as part of our project we are linking an azure datafactory instance to azure git using the steps documented by microsoft. (https://docs.microsoft.com/en-us/azure/data-factory/source-control) We are hoping to restrict access as much possible to avoid user error. In keeping with that goal we are trying to determine if there is a way to configure the branch policies in azure git so that only the adf instance can update the adf_publish branch after a successful publish. No User should be able to update the adf_publish branch from the repo itself. In the past we configured the branch policy to disable any pushes to the adf_publish branch. However also this prevented the adf instance from pushing its changes. So we trying to determine if there is a possible solution to for this goal.
1 Answers
1
votes
I think this question is more about branch security rather than Azure Data Factory itself.
If you want to control or limit control for users - simply select a particular branch (in this case it's adf_publish) in Azure DevOps and go to Branch security:
Then you can set up required permissions per group or per user, like Contribute or Force Push:
