How to enable Managed Identity for accessing an ADLS Gen2 storage?.

Hello Amit Puthenpura (Wipro Ltd)

To enable and use Managed Identity for Azure Data Lake Storage (ADLS) Gen2 instead of storage access keys:

1.Go to your resource>Under Identity, enable System-assigned managed identity or assign a User-assigned managed identity.

2.Grant the permission

• Go to your Azure portal and navigate to your storage account.
• In the left navigation, select "Access Control (IAM)".
• Click on "Add" > "Add role assignment".
• Choose the role you need (like Storage Blob Data Contributor or Storage Blob Data Owner) and select your managed identity in the member's section. Storage Blob Data Contributor
• Once done, click "Review + assign" to apply the permissions.

3.Depending on your environment, use the appropriate SDK to authenticate using Managed Identity.

4.When you configure your application to access the ADLS Gen2 storage, make sure to use the managed identity for authentication instead of using access keys. Your application will request access tokens from Azure AD using the managed identity, which is a secure way to authenticate without hard coding any secrets.

• Ensure that your VNet or other network rules allow communication between your application and the storage account if you’re working in a secured environment.

Refer: https://learn.microsoft.com/en-us/azure/storage/blobs/data-lake-storage-access-control-model#role-based-access-control-azure-rbac

I hope this helps! If these answers your query, do click the "Upvote" and click "Accept the answer" of which might be beneficial to other community members reading this thread.

If the above is unclear or you are unsure about something, please add a comment below.