Book Image

Azure Data Engineering Cookbook - Second Edition

By : Nagaraj Venkatesan, Ahmad Osama
Book Image

Azure Data Engineering Cookbook - Second Edition

By: Nagaraj Venkatesan, Ahmad Osama

Overview of this book

The famous quote 'Data is the new oil' seems more true every day as the key to most organizations' long-term success lies in extracting insights from raw data. One of the major challenges organizations face in leveraging value out of data is building performant data engineering pipelines for data visualization, ingestion, storage, and processing. This second edition of the immensely successful book by Ahmad Osama brings to you several recent enhancements in Azure data engineering and shares approximately 80 useful recipes covering common scenarios in building data engineering pipelines in Microsoft Azure. You’ll explore recipes from Azure Synapse Analytics workspaces Gen 2 and get to grips with Synapse Spark pools, SQL Serverless pools, Synapse integration pipelines, and Synapse data flows. You’ll also understand Synapse SQL Pool optimization techniques in this second edition. Besides Synapse enhancements, you’ll discover helpful tips on managing Azure SQL Database and learn about security, high availability, and performance monitoring. Finally, the book takes you through overall data engineering pipeline management, focusing on monitoring using Log Analytics and tracking data lineage using Azure Purview. By the end of this book, you’ll be able to build superior data engineering pipelines along with having an invaluable go-to guide.

Related Content you might be interested in

Current Title:

Small book image
Azure Data Engineering Cookbook - Second Edition
Nagaraj Venkatesan | Ahmad Osama
Sep, 2022 | 608 pages
Small book image
Limitless Analytics with Azure Synapse
Prashant Kumar Mishra
Jun, 2021 | 392 pages
Small book image
Azure Data Factory Cookbook
Dmitry Anoshin | Xenia Ireton | Tonya Chernyshova | Dmitry Foshin
Feb, 2024 | 532 pages
Small book image
Cloud Scale Analytics with Azure Data Services.
Patrik Borosch
Jul, 2021 | 520 pages
Table of Contents (16 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Sections
Get in touch
Share your thoughts
1
Chapter 1: Creating and Managing Data in Azure Data Lake
Chapter 1: Creating and Managing Data in Azure Data Lake
Technical requirements
Provisioning an Azure storage account using the Azure portal
Provisioning an Azure storage account using PowerShell
Creating containers and uploading files to Azure Blob storage using PowerShell
Managing blobs in Azure Storage using PowerShell
Configuring blob lifecycle management for blob objects using the Azure portal
Free Chapter
2
Chapter 2: Securing and Monitoring Data in Azure Data Lake
Chapter 2: Securing and Monitoring Data in Azure Data Lake
Configuring a firewall for an Azure Data Lake account using the Azure portal
Configuring virtual networks for an Azure Data Lake account using the Azure portal
Configuring private links for an Azure Data Lake account
Configuring encryption using Azure Key Vault for Azure Data Lake
Accessing Blob storage accounts using managed identities
Creating an alert to monitor an Azure storage account
Securing an Azure storage account with SAS using PowerShell
3
Chapter 3: Building Data Ingestion Pipelines Using Azure Data Factory
Chapter 3: Building Data Ingestion Pipelines Using Azure Data Factory
Technical requirements
Provisioning Azure Data Factory
Copying files to a database from a data lake using a control flow and copy activity
Triggering a pipeline in Azure Data Factory
Copying data from a SQL Server virtual machine to a data lake using the Copy data wizard
4
Chapter 4: Azure Data Factory Integration Runtime
Chapter 4: Azure Data Factory Integration Runtime
Technical requirements
Configuring a self-hosted IR
Configuring a shared self-hosted IR
Configuring high availability for a self-hosted IR
Patching a self-hosted IR
Migrating an SSIS package to Azure Data Factory
5
Chapter 5: Configuring and Securing Azure SQL Database
Chapter 5: Configuring and Securing Azure SQL Database
Technical requirements
Provisioning and connecting to an Azure SQL database using PowerShell
Implementing an Azure SQL Database elastic pool using PowerShell
Configuring a virtual network and private endpoints for Azure SQL Database
Configuring Azure Key Vault for Azure SQL Database
Provisioning and configuring a wake-up script for a serverless SQL database
Configuring the Hyperscale tier of Azure SQL Database
6
Chapter 6: Implementing High Availability and Monitoring in Azure SQL Database
Chapter 6: Implementing High Availability and Monitoring in Azure SQL Database
Implementing active geo-replication for an Azure SQL database using PowerShell
Implementing an auto-failover group for an Azure SQL database using PowerShell
Configuring high availability to the Hyperscale tier of Azure SQL Database
Implementing vertical scaling for an Azure SQL database using PowerShell
Monitoring an Azure SQL database using the Azure portal
Configuring auditing for Azure SQL Database
7
Chapter 7: Processing Data Using Azure Databricks
Chapter 7: Processing Data Using Azure Databricks
Technical requirements
Configuring the Azure Databricks environment
Integrating Databricks with Azure Key Vault
Mounting an Azure Data Lake container in Databricks
Processing data using notebooks
Scheduling notebooks using job clusters
Working with Delta Lake tables
Connecting a Databricks Delta Lake table to Power BI
8
Chapter 8: Processing Data Using Azure Synapse Analytics
Chapter 8: Processing Data Using Azure Synapse Analytics
Technical requirements
Provisioning an Azure Synapse Analytics workspace
Analyzing data using serverless SQL pool
Provisioning and configuring Spark pools
Processing data using Spark pools and a lake database
Querying the data in a lake database from serverless SQL pool
Scheduling notebooks to process data incrementally
Visualizing data using Power BI by connecting to serverless SQL pool
9
Chapter 9: Transforming Data Using Azure Synapse Dataflows
Chapter 9: Transforming Data Using Azure Synapse Dataflows
Technical requirements
Copying data using a Synapse data flow
Performing data transformation using activities such as join, sort, and filter
Monitoring data flows and pipelines
Configuring partitions to optimize data flows
Parameterizing Synapse data flows
Handling schema changes dynamically in data flows using schema drift
10
Chapter 10: Building the Serving Layer in Azure Synapse SQL Pool
Chapter 10: Building the Serving Layer in Azure Synapse SQL Pool
Technical requirements
Loading data into dedicated SQL pools using PolyBase and T-SQL
Loading data into a dedicated SQL pool using COPY INTO
Creating distributed tables and modifying table distribution
Creating statistics and automating the update of statistics
Creating partitions and archiving data using partitioned tables
Implementing workload management in an Azure Synapse dedicated SQL pool
Creating workload groups for advanced workload management
11
Chapter 11: Monitoring Synapse SQL and Spark Pools
Chapter 11: Monitoring Synapse SQL and Spark Pools
Technical requirements
Configuring a Log Analytics workspace for Synapse SQL pools
Configuring a Log Analytics workspace for Synapse Spark pools
Using Kusto queries to monitor SQL and Spark pools
Creating workbooks in a Log Analytics workspace to visualize monitoring data
Monitoring table distribution, data skew, and index health using Synapse DMVs
Building monitoring dashboards for Synapse with Azure Monitor
12
Chapter 12: Optimizing and Maintaining Synapse SQL and Spark Pools
Chapter 12: Optimizing and Maintaining Synapse SQL and Spark Pools
Technical requirements
Analyzing a query plan and fixing table distribution
Monitoring and rebuilding a replication table cache
Configuring result set caching in Azure Synapse dedicated SQL pool
Configuring longer backup retention for a Synapse SQL database
Auto pausing Synapse dedicated SQL pool
Optimizing Delta tables in a Synapse Spark pool lake database
Optimizing query performance in Synapse Spark pools
13
Chapter 13: Monitoring and Maintaining Azure Data Engineering Pipelines
Chapter 13: Monitoring and Maintaining Azure Data Engineering Pipelines
Technical requirements
Monitoring Synapse integration pipelines using Log Analytics and workbooks
Tracing SQL queries for dedicated SQL pool to Synapse integration pipelines
Provisioning a Microsoft Purview account and creating a data catalog
Integrating a Synapse workspace with Microsoft Purview and tracking data lineage
Applying Azure tags using PowerShell to multiple Azure resources
14
Index
Index
Why subscribe?
15
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share your thoughts

Configuring encryption using Azure Key Vault for Azure Data Lake

In this recipe, we will create a key vault and use it to encrypt an Azure Data Lake account.

Azure Data Lake accounts are encrypted at rest by default using Azure managed keys. However, you have the option of bringing your own key to encrypt an Azure Data Lake account. Using your own key gives better control over encryption.

Getting ready

Before you start, perform the following steps:

  1. Open a web browser and go to the Azure portal at https://portal.azure.com.
  2. Make sure that you have an existing storage account. If not, create one using the Provisioning an Azure storage account using the Azure portal recipe in Chapter 1, Creating and Managing Data in Azure Data Lake.

How to do it…

Perform the following steps to add encryption to a Data Lake account using Azure Key Vault:

  1. Log in to portal.azure.com, click on Create a resource, search for Key Vault, and click on Create. Provide the key vault details, as shown in the following screenshot. Click on Review + Create:
Figure 2.16 – Creating an Azure key vault

Figure 2.16 – Creating an Azure key vault

  1. Go to the storage account to be encrypted. Search for Encryption on the left. Click on Encryption and select Customer-managed keys as the Encryption type. Click on Select a key vault and key at the bottom:
Figure 2.17 – Encrypting using customer-managed keys

Figure 2.17 – Encrypting using customer-managed keys

  1. On the new screen, Select a key, select Key vault as Key store type and select the newly created PacktAdeKeyVault as Key vault. Click on Create new key, as shown in the following screenshot:
Figure 2.18 – Selecting Key Vault

Figure 2.18 – Selecting Key Vault

  1. Provide a name for the key to be used for encryption of the storage account. The default option, Generate, ensures that the key is generated automatically. Click on Create:
Figure 2.19 – Creating a key

Figure 2.19 – Creating a key

  1. Once the key is created, the screen automatically moves to the key vault selection page in the Blob storage, and the newly created key is selected as the key. Click on Select:
Figure 2.20 – Selecting the key

Figure 2.20 – Selecting the key

  1. The screen moves to the encryption page on the Blob storage page. Click on Save to complete the encryption configuration.

How it works…

As the newly created key vault has been set for encryption on an Azure Data Lake account, all Data Lake operations (read, write, and metadata) will use the key from Key Vault to encrypt and decrypt the data in Data Lake. The encryption and decryption operations are fully transparent and have no impact on users' operations.

The Data Lake account automatically gets permissions on the key vault to extract the key and perform encryption on data. You can verify this by opening the key vault in the Azure portal and clicking on Access Policies. Note that the storage account has been granted Get, wrap, and unwrap permissions on the keys, as shown in the next screenshot:

Figure 2.21 – Storage account permissions in Key Vault

Figure 2.21 – Storage account permissions in Key Vault

Previous Section
End of Section 5
Next Section