Managed Identity Support for Azure SQL Database Import & Export services (preview)

Azure SQL Database Import and Export services now support user-assigned managed identities in public preview. This enhancement allows for passwordless import and export operations, eliminating the need for storage keys or SAS tokens. Users can opt for a single managed identity for both SQL and storage permissions. Alternatively, separate identities can be assigned for the Azure SQL logical server and the storage account for increased security and separation of duties. This feature simplifies and secures SQL migrations by integrating managed identity support into pipelines. It streamlines access management and reduces the risk of exposing sensitive information by granting permissions directly to the identity. The setup involves creating a user-assigned managed identity and attaching it to the Azure SQL logical server. Subsequently, the server's Microsoft Entra ID administrator must be set to the managed identity. Storage access is granted via roles like Storage Blob Data Reader or Contributor, ideally scoped to the specific container. Operations can be initiated through the Azure portal, REST APIs, Azure CLI, or PowerShell, passing the resource IDs of the managed identities.