Home » Microsoft » DP-201 v.2 » What should you recommend?
You are designing an Azure Synapse solution that will provide a query interface for the data stored in an Azure Storage account. The storage account is only accessible from a virtual network.
You need to recommend an authentication mechanism to ensure that the solution can access the source data.
What should you recommend?
A. a shared key
B. an Azure Active Directory (Azure AD) service principal
C. a shared access signature (SAS)
D. anonymous public read access
Correct Answer: B
Explanation/Reference:
Explanation:
Managed Identity authentication is required when your storage account is attached to a VNet.
Regardless of the type of identity chosen a managed identity is a service principal of a special type that may only be used with Azure resources.
Note: An Azure service principal is an identity created for use with applications, hosted services, and automated tools to access Azure resources.
Reference:
https://docs.microsoft.com/en-us/azure/synapse-analytics/sql-data-warehouse/quickstart-bulk-load-copy-tsql-examples
https://docs.microsoft.com/en-us/powershell/azure/create-azure-service-principal-azureps