Azure Storage v2 ACL management using Azure DevOps

We all know that doing manual work takes a lot of time and effort. But when we automate that same work the time used in the work manually becomes much less and we get our results fast. So this is what we have done here we have automated the work of assigning roles to users, groups, or members.  The roles assigned are ACL in Azure which is assigned to General Purpose V2 Storage Account.

We turned to Azure DevOps CD pipelines which help organizations to turn their manual work into automation and help them to increase productivity and reduce the consumption of time. To use this tool we worked alongside Azure Data Lake Storage which provides you with a modern solution for data storage in the cloud and is used for Big Data Analytics, General Purpose V2 Storage Account which delivers the lowest per-gigabyte capacity prices for Azure Storage as well as industry-competitive transaction prices and how to use ACL in Azure Data Lake Storage Gen2  which is Access Control Lists is set at the container or folder level and applies explicitly to the folder where ACL is set.

By using Azure DevOps CD pipelines we obtained time reduction and productivity improvement. CD pipelines use Azure Data Lake Storage and ACL in Azure Data Lake Storage Gen2 by assigning roles like an owner, reader, etc. to the storage account because if you are willing to change the role then you don’t need to do it you can do it by using Azure DevOps CD pipelines which helps to reduce the cost and increase your productivity surely.

Azure provides you with a vast number of services where you can do your work efficiently and easily but the whole work is a manual process and we know that manual process takes a lot of time and energy. We were always using the Azure Cloud development for better usage but we need to improve our productivity so we made a governance framework where the whole manual process can be turned into automation and it will be easier for the end user or developer to use that service.

We were always using Azure services as on-premises servers and networks, controlling access but we need to turn this into a less time-consuming process that we got from Azure DevOps CD pipelines.

When we started working on Azure DevOps CD pipelines we observe a tremendous reduction in time and how it increased our productivity in a way we never thought. To generate a final pipeline where the end user needs to write the name of the role, object ID, the operation you want to do like-create or update and delete, permissions you want to assign, storage account name, container name, name of the file and folder where you want to assign the permissions. This approach helped developers by avoiding them to use the Azure Portal again and again if an individual wants to assign a specific role to a user, group, or member they can assign it directly by just filling in the relevant information.

You can change the roles as well you don’t need to delete it manually from the Azure Portal you can do it directly which is time-saving. Here an individual who has to assign roles can manage his/her work easily without the long manual process.

Updating, creating, or deleting the roles through the pipeline will give you frequent results in terms of productivity and time reduction.

We have used the best practices of  Azure DevOps CD pipelines to give the best results to the end users.

Azure DevOps gives you the best services when it comes to automation we tried to make the best use of it according to the requirements.

This automation will also help in the coming future of all the developers and DevOps engineers by consuming less of their time and they can create, update or delete the roles of an individual they want.

Using Azure DevOps we were able to create a CD pipeline because Azure DevOps provides you with all the functionality and best services. It made the automation work so simple and easy for the DevOps industry. It has also realized additional benefits.

There is less time wasted on assigning roles and if you want to update them for someone you can easily delete, update or create them through the pipeline.

Migrating to automation through Azure DevOps has not just reduced the load of manual work but also increased productivity and saved the cost as well.

After experiencing the productivity-enhancing and time-reduction results of using the Azure DevOps and Azure Data Lake Storage Gen2 together, we recommend the solution to any developer or DevOps engineer seeking better productivity in its storage account. By using the ACL features assigned to Data Lake Storage Gen2 that Azure DevOps automates, you’re going to save time and will observe improvement in productivity.

1. Enhance productivity and streamline processes.

2. Fast application deployments

3. Increased the experience of end-user and customer improvement

4. Fast access

5. Saves time and money

6. Expend less manual effort

7. Assigning roles gives correct user correct permissions

8. Creating, updating, and Deleting a role is easy through Pipeline.

9. You can change the role of a user whenever you want

Microsoft Azure is Software as a Service (SAAS) platform which provides a complete DevOps tool for the creation and deployment of software. It’s the best choice for using DevOps services and can be integrated with the majority of the top tools in the market.

Azure Data Lake Storage Gen2 is a data storage used for Big Data Analytics. It is quite simple each data lake service underneath has always a container and this container is also called a file system just like any file system it has folders and files in it. On each data lake, you can have multiple containers or multiple filesystems containing any structure of files and folders s you wished to have.

ACL which is Access Control Lists is set at the container or folder level and applies explicitly to the folder where ACL is set.

We can associate a security principal ( a security principal is basically an object which represents a group, user, managed identity, or service principal that wants to access Azure resources. Any roles can be assigned to these security principals) with an access level for files and folders or directories. Each association we do is captured as an entry in an ACL. In our storage account, each file and directory has access control lists. When a security principal tries an operation on a file or directory, an ACL checks whether that security principal has the correct permission level to perform the operation.