Implementing an Azure Data Solution (legacy) — Question 15

You have an enterprise-wide Azure Data Lake Storage Gen2 account. The data lake is accessible only through an Azure virtual network named VNET1.
You are building a SQL pool in Azure Synapse that will use data from the data lake.
Your company has a sales team. All the members of the sales team are in an Azure Active Directory group named Sales. POSIX controls are used to assign the
Sales group access to the files in the data lake.
You plan to load data to the SQL pool every hour.
You need to ensure that the SQL pool can load the sales data from the data lake.
Which three actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

Answer options

• A. Create a managed identity.
• B. Use the shared access signature (SAS) as the credentials for the data load process.
• C. Add the managed identity to the Sales group.
• D. Add your Azure Active Directory (Azure AD) account to the Sales group.
• E. Create a shared access signature (SAS).
• F. Use the managed identity as the credentials for the data load process.

Correct answer: A, C, D

Explanation

Creating a managed identity (A) allows the SQL pool to authenticate to Azure services securely. Adding the managed identity to the Sales group (C) grants it the necessary permissions to access the files in the data lake. Including your Azure AD account in the Sales group (D) ensures you have access for management purposes. The other options are not suitable as they either do not provide the required access or are unnecessary for this setup.