Publicly exposed ADLS on Private endpoint exposed Synapse

Rajaniesh Kaushikk 476 Reputation points
2023-09-13T02:38:25.15+00:00

Hi,

I have a synapse analytics workspace which is exposed via private endpoint and ADLS used while creating the workspace is also exposed via private endpoints now I have a requirement wherein I want to mount second ADLS which is not exposed via private endpoint to the same synapse analytics workspace. Can I do it. I have this requirement because Realtio SaaS can only dump the data into publicly exposed ADLS Gen 2. When I am trying to do it it threw this error:

Error code: OK Inner error code: PublicNetworkAccessDenied Message: The public network interface on this Workspace is not accessible. To connect to this Workspace, use the Private Endpoint from inside your virtual network or enable public network access for this workspace. Please see https://aka.ms/synapseIpFirewall to get more details.

Regards

Rajaniesh

Azure Data Lake Storage
Azure Data Lake Storage
An Azure service that provides an enterprise-wide hyper-scale repository for big data analytic workloads and is integrated with Azure Blob Storage.
1,474 questions
Azure Synapse Analytics
Azure Synapse Analytics
An Azure analytics service that brings together data integration, enterprise data warehousing, and big data analytics. Previously known as Azure SQL Data Warehouse.
4,928 questions
0 comments No comments
{count} votes

Accepted answer
  1. phemanth 10,635 Reputation points Microsoft Vendor
    2023-09-13T08:15:44.8566667+00:00

    @Rajaniesh Kaushikk

    Thanks for the question and using MS Q&A platform.

    It seems like you are trying to mount a second ADLS which is not exposed via private endpoint to the same Synapse Analytics workspace. However, the error message you received indicates that the public network interface on this workspace is not accessible. To connect to this workspace, you need to use the Private Endpoint from inside your virtual network or enable public network access for this workspace.

    Based on the error message, it seems like you have not enabled public network access for this workspace. If you want to mount a second ADLS which is not exposed via private endpoint to the same Synapse Analytics workspace, you need to enable public network access for this workspace.

    You can follow the steps mentioned in this document to enable public network access for your workspace: Azure Synapse Analytics IP firewall rules.

    Once you have enabled public network access, you should be able to mount the second ADLS to your Synapse Analytics workspace.

    As a best practice, the benefit of private endpoints is that it's no longer necessary to expose workspace endpoints to the public internet. The less exposure, the better.

    Diagram shows Workspace A with an Azure Private Link to Azure storage.

    For more details, refer to Azure Synapse Analytics security white paper: Network security and Understanding Azure Synapse Private Endpoints.

    Please let me know if you have any further questions or if there is anything else I can help you with.


    If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.