Closed bh3r1th closed 4 months ago
Thanks for the question! We will review and get back to you shortly.
BTW, I created new Synapse workspace in managed virtual network but without data exfiltration protection. In that new workspace, I'm able to create linked service for SQL managed instance.
One of the downsides of managed instances is that they loose some of the integration options between services. In this way it behaves closer to SQL Server running on a VM than it does Azure SQL.
The instructions for creating a private link from the Data Factory docs should also work for Synapse: https://docs.microsoft.com/en-us/azure/data-factory/tutorial-managed-virtual-network-sql-managed-instance
It does take a couple extra resources to create the connection. You need to put a load balancer in from of your SQL instance, and then a generic Private Link resource in front of that- you should then be able to connect to a Managed Instance through that link.
@SamaraSoucy-MSFT Thanks for the response.
I'll test the instructions in the link you provided, and get back to you if I face any problems.
@nanditavalsan Can we please look at improving this doc to make it clear that Azure SQL and managed instances aren't treated the same when exfiltration protection is on?
@SamaraSoucy-MSFT It would be definitely helpful to get the documentation updated. I appreciate you for taking lead on that.
Thanks for your dedication to our documentation. Unfortunately, at this time we have been unable to review your issue in a timely manner and we sincerely apologize for the delayed response. We are closing this issue for now, but if you feel that it's still a concern, please respond and let us know. If you determine another possible update to our documentation, please don't hesitate to reach out again. #please-close
I created a Synapse workspace with managed virtual network enabled and "Yes" for "Allow outbound data traffic only to approved targets".
I got this error message when I tried to create a Linked Service for Azure SQL managed instance from my synapse workspace.
I also noticed that I can create private link from my Synapse workspace to Azure SQL single database but not to Azure SQL managed instance.
Apparently, I can't access Azure SQL managed instance from Synapse workspace when Data exfiltration protection is enabled for the workspace. Is that correct? If not, how to create Linked Service and private endpoint to Azure SQL managed instance from workspace that has Data exfiltration protection enabled?
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.