vnet1

dearandyxu · dearandyxu · commit da83d231b385 · 2022-09-28T15:21:35.000+08:00
diff --git a/articles/synapse-analytics/synapse-link/connect-synapse-link-sql-database-vnet.md b/articles/synapse-analytics/synapse-link/connect-synapse-link-sql-database-vnet.md
@@ -20,7 +20,7 @@ This article provides a guide on configuring Azure Synapse Link for Azure SQL Da
 
 ## Managed workspace Virtual Network without data exfiltration
 
-1. Create Synapse workspace with managed virtual network enabled. You will enable **managed virtual network** and select **No** to allow outbound traffic from the workspace to any target. You can learn more about managed virtual network from [this](../security/synapse-workspace-managed-vnet.md)
+1. Create Synapse workspace with managed virtual network enabled. You will enable **managed virtual network** and select **No** to allow outbound traffic from the workspace to any target. You can learn more about managed virtual network from [this](../security/synapse-workspace-managed-vnet.md).
 
    :::image type="content" source="../media/connect-synapse-link-sql-database/create-synapse-workspace-allow-outbound-traffic.png" alt-text="create synapse workspace allow outboundtraffic":::
 
@@ -30,17 +30,17 @@ This article provides a guide on configuring Azure Synapse Link for Azure SQL Da
 
 1. Launch Synapse Studio, navigate to **Manage**, click **Integration runtimes** and select **AutoResolvingIntegrationRuntime**. On the pop-up slide, you can click **Virtual network** tab, and enable **Interactive authoring**. 
 
-  :::image type="content" source="../media/connect-synapse-link-sql-database/enable-interactive-authoring" alt-text="enable interactive authoring":::
+  :::image type="content" source="../media/connect-synapse-link-sql-database/enable-interactive-authoring.png" alt-text="enable interactive authoring":::
 
 1. Now you can create a link connection from **Integrate** tab to replicate data from Azure SQL DB to Synapse SQL pool.
 
-  :::image type="content" source="../media/connect-synapse-link-sql-database/create-link" alt-text="create link":::
+  :::image type="content" source="../media/connect-synapse-link-sql-database/create-link.png" alt-text="create link":::
 
-  :::image type="content" source="../media/connect-synapse-link-sql-database/create-link-sqldb" alt-text="create link sqldb":::
+  :::image type="content" source="../media/connect-synapse-link-sql-database/create-link-sqldb.png" alt-text="create link sqldb":::
 
 1. Start your link connection
 
-  :::image type="content" source="../media/connect-synapse-link-sql-database/start-link" alt-text="start link":::
+  :::image type="content" source="../media/connect-synapse-link-sql-database/start-link.png" alt-text="start link":::
 
 
 ## Managed workspace Virtual Network with data exfiltration
@@ -55,35 +55,35 @@ This article provides a guide on configuring Azure Synapse Link for Azure SQL Da
 
 1. Launch Synapse Studio, navigate to **Manage**, click **Integration runtimes** and select **AutoResolvingIntegrationRuntime**. On the pop-up slide, you can click **Virtual network** tab, and enable **Interactive authoring**. 
 
-  :::image type="content" source="../media/connect-synapse-link-sql-database/enable-interactive-authoring" alt-text="enable interactive authoring":::
+  :::image type="content" source="../media/connect-synapse-link-sql-database/enable-interactive-authoring.png" alt-text="enable interactive authoring":::
 
 1. Create a linked service connecting to Azure SQL DB with managed private endpoint enabled.
 
    * Create a linked service connecting to Azure SQL DB.
    
-     :::image type="content" source="../media/connect-synapse-link-sql-database/new-sql-db-linked-service-pe" alt-text="new sql db linked service pe":::
+     :::image type="content" source="../media/connect-synapse-link-sql-database/new-sql-db-linked-service-pe.png" alt-text="new sql db linked service pe":::
 
    * Create a managed private endpoint in linked service for Azure SQL DB.
    
-     :::image type="content" source="../media/connect-synapse-link-sql-database/new-sql-db-linked-service-pe1" alt-text="new sql db linked service pe":::
+     :::image type="content" source="../media/connect-synapse-link-sql-database/new-sql-db-linked-service-pe1.png" alt-text="new sql db linked service pe1":::
 
    * Complete the managed private endpoint creation in the linked service for Azure SQL DB.
    
-     :::image type="content" source="../media/connect-synapse-link-sql-database/new-sql-db-linked-service-pe2" alt-text="new sql db linked service pe":::
+     :::image type="content" source="../media/connect-synapse-link-sql-database/new-sql-db-linked-service-pe2.png" alt-text="new sql db linked service pe2":::
 
    * Go to Azure portal of your SQL Server hosting Azure SQL DB as source store, approve the Private endpoint connections.
    
-     :::image type="content" source="../media/connect-synapse-link-sql-database/new-sql-db-linked-service-pe3" alt-text="new sql db linked service pe":::
+     :::image type="content" source="../media/connect-synapse-link-sql-database/new-sql-db-linked-service-pe3.png" alt-text="new sql db linked service pe3":::
 		 
 1. Now you can create a link connection from **Integrate** tab to replicate data from Azure SQL DB to Synapse SQL pool.
 
-  :::image type="content" source="../media/connect-synapse-link-sql-database/create-link" alt-text="create link":::
+  :::image type="content" source="../media/connect-synapse-link-sql-database/create-link.png" alt-text="create link":::
 
-  :::image type="content" source="../media/connect-synapse-link-sql-database/create-link-sqldb" alt-text="create link sqldb":::
+  :::image type="content" source="../media/connect-synapse-link-sql-database/create-link-sqldb.png" alt-text="create link sqldb":::
 
 1. Start your link connection
 
-  :::image type="content" source="../media/connect-synapse-link-sql-database/start-link" alt-text="start link":::
+  :::image type="content" source="../media/connect-synapse-link-sql-database/start-link.png" alt-text="start link":::
  
 
 
diff --git a/articles/synapse-analytics/synapse-link/connect-synapse-link-sql-database.md b/articles/synapse-analytics/synapse-link/connect-synapse-link-sql-database.md
@@ -21,7 +21,7 @@ This article provides a step-by-step guide for getting started with Azure Synaps
 
 ## Prerequisites
 
-* [Create a new Synapse workspace](https://portal.azure.com/#create/Microsoft.Synapse) to get Azure Synapse Link for SQL. The current tutorial is to create Synapse link for SQL in public network. The assumption is that you have checked "Disable Managed virtual network" and "Allow connections from all IP address" when creating Synapse workspace.
+* [Create a new Synapse workspace](https://portal.azure.com/#create/Microsoft.Synapse) to get Azure Synapse Link for SQL. The current tutorial is to create Synapse link for SQL in public network. The assumption is that you have checked "Disable Managed virtual network" and "Allow connections from all IP address" when creating Synapse workspace. If you want to configure Synapse link for Azure SQL Database with network security, please also refer to [this](connect-synapse-link-sql-database-vnet.md).
 
 * For DTU-based provisioning, make sure your Azure SQL Database service is at least Standard tier with a minimum of 100 DTUs. Free, Basic, or Standard tiers with fewer than 100 DTUs provisioned are not supported.
 
diff --git a/articles/synapse-analytics/synapse-link/connect-synapse-link-sql-server-2022-vnet.md b/articles/synapse-analytics/synapse-link/connect-synapse-link-sql-server-2022-vnet.md
@@ -0,0 +1,100 @@
+---
+title: Configure Synapse link for SQL Server 2022 with network security (Preview)
+description: Learn how to configure Synapse link for SQL Server 2022 with network security (Preview).
+author: yexu
+ms.service: synapse-analytics
+ms.topic: how-to
+ms.subservice: synapse-link
+ms.date: 09/28/2022
+ms.author: yexu
+ms.reviewer: sngun, wiassaf
+---
+
+# Configure Synapse link for Azure SQL Database with network security (Preview)
+
+This article provides a guide on configuring Azure Synapse Link for SQL Server 2022 with network security. Before reading this documentation, You should have known how to create and start Synapse link for SQL Server 2022 from [Get started with Azure Synapse Link for SQL Server 2022](connect-synapse-link-sql-server-2022.md). 
+
+> [!IMPORTANT]
+> Azure Synapse Link for SQL is currently in PREVIEW.
+> See the [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) for legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.
+
+## Managed workspace Virtual Network without data exfiltration
+
+1. Create Synapse workspace with managed virtual network enabled. You will enable **managed virtual network** and select **No** to allow outbound traffic from the workspace to any target. You can learn more about managed virtual network from [this](../security/synapse-workspace-managed-vnet.md).
+
+   :::image type="content" source="../media/connect-synapse-link-sql-database/create-synapse-workspace-allow-outbound-traffic.png" alt-text="create synapse workspace allow outboundtraffic":::
+
+1. Navigate to your Synapse workspace on Azure portal, go to **Networking** tab to enable **Allow Azure Synapse Link for Azure SQL Database to bypass firewall rules**.
+
+   :::image type="content" source="../media/connect-synapse-link-sql-database/enable-bypass-firewall-rules.png" alt-text="enable bypass firewall rules":::
+
+1. Launch Synapse Studio, navigate to **Manage**, click **Integration runtimes** and select **AutoResolvingIntegrationRuntime**. On the pop-up slide, you can click **Virtual network** tab, and enable **Interactive authoring**. 
+
+   :::image type="content" source="../media/connect-synapse-link-sql-database/enable-interactive-authoring.png" alt-text="enable interactive authoring":::
+
+1. Now you can create a link connection from **Integrate** tab to replicate data from SQL Server 2022 to Synapse SQL pool.
+
+   :::image type="content" source="../media/connect-synapse-link-sql-database/create-link.png" alt-text="create link":::
+
+   :::image type="content" source="../media/connect-synapse-link-sql-database/create-link-sqlserver.png" alt-text="create link sql server":::
+
+1. Start your link connection
+
+   :::image type="content" source="../media/connect-synapse-link-sql-database/start-link.png" alt-text="start link":::
+
+
+## Managed workspace Virtual Network with data exfiltration
+
+1. Create Synapse workspace with managed virtual network enabled. You will enable **managed virtual network** and select **Yes** to limit outbound traffic from the Managed workspace Virtual Network to targets through Managed private endpoints. You can learn more about managed virtual network from [this](../security/synapse-workspace-managed-vnet.md)
+
+   :::image type="content" source="../media/connect-synapse-link-sql-database/create-synapse-workspace-disallow-outbound-traffic.png" alt-text="create synapse workspace disallow outbound traffic":::
+
+1. Navigate to your Synapse workspace on Azure portal, go to **Networking** tab to enable **Allow Azure Synapse Link for Azure SQL Database to bypass firewall rules**.
+
+   :::image type="content" source="../media/connect-synapse-link-sql-database/enable-bypass-firewall-rules.png" alt-text="enable bypass firewall rules":::
+
+1. Launch Synapse Studio, navigate to **Manage**, click **Integration runtimes** and select **AutoResolvingIntegrationRuntime**. On the pop-up slide, you can click **Virtual network** tab, and enable **Interactive authoring**. 
+
+   :::image type="content" source="../media/connect-synapse-link-sql-database/enable-interactive-authoring.png" alt-text="enable interactive authoring":::
+
+1. Create a linked service connecting to SQL Server 2022. You can get more details from [this](connect-synapse-link-sql-server-2022.md#create-linked-service-for-your-source-sql-server-2022).
+
+1. Add role assignment to make sure that you have granted your Synapse workspace managed identity permissions to ADLS Gen2 storage account used as the landing zone. You can get more details from [this](connect-synapse-link-sql-server-2022.md#create-linked-service-to-connect-to-your-landing-zone-on-azure-data-lake-storage-gen2).
+
+1. Create a linked service connecting to ADLS Gen2 storage(landing zone) with managed private endpoint enabled.
+
+   * Create a managed private endpoint in linked service for ADLS Gen2 storage.
+   
+     :::image type="content" source="../media/connect-synapse-link-sql-database/new-sql-server-linked-service-pe1.png" alt-text="new sql db linked service pe1":::
+
+   * Complete the managed private endpoint creation in the linked service for ADLS Gen2 storage.
+   
+     :::image type="content" source="../media/connect-synapse-link-sql-database/new-sql-server-linked-service-pe2.png" alt-text="new sql db linked service pe2":::
+
+   * Go to Azure portal of your ADLS Gen2 storage as landing zone, approve the Private endpoint connections.
+   
+     :::image type="content" source="../media/connect-synapse-link-sql-database/new-sql-server-linked-service-pe3.png" alt-text="new sql db linked service pe3":::
+
+   * Complete the creation of linked service for ADLS Gen2 storage.
+   
+     :::image type="content" source="../media/connect-synapse-link-sql-database/new-sql-server-linked-service-pe4.png" alt-text="new sql db linked service pe4":::
+		 
+1. Now you can create a link connection from **Integrate** tab to replicate data from SQL Server 2022 to Synapse SQL pool.
+
+   :::image type="content" source="../media/connect-synapse-link-sql-database/create-link.png" alt-text="create link":::
+
+   :::image type="content" source="../media/connect-synapse-link-sql-database/create-link-sqlserver.png" alt-text="create link sqldb":::
+
+1. Start your link connection
+
+   :::image type="content" source="../media/connect-synapse-link-sql-database/start-link.png" alt-text="start link":::
+ 
+
+
+## Next steps
+
+If you are using a different type of database, see how to:
+
+* [Configure Azure Synapse Link for Azure Cosmos DB](../../cosmos-db/configure-synapse-link.md?context=/azure/synapse-analytics/context/context)
+* [Configure Azure Synapse Link for Dataverse](/powerapps/maker/data-platform/azure-synapse-link-synapse?context=/azure/synapse-analytics/context/context)
+* [Get started with Azure Synapse Link for SQL Server 2022](connect-synapse-link-sql-server-2022.md)
diff --git a/articles/synapse-analytics/synapse-link/connect-synapse-link-sql-server-2022.md b/articles/synapse-analytics/synapse-link/connect-synapse-link-sql-server-2022.md
@@ -13,15 +13,16 @@ ms.reviewer: sngun, wiassaf
 
 # Get started with Azure Synapse Link for SQL Server 2022 (Preview)
 
-This article provides a step-by-step guide for getting started with Azure Synapse Link for SQL Server 2022. For more information, see [Get started with Azure Synapse Link for SQL Server 2022 (Preview)](sql-server-2022-synapse-link.md). 
+This article provides a step-by-step guide for getting started with Azure Synapse Link for SQL Server 2022. For more information, see [Azure Synapse Link for SQL Server 2022](sql-server-2022-synapse-link.md). 
 
 > [!IMPORTANT]
 > Azure Synapse Link for SQL is currently in PREVIEW.
 > See the [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) for legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.
 
 ## Prerequisites
 
-* [Create a new Synapse workspace](https://portal.azure.com/#create/Microsoft.Synapse) to get Azure Synapse Link for SQL. The current tutorial is to create Synapse link for SQL in public network. The assumption is that you have checked "Disable Managed virtual network" and "Allow connections from all IP address" when creating Synapse workspace. If you have a workspace created after May 24, 2022, you do not need to create a new workspace.
+* [Create a new Synapse workspace](https://portal.azure.com/#create/Microsoft.Synapse) to get Azure Synapse Link for SQL. The current tutorial is to create Synapse link for SQL in public network. The assumption is that you have checked "Disable Managed virtual network" and "Allow connections from all IP address" when creating Synapse workspace. If you want to configure Synapse link for SQL Server 2022 with network security, please also refer to [this](connect-synapse-link-sql-server-2022-vnet.md).
+
 
 * Create an Azure Data Lake Storage Gen2 account (different from the account created with the Azure Synapse Analytics workspace) used as the landing zone to stage the data submitted by SQL Server 2022. See [how to create a Azure Data Lake Storage Gen2 account](../../storage/blobs/create-data-lake-storage-account.md) article for more details.
 
