Azure Active Directory (Azure AD)

Azure Active Directory is Microsoft’s cloud-based identity and access management (IAM) service. It helps you control who can access your Azure resources and what they’re allowed to do.

Key Features:

• User authentication: Sign in to Azure portals, apps, and services securely.
• Role-based access control (RBAC): Assign roles (like Reader, Contributor, Owner) to users, groups, or service principals to restrict access.
• Single Sign-On (SSO): Users sign in once and access multiple apps without logging in again.
• Application registration: Needed for apps or pipelines to securely interact with Azure services via tokens (e.g., ADF accessing Key Vault).

Real-World Usage in Data Engineering:

• Grant Data Factory access to Azure Storage using managed identity via Azure AD.
• Secure your Key Vault with access policies linked to AD users or services.
• Allow Databricks notebooks to read/write from secure sources by integrating with Azure AD.