Azure data factory - how to pass SecureString to pipeline?

Jay V 1 Reputation point
2021-09-10T20:24:55.7+00:00

I use a Web activity to perform a Key Vault lookup in my Azure data factory pipeline. I need to pass down the output value of this activity into another pipeline, which will then consume the secret in one of its activities. I use Execute Pipeline activity to call the other pipeline. There is a parameter defined in the other pipeline to accept the secret as a SecureString. But there is no configuration available on the Execute Pipeline activity to set the type of the parameter that I pass in as a Secure String. I use '@activity(<web activity name>).output.value' as an Expression to pass in the value and this gets displayed in the monitor as the Inputs of the Execute Pipeline activity.

What is the correct way to pass in the parameter so that it remains secure?

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,127 questions
Azure Data Factory
Azure Data Factory
An Azure service for ingesting, preparing, and transforming data at scale.
9,609 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. ShaikMaheer-MSFT 37,896 Reputation points Microsoft Employee
    2021-09-13T07:52:26.663+00:00

    Hi @Jay V ,

    Welcome to Microsoft Q&A Platform. Thank you for posting your query here.

    You can declare your parameter in another pipeline as "SecureString" type. The string value will be masked with asterisks '*' during Get or List API calls.

    In below example "Pipeline4" has a parameter "Parameter1" which is "SecureString" type. and I am calling that Pipeline4 using Execute pipeline activity from another pipeline. You can see that at pipeline level your parameter value is masked in below image.

    131457-image.png

    Please let us know if this works or any further queries. Thank you.