Synapse Spark - Encryption, Decryption and Data Masking
As a data engineer, we often get requirements to encrypt, decrypt, mask, or anonymize certain columns of data in files sitting in the data lake when preparing and transforming data with Apache Spark. The extensibility feature of Spark allows us to leverage a library which is not native to Spark. One such library is Microsoft Presidio, which provides fast identification and anonymization modules for private entities in text such as credit card numbers, names, locations, social security numbers, bitcoin wallets, US phone numbers, financial data, and more. It facilitates both fully automated and semi-automated PII (Personal Identifiable Information) de-identification and anonymization flows on multiple platforms.Synapse Connectivity Series Part #2 - Inbound Synapse Private Endpoints
This blog article will feature Synapse Private Endpoint. The foundation of this article was based on a previous post - Azure SQL DB Private Link / Private Endpoint - Connectivity Troubleshooting) which I will go more in depth with Synapse specific features.
How to implement row-level security in serverless SQL pools
Row-level security enables you to configure your views to return different subsets of rows to the users with difference permissions. This way, the readers will get limited results based on their access rights or roles. Row-level security can be easily implemented in serverless SQL pools using the instructions in this post.How-To Deploy your Synapse Workspace Artifacts to a Managed VNET Synapse Workspace
This article will demonstrate how you can use the Synapse Workspace Deployment task in Azure DevOps to deploy your Synapse Workspace artifacts to a target Managed VNET Synapse Workspace that is configured to not allow public network access.Securing access to ADLS files using Synapse SQL permission model
Serverless Synapse SQL pool in Azure synapse analytics enables you to define permission rules that defines who can access some data sets on Azure storage. In this article you will see how to setup fine-grained security policy for SQL users that can access some parts of storage using workspace identity or SAS key. This is must-have setup for scenarios where SQL principals access data or serverless Synapse SQL pool access storage using Managed Identity or SAS token.
