share without deleting select the Cancel button instead.
You can edit the Received share name if you like. Then select a Storage account name for a target storage account in the same region as the source. You can choose to Register a new storage account to attach the share in the drop-down as well.
The target storage account needs to be in the same Azure region as the source storage account.
Configure the Path (either a new container name, or the name of an existing share container) and, New folder (a new folder name for the share within in your container).
Select Attach to target.
On the Manage data shares page, you'll see the new share with the status of Attaching until it has completed and is attached.
You can access shared data from the target storage account through Azure portal, Azure Storage Explorer, Azure Storage SDK, PowerShell or CLI. You can also analyze the shared data by connecting your storage account to Azure Synapse Analytics Spark or Databricks.
Clean up resources
To clean up the resources created for the quick start, follow the steps below:
- Within Microsoft Purview portal, delete the sent share.
- Also delete your received share.
- Once the shares are successfully deleted, delete the target container and folder Microsoft Purview created in your target storage account when you received shared data.
To troubleshoot issues with sharing data, refer to the troubleshooting section of the how to share data article. To troubleshoot issues with receiving share, refer to the troubleshooting section of the how to receive shared data article.