Prerequisites

Alation Cloud Service Applies to Alation Cloud Service instances of Alation

Customer Managed Applies to customer-managed instances of Alation

Before installing and configuring the Azure Data Factory OCF connector, ensure that you configure the network connectivity, set up the service account, and your Azure account for authentication.

To obtain the access token necessary for accessing the Azure API, ensure the following properties are set up for authentication:

  • Client ID

  • Client Secret

  • Grant Type

  • Resource Group Name

  • Subscription ID

  • Scope

  • Tenant ID

Create a Service Account

Create a service account for Azure Data Factory that can be used by Alation to authenticate the server. The service account helps in registering an OAuth client and obtaining the client credentials containing a client ID and a client secret key. This used to authenticate with Azure data factory Rest API.

Register an Application with Microsoft Entra ID

You need to register an application to get a client ID and secret. Then, add a scope and assign a contributor role for the application.

Obtain Client ID

  1. Log on to the Azure portal as an administrator.

  2. Go to Microsoft Entra ID > App registration > New Registration.

  3. Enter name for an application.

  4. Register the application.

Note

From the Overview section, copy and keep the client ID for future use.

Obtain Client Secret

  1. Open the application that you created in the previous steps.

  2. On the left pane, open the Manage section.

  3. Navigate to Certificates & secrets > New client secret.

  4. Enter a description and an expiry date.

Note

Copy and keep the client secret for future use.

Add Scope to the Registered Application

  1. Open the application that you created in the previous steps.

  2. On the left pane, open the Manage section.

  3. Select Expose an API and click Add Scope.

  4. Follow the on-screen instructions and select who can consent as Admin & User.

  5. Set the scope to Files and Read.

Assign a Contributor Role to the Registered Client

  1. In Azure portal, navigate to Azure Data Factory.

  2. On the left pane, navigate to Access Control (IAM) > Role Assignment > Add.

  3. Select a role for Contributor and click Next.

  4. On the Add role assignment screen, click on Add member.

  5. Search for and Select the Azure application that you created during app registration.

Permissions for Metadata Extraction

The minimum permission required for metadata extraction (MDE) is to have a read access to the files.