Synapse - create managed private endpoint for storage account

Paolo Panvini 21 Reputation points
2022-01-19T11:05:46.92+00:00

Hello,

we have a pipeline in bicep which creates a Synapse workspace.

We would like to change it in order to automatize the creation of the managed private endpoint of the storage account and we followed the bicep API described here:

https://learn.microsoft.com/en-us/azure/templates/microsoft.synapse/2021-06-01/workspaces?tabs=bicep#datalakestorageaccountdetails

so in the property DataLakeStorageAccountDetails we added the flag createManagedPrivateEndpoint with value true and then we added the resourceId with the resource Id of the storage account.

The deploy doesn't work and it ends with the error: 

 [\r\n {\r\n \"code\": \"BadRequest\",\r\n \"message\": \"{\\r\\n \\\"error\\\": {\\r\\n \\\"code\\\": \\\"ValidationFailed\\\",\\r\\n \\\"message\\\": \\\"Workspace request validation failed, check error details for more information\\\",\\r\\n \\\"details\\\": [\\r\\n {\\r\\n \\\"code\\\": \\\"DefaultDataLakeStorageCannotBeUpdated\\\",\\r\\n \\\"message\\\": \\\"Default data lake storage cannot be updated. resourceId: /subscriptions/............, createManagedPrivateEndpoint: \\\"\\r\\n }\\r\\n ]\\r\\n }\\r\\n}\"\r\n }\r\n ]\r\n }\r\n ]\r\n }\r\n}"}]}}

Do you know the reason of this error?

Thank you

Regards

Azure Synapse Analytics
Azure Synapse Analytics
An Azure analytics service that brings together data integration, enterprise data warehousing, and big data analytics. Previously known as Azure SQL Data Warehouse.
4,335 questions
0 comments
Accepted answer
  1. ShaikMaheer-MSFT 37,816 Reputation points Microsoft Employee
    2022-01-20T15:00:03.863+00:00

    Hi @Paolo Panvini ,

    Thank you for posting query in Microsoft Q&A Platform.

    As per implementation, it seems data lake storage is already created and while deploying synapse workspace you are trying to update that existing data lake storage to have private end point. hence, we see error saying Data lake storage cannot be updated.

    Could you please consider having Private end point for your data lake storage while deploying Data lake storage itself? So that we can avoid this error.

    Please let us know how it goes. Thank you.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Paolo Panvini 21 Reputation points
    2022-02-01T16:43:17.02+00:00

    Hello @ShaikMaheer-MSFT

    As we saw that with the bicep API https://learn.microsoft.com/en-us/azure/templates/microsoft.synapse/2021-06-01/workspaces?tabs=bicep#datalakestorageaccountdetails there was a problem,
    we changed the deployment process and we used az cli for creating the managed private endpoint and to approve it on the storage account.