Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEATURE]: Assign appropriate permission to UCX created access connectors #1383

Closed
1 task done
JCZuurmond opened this issue Apr 12, 2024 · 0 comments · Fixed by #1425
Closed
1 task done

[FEATURE]: Assign appropriate permission to UCX created access connectors #1383

JCZuurmond opened this issue Apr 12, 2024 · 0 comments · Fixed by #1425
Labels
enhancement New feature or request needs-triage

Comments

@JCZuurmond
Copy link
Contributor

Is there an existing issue for this?

  • I have searched the existing issues

Problem statement

In #888 we create managed access connectors to replace service principals. The access connectors need the right permissions. This issue covers creating those permissions

Proposed Solution

  1. Get permissions from service principals
  2. Set same permissions on the access connectors.

Additional Context

No response
@JCZuurmond JCZuurmond added enhancement New feature or request needs-triage labels Apr 12, 2024
This was referenced Apr 12, 2024
Closed
Merged
@nfx nfx closed this as completed in #1425 Apr 17, 2024
nfx pushed a commit that referenced this issue Apr 17, 2024
@JCZuurmond
Give all access connectors Storage Blob Data Contributor role (#1425)
38e84e5 
## Changes
Give all access connectors STORAGE_BLOB_DATA_CONTRIBUTOR access.

More fine-grained access is configured within unity catalog. We give all
access connectors (one for each storage account) the highest data
access, i.e. data contributor.

### Linked issues

Resolves #1383

### Functionality 

- [ ] added relevant user documentation
- [ ] added new CLI command
- [x] modified existing command: `databricks labs ucx ...`
- [ ] added a new workflow
- [ ] modified existing workflow: `...`
- [ ] added a new table
- [ ] modified existing table: `...`

### Tests
<!-- How is this tested? Please see the checklist below and also
describe any other relevant tests -->

- [x] manually tested
- [x] added unit tests
- [ ] added integration tests
- [ ] verified on staging environment (screenshot attached)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request needs-triage
Projects
UCX (roadmap)
Archived in project
UCX (weekly)
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Give all access connectors Storage Blob Data Contributor role databrickslabs/ucx
1 participant
@JCZuurmond