Thank you for your feedback! We will evaluate this as part of our product roadmap.
We’re addressing this need with “Service Tags” which allow network security group rules to refer to Azure services such as “Storage” or “Sql” and the list of IP addresses is maintained transparently by the Azure platform. See here for more information: https://docs.microsoft.com/en-us/azure/virtual-network/security-overview#service-tags
We’ll be adding tags for additional Azure services over time.
To clarify this ask, are you wanting a way to unlock a user’s account from the AAD admin portal?
Sadie Henry (sahenry)
We are very excited to announce the public preview of Azure Data Factory Managed Virtual Network.
With this new feature, you can provision the Azure Integration Runtime in Managed Virtual Network and leverage Private Endpoints to securely connect to supported data stores. Your data traffic between Azure Data Factory Managed Virtual Network and data stores goes through Azure Private Link which provides secured connectivity and eliminate your data exposure to the public internet. With the Managed Virtual Network along with Private Endpoints, you can also offload the burden of managing virtual network to Azure Data Factory and protect against the data exfiltration.
To learn more about Azure Data Factory Managed Virtual Network, see https://azure.microsoft.com/blog/azure-data-factory-managed-virtual-network/
An error occurred while saving the commentJonathan Basys commented
@Eugen excellent answer, does the job - thanks!
Thank you for your suggestion, we are planning to offer this feature.
Great news – static IP range for Azure Integration Runtime is now available in all ADF regions! You can whitelist specific IP ranges for ADF as part of firewall rules. The IPs are documented here: https://docs.microsoft.com/en-us/azure/data-factory/azure-integration-runtime-ip-addresses#azure-integration-runtime-ip-addresses-specific-regions. Static IP ranges for gov cloud and China cloud will be published soon!
Please refer to this blog post on how you can use various mechanisms including trusted Azure service and static IP to secure data access through ADF:
Service tag support will be made available in next few weeks. Please stay tuned!
If your network security requirement calls for ADF support for VNet and cannot be met using Trusted Azure service (released in Oct 2019), static IP range (released in Jan 2020), or service tag (upcoming), please vote for VNet feature here: https://feedback.azure.com/forums/270578-data-factory/suggestions/37105363-data-factory-should-be-able-to-use-vnet-without-re
This is a great idea that we are continuing to review.