Microsoft Fabric Updates Blog

Introducing Managed Private Endpoints for Microsoft Fabric in Public Preview

In the era of AI, data has become the cornerstone of analytics platforms. With the ever-increasing volume of data being collected across various applications, data lakes, databases, and data warehouses within an enterprise data estate, the need for secure access to enterprise data sources has become critical. This is particularly important given the growth of sensitive data and the need for stricter network and data access policies. Ensuring that private and sensitive data remains within the safe boundaries of enterprise virtual private networks is essential for maintaining the security and integrity of enterprise data.

We are excited to announce the public preview of Managed Private Endpoints for Microsoft Fabric. This feature allows secure connections to data sources that are behind a firewall or not accessible from the public internet. Managed Private Endpoints enable Fabric Data Engineering items to access data sources securely without exposing them to the public network or requiring complex network configurations. These private endpoints provide a secure way to connect and access data from sources like Azure SQL DB or Storage account blocked from public access from your Fabric Spark Notebooks or Spark Job Definitions.

Workspaces with managed private endpoints have network isolation through a dedicated managed virtual network. These managed virtual networks (Managed VNETs) separate the Spark compute clusters from the shared virtual network and enable network security features such as private links and managed private endpoints. Microsoft Fabric takes care of the provisioning and management of the virtual networks and private endpoints, so users do not have to create or manage these network infrastructure resources themselves.

Connect to Data Sources Securely and Easily from your Fabric Workspace

Users can create and delete managed private endpoints from the workspace settings of a Fabric Workspace.

By just providing connection details, your managed private endpoint is instantly provisioned in the Managed VNET and a request for private endpoint access is submitted to the data source administrator for approval.

Users can track the status and approval process of the managed private endpoints from the Network security section of the Workspace settings.

Managed Private Endpoints support various data sources, including Azure Storage, Azure SQL Database, Azure Synapse Analytics, Azure Cosmos DB, Application gateway, Azure Key Vault, and many more.

Note: Managed private endpoints are only supported for Fabric Trial capacity and Fabric capacities F64 or higher SKUs.

To learn more about the benefits, detailed steps of setup and limitations of managed private endpoints in Microsoft Fabric, please refer to our documentation Overview of managed private endpoints in Fabric.

To learn more about network isolation offered by managed virtual networks, please refer to Overview of managed virtual networks in Fabric.

To learn more about the Private link support for Microsoft Fabric, please refer to Overview of private links.

Related blog posts

Introducing Managed Private Endpoints for Microsoft Fabric in Public Preview

July 14, 2024 by Nimrod Shalit

GitHub and GitHub Enterprise are now available for source control integration. Connect your workspace and you can start syncing your fabric content into your repository.

July 12, 2024 by Ed Lima

During Microsoft Build, in May 2024, we announced the worldwide public preview of API for GraphQL in Microsoft Fabric. With the preview, data engineers and scientists can create a GraphQL data API to connect to different Fabric data sources in seconds, use the APIs in their workflows, or share the API endpoints with app development … Continue reading “Announcing Fabric API for GraphQL pricing”