created blog post for azure purview #20
Conversation
source/_posts/azure-purview.md
Outdated
|
|
||
| # How does Azure Purview work? | ||
|
|
||
| It all starts with the data. Organisations can have many different data assets like files, tables,reports and databases. These data sources can exist across different environments, like in the public cloud, on-premise, and SaaS environments. Azure Purview even supports multi-cloud. Because of this support, you do not have to move data from on-premise or other cloud providers to Azure: everything you want to scan can stay where it is. |
There was a problem hiding this comment.
like >> such as
tables,reports >> tables, reports (whitespace)
"These data sources can exist across different environments, like in the public cloud, on-premise, and SaaS environments." Did you mean platforms? When I read environments, I think dev/test/acc/prod. In that case, I suggest >> These data sources can exist across different platforms, such as the public cloud, on-premise, and SaaS platforms.
source/_posts/azure-purview.md
Outdated
|
|
||
| <img src="/images/azure-purview/business-context.png" /> | ||
|
|
||
| In the example you can see that you can expand on the data within your organistation by adding descriptions and context to them. This allows an organisation to define any domain knowledge or business context to their data users in a clear way. |
There was a problem hiding this comment.
In the example you can see that you can expand on >> In this example, you will note that you can expand
define any domain knowledge or business context to their data users in a clear way. >> clearly define any domain knowledge or business context to their data users.
There was a problem hiding this comment.
Also think about organization (American English) vs. organisation (British English). I think we use American English on the blog?
source/_posts/azure-purview.md
Outdated
|
|
||
| Secondly, Classification is another important part of Azure Purview. It's important for an organisation to be compliant with rules and regulations like GDPR. Azure Purview helps with this by classifying data fields. It uses AI to see what a field contains, and classifies it accordingly. With this knowledge, you know where within your company your sensitive data resides. | ||
|
|
||
| Last but not least, Azure Purview offers Data Lineage. Data Lineage lets you see where your data comes from and where you're data is going to. The image below shows the flow of data from the salesOrderHeader table to different areas within the organisation. Some operations are applied to the data, which is then transformed and shown in PowerBI. |
There was a problem hiding this comment.
consider writing it as data lineage instead (per https://docs.microsoft.com/en-us/azure/purview/concept-data-lineage Microsoft does not capitalize it)
comes from >> originates
you're >> your
going to >> headed
consider adding markup to salesOrderHeader (code block?)
source/_posts/azure-purview.md
Outdated
| - What are all the different tables and fields in the database? | ||
| - Where is any sensitive data? | ||
|
|
||
| # How does Azure Purview work? |
There was a problem hiding this comment.
How does Azure Purview work? >> How Does Azure Purview Work? (recommend using title case for all headers)
source/_posts/azure-purview.md
Outdated
|
|
||
| But, knowing that Azure Purview focuses on doing scans, platform size might have to do with scanning frequency and the number of scans you can perform. | ||
|
|
||
| Under the **catalog** category, there are two options (which are greyed out due to it being in preview). Here you can select which one is relevant for your implementation. The two options as of writing this blog are: |
There was a problem hiding this comment.
here you add markup for catalog, check that you apply this markup consistently for similar terms
greyed out >> grayed out (if using American spelling)
source/_posts/azure-purview.md
Outdated
|
|
||
| The data that has to be filled in is pretty straightforward. Under the credentials, we can select how we want to connect to it. When setting it up for the Purview MSI, it requires extensive permissions to a point where you have to give it database owner permission on the database. This gives it full access to the database. | ||
|
|
||
| If this is something that you dont want, you can create a new managed identity. |
There was a problem hiding this comment.
Maybe add your advice here. To me, full database owner permission seems like a terrible idea. Set the standard ;)
source/_posts/azure-purview.md
Outdated
|
|
||
| If this is something that you dont want, you can create a new managed identity. | ||
|
|
||
| To create a new managed identity, it requires a name, what kind of authentication method it should use (we selected SQL authentication). No matter what method you use, it will require you to use Azure Keyvault credentials which make sure you don’t hardcode the password anywhere. This is a very nice security feature they included. |
There was a problem hiding this comment.
To create a new managed identity, it requires a name, what kind of authentication method it should use (we selected SQL authentication) >> Creating a new managed identity will require a name and an authentication method (in the example, SQL authentication was used)
you use >> you choose
Keyvault >> Key Vault
which make sure you don’t hardcode the password anywhere >> (don't hardcode this!) -- or rewrite in some other way
very nice >> convenient
Created my blog post about Azure Purview.