Content Comparison

...

Azure Storage - Key Vault

1. Azure Key Vault is a clou dservice cloud service for securely storing and accessing secrets. It contains :

   1. 1 TOKEN for Azure Data Factory (ADF) : ADF accesses Key Vault via RBAC Permissions (Role-Based Access Control)

   2. OR 1 SAS TOKEN for AzCopy Utility : PowerShell accesses Key Vault via a Service Principal

$SecureStringPwd = $sp.PasswordCredentials.SecretText | ConvertTo-SecureString -AsPlainText -Force
$pscredential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $sp.AppId, $SecureStringPwd
Connect-AzAccount -ServicePrincipal -Credential $pscredential -Tenant $tenantId

...

2. Retrieve Token from Azure Key Vault :

   1. ADF via Key Vault Reader & Key Vault Secrets User permissions can retrieve the Token

   2. PowerShell via the Service Pirncipal can retrieve the SAS Token

3. Access the Storage Account (Blob Storage)

Azure AI Search - Key filter (document-level security) & Key Vault for encrypted objects & information, API Keys & RBAC for Service Ppal

...