Creating Ranger RAZ managed identity for RAZ-enabled Azure environment
In addition to creating the required managed identities, you should create an additional managed identity named Ranger RAZ for RAZ-enabled Azure environment. You can also optionally create a custom role that can be used instead of Storage Blob Data Owner.
You can create the required managed identities as described in Minimal setup for cloud storage, and then create the following managed identity to use RAZ in Azure environment.
|Managed identity||Managed identity is used for||Roles to assign to the managed identity|
Perform the following steps to create the Ranger RAZ managed
identity using Azure Portal:
- On Azure Portal, navigate to Managed Identities.
- Click +New.
- Select the Resource group used for CDP.
- Select your environment’s Region.
- Specify managed identity Name. For example, Ranger RAZ.
- Provide tags if required by your organization.
- Click Review + create.
Perform the following steps to assign the two roles to the Ranger
RAZ managed identity on the scope of the storage account created
- In your Azure Portal, navigate to the page.
- Click .
In the Add role assignment section, choose the
- Select Storage Blob Data Owner as Role.
- Select User assigned managed identity as Assign access to.
- Select the Ranger RAZ managed identity that you created earlier.
- Click Save.
- To assign the Storage Blob Delegator role to Ranger RAZ managed identity, repeat steps a through c.