Microsoft Azure Data Lake Storage Gen2 Sources > Before you begin > Create a connection
  

Create a connection

Before you configure the Microsoft Azure Data Lake Storage Gen2 catalog source, create a connection object in Administrator.
    1In Administrator, select Connections.
    2Click New Connection.
    3Enter the following connection details:
    Property
    Description
    Connection Name
    Name of the connection.
    Each connection name must be unique within the organization. Connection names can contain alphanumeric characters, spaces, and the following special characters: _ . + -,
    Maximum length is 255 characters.
    Description
    Description of the connection. Maximum length is 4000 characters.
    Use Secret Vault
    Stores sensitive credentials for this connection in the secrets manager that is configured for your organization.
    This property appears only if secrets manager is set up for your organization.
    When you enable the secret vault in the connection, you can select which credentials that the Secure Agent retrieves from the secrets manager. If you don't enable this option, the credentials are stored in the repository or on a local Secure Agent, depending on how your organization is configured.
    Note:
    If you’re using this connection to apply data access policies through pushdown or proxy services, you cannot use the Secret Vault configuration option.
    For information about how to configure and use a secrets manager, see Secrets manager configuration.
    Runtime Environment
    The name of the runtime environment where you want to run tasks.
    Select a Secure Agent, Hosted Agent, or serverless runtime environment.
    Do not use a Hosted Agent if you use the connection in mappings in advanced mode.
    Account Name
    Microsoft Azure Data Lake Storage Gen2 account name or the service name.
    File System Name
    The name of the file system in the Microsoft Azure Data Lake Storage Gen2 account.
    Directory Path
    The path of a directory without the file system name.
    You can select from the following directory structures:
    • - / for root directory
    • - /dir1
    • - dir1/dir2
    Default is /.
    4Select the authentication type to connect to Microsoft Azure Data Lake Storage Gen2 and enter the required properties. You can use the following authentication types:
    5Click Test Connection.

Service Principal Authentication

This authentication method uses the client ID, client secret, and tenant ID to connect to Microsoft Azure Data Lake Storage Gen2.
The following table describes the connection properties for the Service Principal Authentication type:
Property
Description
Client ID
The client ID of your application.
Specify the client ID for your application registered in the Azure Active Directory.
Client Secret
The client secret key generated for the client ID.
Specify the client secret key to complete the OAuth authentication in the Azure Active Directory.
Tenant ID
The directory ID of the Azure Active Directory.
Endpoint Suffix
The type of Microsoft Azure endpoints.
Select one of the following endpoints:
  • - core.windows.net. Connects to Azure endpoints.
  • - core.usgovcloudapi.net. Connects to US government Microsoft Azure Data Lake storage Gen2 endpoints.
  • - core.chinacloudapi.cn. Connects to Microsoft Azure Data Lake storage Gen2 endpoints in the China region.
Default is core.windows.net.
Note:
You cannot configure the Azure Government endpoints for mappings in advanced mode.

Shared Key Authentication

This authentication method uses the account key to connect to Microsoft Azure Data Lake Storage Gen2.
The following table describes the connection properties for the Shared Key Authentication type:
Property
Description
Account Key
The account key for the Microsoft Azure Data Lake Storage Gen2 account.
Endpoint Suffix
The type of Microsoft Azure endpoints.
Select one of the following endpoints:
  • - core.windows.net. Connects to Azure endpoints.
  • - core.usgovcloudapi.net. Connects to US government Microsoft Azure Data Lake storage Gen2 endpoints.
  • - core.chinacloudapi.cn. Connects to Microsoft Azure Data Lake storage Gen2 endpoints in the China region.
Default is core.windows.net.
Note:
You cannot configure the Azure Government endpoints for mappings in advanced mode.

Managed Identity Authentication

This authentication method uses the identities that are assigned to applications in Azure to access Azure resources in Microsoft Azure Data Lake Storage Gen2.
When you create a Microsoft Azure Data Lake Storage Gen2, select the Azure virtual machine on which you have installed the Secure Agent. If you enable system assigned identity, assign the required role or permissions to the Azure virtual machine to run the mappings and tasks. If you enable user assigned identity, assign the required role or permissions to the user assigned identity.
The following table describes the connection properties for the Managed Identity Authentication type:
Property
Description
Client ID
The client ID of your application.
To use managed identity authentication, specify the client ID for the user-assigned managed identity.
Leave the field blank in the following scenarios:
  • - If the permission is provided by system-assigned managed identity.
  • - If there is no system-assigned identity but only a single user-assigned managed identity.
Endpoint Suffix
The type of Microsoft Azure endpoints.
Select one of the following endpoints:
  • - core.windows.net. Connects to Azure endpoints.
  • - core.usgovcloudapi.net. Connects to US government Microsoft Azure Data Lake storage Gen2 endpoints.
  • - core.chinacloudapi.cn. Connects to Microsoft Azure Data Lake storage Gen2 endpoints in the China region.
Default is core.windows.net.
Note:
You cannot configure the Azure Government endpoints for mappings in advanced mode.