@PRADEEPCHEEKATLA-MSFT Please read @Psychotechnopath 's response. We have the same issue on our end. Is this expected?
Deny public access for synapse studio
Hello, we have configured deny public access to our synapse workspace and pvt endpoints are configured and working properly. However, our synapse administrators are still able to access the studio from public network and able to view all the linked resources,tables, queries etc..
Is this an expected behavior? what error should pop up when tried accessing from public network?
3 answers
Sort by: Newest
-
-
Psychotechnopath 31 Reputation points
2022-12-01T15:13:50.453+00:00 I'm experiencing a similar issue. I think it has to do with git integration. When I have public network disabled and try to log in with the public endpoint, it still loads all the pipelines/linked service etc. from my Azure DevOps Repository. However, when I try to switch to live mode, i do get the 403 error you describe. Also, the SQL-pool & Spark pool remain unavailable. I don't understand why you would let people authenticate through the public endpoint when you have a workspace where public network access is disabled, and instead throw a 403.
Why was this design decision made? Isn't it possible to throw an error while trying to authenticate to a synapse workspace when public network is disabled? In this way it's very confusing because you are still able to access your synapse workspace through public network even though public network access is disabled. Only your workspace will not function properly.
Better would be to deny access alltogether which is what you would expect when you disable public network access.
Please let me know.
Kindest regards, Yme
-
PRADEEPCHEEKATLA-MSFT 79,381 Reputation points Microsoft Employee
2022-09-20T09:55:41.027+00:00 Hello @Mohammed Thahif BK ,
Thanks for the question and using MS Q&A platform.
When you say - However, our synapse administrators are still able to access the studio from public network and able to view all the linked resources,tables, queries etc..
As per repro from my end when I tried to access the workspace from the same browser - I'm able to still view all the datasets, linked resources tables and scripts so on.
Note: Please do try to access the synapse workspace from a different browser or incognitive mode which will throws 403 forbidden error message.
When you
disable
- Public network access to workspace endpoints. You will not allowed to login directly and you will be exepereiencing the below error message:Failed to load one or more resources due to forbidden issue, error code 403.
Hope this will help. Please let us know if any further queries.
------------------------------
- Please don't forget to click on or upvote button whenever the information provided helps you. Original posters help the community find answers faster by identifying the correct answer. Here is how
- Want a reminder to come back and check responses? Here is how to subscribe to a notification
- If you are interested in joining the VM program and help shape the future of Q&A: Here is jhow you can be part of Q&A Volunteer Moderators