Microsoft Fabric offers a suite of powerful tools for data engineering, data science, and analytics. When security is a top priority, Azure Private Link is the solution you need. Private Link enables secure access to various Fabric experiences by routing traffic through a private connection within the Microsoft backbone network, rather than exposing it to the public internet.
Let’s delve into the specifics of how Private Link integrates with different components of Fabric:
Onelake: Secure Data Lake Access
Fabric’s unified data lake, Onelake, seamlessly supports Private Link. You have the flexibility to explore Onelake directly through the Fabric portal or interact with it from any machine within your established Virtual Network (VNet). Popular tools like Azure Storage Explorer, PowerShell, and others remain fully compatible.
Warehouse, Lakehouse, and SQL Endpoints: Enhanced Protection
Private Link safeguards access to your Warehouse items and Lakehouse SQL endpoints within the Fabric portal. Additionally, if you utilize Tabular Data Stream (TDS) endpoints for connecting with tools like SQL Server Management Studio or Azure Data Studio, Private Link extends its protection to those connections as well.
Lakehouse, Notebooks, Spark, and Environments: Private Networking
Enabling the Azure Private Link tenant setting triggers an important change: Your first Spark job (executed through a Notebook or Spark job definition) or any Lakehouse operation will automatically provision a dedicated managed virtual network specifically for your Fabric workspace.
Dataflow Gen2: Secure Data Transformations
Private Link enables the secure use of Dataflow Gen2 for data retrieval, transformation, and publishing. When your data sources are protected behind a firewall, the VNet data gateway provides a crucial solution. This gateway seamlessly injects a gateway (compute) node into your existing virtual network, offering a managed gateway experience. Through the VNet gateway, you can establish connections to a Lakehouse or Warehouse in a Private-Link-enabled tenant or access other data sources within your network.
Pipelines, ML Models, and More: Comprehensive Private Link Coverage
You can confidently use Pipelines, ML Models, Experiments, and AI skills within Fabric while maintaining a secure private-link environment. Fabric’s private link functionality allows you to create and operationalize data pipelines, including activities like Notebook and Dataflow activities.
Power BI: Understanding the Trade-offs
It’s important to understand that certain Power BI features will be unavailable when Fabric’s Private Link is enabled:
Other Fabric Items and Microsoft Purview Information Protection
Geetha S