...
SYSM-388 - Evaluate security implications of ADLS Gen2 shortcuts in Fabric
Jira server Syensqo's Jira columnIds issuekey,summary,issuetype,created,updated,duedate,assignee,reporter,customfield_13736,priority,status,resolution columns key,summary,type,created,updated,due,assignee,reporter,Priority,priority,status,resolution serverId d8efc1ef-48bd-3b4e-8714-ad827f4f059b key SYSM-389
Shortcut-specific access model
...
Delegated shortcuts access data by using some intermediate credential, such as another user or an account key.
These shortcuts allow for permission management to be separated or 'delegated' to another team or downstream user to manage.
Delegated shortcuts always break the flow of security from one system to another.
...
Latency consideration
Latency view
| Dimension | What it means | Shortcut impact |
|---|---|---|
| Exposure latency | Time to make data available in Fabric | Low, because no ingestion copy is required. (Microsoft Learn) |
| First-read latency | Time for the first query/read to access ADLS data | Can be higher than fully ingested local data because Fabric still reads the external target. (Microsoft Learn) |
| Repeated-read latency | Time for subsequent reads of the same data | Often improved when cache is used. (Microsoft Learn) |
| Refresh latency | Delay before changes in ADLS are reflected | Depends on engine and cache refresh behavior; Spark intelligent cache automatically detects underlying file changes. (Microsoft Learn) |
Cache Solution for Shortcuts
Mecanism
Settings
| Info |
|---|
Shortcut caching currently supports Google Cloud Storage (GCS), S3, S3 compatible, and on-premises data gateway shortcuts. |
