How to identify if someone has disconnected AzureGit in Azure Synapse Analytics

Ajay Rana 20 Reputation points
2024-05-09T19:47:36.5066667+00:00

Someone has disconnected the AzureGit connection from Azure Synapse Analytics. Is there a way to figure out who has done that task or is there a way to restrict it ? or is there any way we can implement security so only selected people can connect/disconnect.

Azure Synapse Analytics
Azure Synapse Analytics
An Azure analytics service that brings together data integration, enterprise data warehousing, and big data analytics. Previously known as Azure SQL Data Warehouse.
4,483 questions
0 comments No comments
{count} votes

Accepted answer
  1. phemanth 6,810 Reputation points Microsoft Vendor
    2024-05-10T14:26:42.44+00:00

    @Ajay Rana

    Welcome to Microsoft Q&A forum and thanks for reaching out here.

    Unfortunately, Azure Synapse Analytics currently doesn't offer a granular permission specifically for disconnecting the Git repository or disabling source control options. Users with the necessary permissions to manage integrations (like Synapse Administrator or Data Engineer) will have the ability to disconnect the Git repository.

    Here are some alternative approaches to consider:

    1. Leverage Azure AD Groups:
    • Create separate Azure AD groups for users with different access levels.
    • Assign the Synapse Administrator role to a limited group who genuinely need to manage integrations.

    Assign other roles (like Data Engineer with restricted permissions) to groups with development needs but without the ability to disconnect Git.

    Implement Code Review Process:

    • Establish a code review process for changes made in the Git repository.
    • This can involve requiring approval from a designated reviewer before merging changes that might impact integrations.

    Utilize Infrastructure as Code (IaC):

    • Explore using IaC tools like Azure Resource Manager (ARM) templates to manage your Azure Synapse Workspace configuration, including Git integration settings.
    • This allows version control and approval workflows for infrastructure changes.

    Monitor Activity Logs Proactively:

    • Set up alerts on the Azure Data Factory Activity Log to notify you whenever there's an attempt to modify the Git configuration.
    • This provides a real-time notification for potential unauthorized changes.

    While there's no direct way to restrict disconnecting the Git repository itself, these strategies can help you implement access control and prevent accidental or unauthorized changes.

    Hope this helps. Do let us know if you any further queries.


    If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
  1. Amira Bedhiafi 16,306 Reputation points
    2024-05-09T21:58:42.76+00:00

    Based on this old thread :

    You should be able to see the user/caller who performed the operation from Azure Data Factory Activity log.

    1. Go to Activity log then click on Create or Update any Data Factory operation name.
    2. Then go to Change history (preview) where you can find the git repository details to confirm if that is the operation you are looking for.

    138230-image.png

    1. Once you make sure the operation that has removed Repository, you can see Initiated By section to see who had performed the operation.

    138334-image.png

    More Links :

    https://learn.microsoft.com/en-us/azure/synapse-analytics/cicd/source-control

    https://learn.microsoft.com/en-us/answers/questions/1035857/git-configuration-disconnected-azure