Update elastic query security notes in documentation #10268
Conversation
Clarify security concerns regarding SQL logins for elastic queries.
prmerger-automator
bot
requested review from
MashaMSFT,
WilliamDAssafMSFT,
bgavrilovicMS,
dzsquared and
rwestMSFT
|
@chassq : Thanks for your contribution! The author(s) and reviewer(s) have been notified to review your proposed change. |
There was a problem hiding this comment.
Pull request overview
This PR adds a security note to the Azure SQL Database elastic query documentation, clarifying that elastic queries only support SQL logins and highlighting the security implications of this limitation.
Changes:
- Added a new limitation bullet point regarding SQL login support and associated security concerns
|
|
||
| - Private links are currently not supported with elastic query for those databases that are targets of external data sources. | ||
|
|
||
| - Elastic queries only support SQL logins. This presents a security problem as SQL logins are not recommneded to be used as they require passwords to be stored and securly maintained in other resources. Until elastic queries support managed identity they are not recommended from a security perspective. |
There was a problem hiding this comment.
The sentence structure needs improvement. According to the Microsoft Writing Style Guide, sentences should be concise and clear. Consider breaking this long sentence into multiple sentences or restructuring it for better readability. Additionally, avoid phrases like "security problem" - use more specific, technical language such as "security concern" or "security limitation".
There was a problem hiding this comment.
This is neither a limitation nor concern. This is a problem. Plain and simple. It opens up the uninitiated to a security problem if they do not understand the implication of using SQL Logins. Elastic queries should only support Managed identity and not support SQL logins. However since that is not currently the case the problem should be clearly called out.
|
|
||
| - Private links are currently not supported with elastic query for those databases that are targets of external data sources. | ||
|
|
||
| - Elastic queries only support SQL logins. This presents a security problem as SQL logins are not recommneded to be used as they require passwords to be stored and securly maintained in other resources. Until elastic queries support managed identity they are not recommended from a security perspective. |
There was a problem hiding this comment.
Two spelling errors detected: "recommneded" should be "recommended" and "securly" should be "securely".
| - Elastic queries only support SQL logins. This presents a security problem as SQL logins are not recommneded to be used as they require passwords to be stored and securly maintained in other resources. Until elastic queries support managed identity they are not recommended from a security perspective. | |
| - Elastic queries only support SQL logins. This presents a security problem as SQL logins are not recommended to be used as they require passwords to be stored and securely maintained in other resources. Until elastic queries support managed identity they are not recommended from a security perspective. |
|
Learn Build status updates of commit ebae420: ✅ Validation status: passed
For more details, please refer to the build report. |
spelling correction Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
|
Learn Build status updates of commit d9f1f34: ✅ Validation status: passed
For more details, please refer to the build report. |
|
Can you review the proposed changes? IMPORTANT: When the changes are ready for publication, adding a #label:"aq-pr-triaged" |
prmerger-automator
bot
added
the
aq-pr-triaged
|
This PR requires a style pass to meet our documentation guidelines, which includes removing some of the wording. It may take several days to review. |
4 participants
Clarify security concerns regarding SQL logins for elastic queries.