How to Use Azure Key Vault Secrets in Azure Data Factory for SQL Connection and Blob Connection- ADF Tutorial 2021

 Issue: How to Use Azure Key Vault Secrets in Azure Data Factory for SQL Connection and Blob Connection.


In this article, we are going to learn How to use Azure Key vault secrets in Azure Data Factory, for SQL connection and Blob connection, First of all, we learn how to create an Azure key vault.

How to Create Azure Key vault.

 Open the Azure portal and then go to the key vaults, you can find it at the search bar on the top of the Azure portal, then click on the + Create button to create a new Key Vault.


Select the Azure subscription, then select your resource group, provide a name to the key vault, select your region, select pricing tier, then click on Review + create and then click on create.


Once our key vault is created, now go to the storage account, then click on Access keys, then copy the connection string key.



Now go to our Azure key vault, then click on secrets, and then click on + Generate/Import. 


Select the upload option, then provide a name, then paste the access key which we copied from our storage account, and then click on create.


Next, we have to get the connection string from our Azure SQL database, so go to the resource group, then go to the server, then go to the database and then click on the connection strings under the security tab.


Copy the connection strings key, paste it to a notepad file, provide the password in the key, and then copy the key again.


Next, go to our Azure key vault, then click on Secrets under the security tab, and then click on + Generate/Import button.


Select the upload option, provide a name, paste the access key that we copied from our connection strings, and click on create.


Next, go to the SQL server and go to your SQL databases, then select your database and provide the username and password then connect, and then create a new table.


Then click on the Firewalls and virtual networks, then Allow Azure services and resources to access this server, and click on save.


Next, open your Azure data factory studio, then go to the author tab and then click on + button, and then click on the new pipeline.



Find and drag the copy data activity in the working window, then go to the source, then click on the +New button to create a new source dataset.


Select Azure SQL Database then click on continue.


Provide the name, then click on Azure Key vault, and then it will ask for the linked service, click on + New.


Then provide a name, then select your Azure subscription, then select the Azure key vault and then click on create.


Now go to the azure key vault, select Key permissions, select secret permissions, select the certificate permissions, select the Azure data factory as principal, and then click add.


Once we add the access key policy in the Aure key vault, go back to our linked service and now select the secret name, then test the connection and then click on create.


Then select the table name and click on ok.


Now our source dataset is completed and we need to create a sink dataset, that we can copy the data from our source, to create a sink dataset, go to the sink tab then click on the + New button.


Select Azure blob storage and click on continue.


 Click the CSV file format, then click on continue.


Then it will ask for the linked service, click on + New, then provide a name, then select Azure key vault, then select linked service which we created before, then select the secret name, then test the connection, and click on create.


Once our linked service is created select the container where we will copy our data and then click on ok.


In the sink dataset click on open and provide a name for our file.


As our pipeline is ready click on debug, and then your file/files will be copied.




Video Demo: How to Use Azure Key Vault Secrets in Azure Data Factory for SQL Connection and Blob Connection