MicrosoftDocs
diff --git a/‎articles/synapse-analytics/security/media/synpase-workspace-ip-firewall/azure-synapse-analytics-networking-managed-virtual-network-outbound-traffic.png
12.3 KB b/‎articles/synapse-analytics/security/media/synpase-workspace-ip-firewall/azure-synapse-analytics-networking-managed-virtual-network-outbound-traffic.png
12.3 KB
diff --git a/‎articles/synapse-analytics/security/synapse-workspace-ip-firewall.md
Lines changed: 4 additions & 4 deletions b/‎articles/synapse-analytics/security/synapse-workspace-ip-firewall.md
Lines changed: 4 additions & 4 deletions
diff --git a/‎articles/synapse-analytics/security/synapse-workspace-managed-vnet.md
Lines changed: 13 additions & 17 deletions b/‎articles/synapse-analytics/security/synapse-workspace-managed-vnet.md
Lines changed: 13 additions & 17 deletions
diff --git a/‎articles/synapse-analytics/spark/synapse-spark-sql-pool-import-export.md
Lines changed: 7 additions & 19 deletions b/‎articles/synapse-analytics/spark/synapse-spark-sql-pool-import-export.md
Lines changed: 7 additions & 19 deletions
@@ -5,7 +5,7 @@ author: ashinMSFT
 ms.service: azure-synapse-analytics
 ms.topic: overview
 ms.subservice: security 
-ms.date: 09/16/2022
+ms.date: 01/22/2025
 ms.author: danzhang 
 ms.reviewer: wiassaf
 ---
@@ -23,14 +23,14 @@ IP firewall rules grant or deny access to your Azure Synapse workspace based on
 There are two ways IP firewall rules are added to an Azure Synapse workspace. To add an IP firewall to your workspace, select **Networking** and check **Allow connections from all IP addresses** during workspace creation.
 
 > [!Important]
-> This feature is only available to Azure Synapse workspaces not associated with a Managed VNet.
+> This feature is only available to Azure Synapse workspaces not associated with a Managed Virtual Network.
 
 :::image type="content" source="./media/synpase-workspace-ip-firewall/azure-synapse-workspace-networking-connections-all-ip-addresses.png" lightbox="./media/synpase-workspace-ip-firewall/azure-synapse-workspace-networking-connections-all-ip-addresses.png" alt-text="Screenshot that highlights the Security tab, and the 'Allow connections from all IP addresses' checkbox.":::
 
 You can also add IP firewall rules to a Synapse workspace after the workspace is created. Select **Firewalls** under **Security** from Azure portal. To add a new IP firewall rule, give it a name, Start IP, and End IP. Select **Save** when done.
 
 > [!NOTE]
-> The Public network access feature is only available to Azure Synapse workspaces associated with Azure Synapse Analytics Managed Virtual Network. However, you can still open your Azure Synapse workspaces to the public network regardless of its association with managed VNet. For more information, see [Public network access](connectivity-settings.md#public-network-access).
+> The Public network access feature is only available to Azure Synapse workspaces associated with Azure Synapse Analytics Managed Virtual Network. However, you can still open your Azure Synapse workspaces to the public network regardless of its association with managed virtual network. For more information, see [Public network access](connectivity-settings.md#public-network-access).
 
 :::image type="content" source="./media/synpase-workspace-ip-firewall/azure-synapse-workspace-networking-firewalls-add-client-ip.png" lightbox="./media/synpase-workspace-ip-firewall/azure-synapse-workspace-networking-firewalls-add-client-ip.png" alt-text="Screenshot of the Networking page of a Synapse Workspace, highlighting the Add client IP button and rules fields.":::
 
@@ -55,7 +55,7 @@ For more information on the methods to manage the firewall programmatically, see
 - [PowerShell](/powershell/module/az.synapse/new-azsynapsefirewallrule)
 - [Azure CLI](/cli/azure/sql/server/firewall-rule)
 
-## Next steps
+## Related content
 
 - Create an [Azure Synapse Workspace](../quickstart-create-workspace.md)
 - Create an Azure Synapse workspace with a [Managed workspace Virtual Network](./synapse-workspace-managed-vnet.md)
 
@@ -5,7 +5,7 @@ author: ashinMSFT
 ms.service: azure-synapse-analytics
 ms.topic: overview
 ms.subservice: security
-ms.date: 08/16/2021
+ms.date: 01/22/2025
 ms.author: seshin
 ms.reviewer: wiassaf
 ---
@@ -18,25 +18,25 @@ This article will explain Managed Virtual Network in Azure Synapse Analytics.
 
 When you create your Azure Synapse workspace, you can choose to associate it to a Microsoft Azure Virtual Network. The Virtual Network associated with your workspace is managed by Azure Synapse. This Virtual Network is called a *Managed workspace Virtual Network*.
 
-Managed workspace Virtual Network provides you value in four ways:
+Managed workspace Virtual Network provides you with value in four ways:
 
 - With a Managed workspace Virtual Network you can offload the burden of managing the Virtual Network to Azure Synapse.
 - You don't have to configure inbound NSG rules on your own Virtual Networks to allow Azure Synapse management traffic to enter your Virtual Network. Misconfiguration of these NSG rules causes service disruption for customers.
 - You don't need to create a subnet for your Spark clusters based on peak load.
 - Managed workspace Virtual Network along with Managed private endpoints protects against data exfiltration. You can only create Managed private endpoints in a workspace that has a Managed workspace Virtual Network associated with it.
 
-Creating a workspace with a Managed workspace Virtual Network associated with it ensures that your workspace is network isolated from other workspaces. Azure Synapse provides various analytic capabilities in a workspace: Data integration,serverless Apache Spark pool, dedicated SQL pool, and serverless SQL pool.
+Creating a workspace with a Managed workspace Virtual Network associated with it ensures that your workspace is network isolated from other workspaces. Azure Synapse provides various analytic capabilities in a workspace: Data integration, serverless Apache Spark pool, dedicated SQL pool, and serverless SQL pool.
 
 If your workspace has a Managed workspace Virtual Network, Data integration and Spark resources are deployed in it. A Managed workspace Virtual Network also provides user-level isolation for Spark activities because each Spark cluster is in its own subnet.
 
-Dedicated SQL pool and serverless SQL pool are multi-tenant capabilities and therefore reside outside of the Managed workspace Virtual Network. Intra-workspace communication to dedicated SQL pool and serverless SQL pool use Azure private links. These private links are automatically created for you when you create a workspace with a Managed workspace Virtual Network associated to it.
+Dedicated SQL pool and serverless SQL pool are multitenant capabilities and therefore reside outside of the Managed workspace Virtual Network. Intra-workspace communication to dedicated SQL pool and serverless SQL pool use Azure private links. These private links are automatically created for you when you create a workspace with a Managed workspace Virtual Network associated to it.
 
 >[!IMPORTANT]
->You cannot change this workspace configuration after the workspace is created. For example, you cannot reconfigure a workspace that does not have a Managed workspace Virtual Network associated with it and associate a Virtual Network to it. Similarly, you cannot reconfigure a workspace with a Managed workspace Virtual Network associated to it and disassociate the Virtual Network from it.
+>You can't change this workspace configuration after the workspace is created. For example, you can't reconfigure a workspace that doesn't have a Managed workspace Virtual Network associated with it and associate a Virtual Network to it. Similarly, you can't reconfigure a workspace with a Managed workspace Virtual Network associated to it and disassociate the Virtual Network from it.
 
 ## Create an Azure Synapse workspace with a Managed workspace Virtual Network
 
-If you have not already done so, register the Network resource provider. Registering a resource provider configures your subscription to work with the resource provider. Choose *Microsoft.Network* from the list of resource providers when you [register](../../azure-resource-manager/management/resource-providers-and-types.md).
+If you haven't already done so, register the Network resource provider. Registering a resource provider configures your subscription to work with the resource provider. Choose *Microsoft.Network* from the list of resource providers when you [register](../../azure-resource-manager/management/resource-providers-and-types.md#azure-portal).
 
 To create an Azure Synapse workspace that has a Managed workspace Virtual Network associated with it, select the **Networking** tab in Azure portal and check the **Enable managed virtual network** checkbox.
 
@@ -47,26 +47,22 @@ If you leave the checkbox unchecked, then your workspace won't have a Virtual Ne
 
 :::image type="content" source="./media/synpase-workspace-ip-firewall/azure-synapse-analytics-networking-managed-virtual-network-outbound-traffic.png" lightbox="./media/synpase-workspace-ip-firewall/azure-synapse-analytics-networking-managed-virtual-network-outbound-traffic.png" alt-text="Screenshot of the Create Synapse workspace networking page, with the Managed virtual network option Enabled and the Allow outbound data traffic only to approved targets option to Yes.":::
 
-After you choose to associate a Managed workspace Virtual Network with your workspace, you can protect against data exfiltration by allowing outbound connectivity from the Managed workspace Virtual Network only to approved targets using [Managed private endpoints](./synapse-workspace-managed-private-endpoints.md). Select **Yes** to limit outbound traffic from the Managed workspace Virtual Network to targets through Managed private endpoints. 
-
-
+After you choose to associate a Managed workspace Virtual Network with your workspace, you can protect against data exfiltration by allowing outbound connectivity from the Managed workspace Virtual Network only to approved targets using [Managed private endpoints](./synapse-workspace-managed-private-endpoints.md). Select **Yes** to limit outbound traffic from the Managed workspace Virtual Network to targets through Managed private endpoints.
 
 :::image type="content" source="./media/synpase-workspace-ip-firewall/azure-synapse-workspace-managed-virtual-network-allow-outbound-traffic.png" lightbox="./media/synpase-workspace-ip-firewall/azure-synapse-workspace-managed-virtual-network-allow-outbound-traffic.png" alt-text="Screenshot of the Managed virtual network page, with the Allow outbound data traffic only to approved targets option to Yes.":::
 
 Select **No** to allow outbound traffic from the workspace to any target.
 
-You can also control the targets to which Managed private endpoints are created from your Azure Synapse workspace. By default, Managed private endpoints to resources in the same AAD tenant that your subscription belongs to are allowed. If you want to create a Managed private endpoint to a resource in an AAD tenant that is different from the one that your subscription belongs to, then you can add that AAD tenant by selecting **+ Add**. You can either select the AAD tenant from the dropdown or manually enter the AAD tenant ID.
+You can also control the targets to which Managed private endpoints are created from your Azure Synapse workspace. By default, Managed private endpoints to resources in the same Microsoft Entra ID tenant that your subscription belongs to are allowed. If you want to create a Managed private endpoint to a resource in a Microsoft Entra ID tenant that is different from the one that your subscription belongs to, then you can add that Microsoft Entra ID tenant by selecting **+ Add**. You can either select the Microsoft Entra ID tenant from the dropdown or manually enter the Microsoft Entra ID tenant ID.
 
-:::image type="content" source="./media/synpase-workspace-ip-firewall/azure-synapse-workspace-managed-virtual-network-private-endpoints-azure-ad.png" lightbox="./media/synpase-workspace-ip-firewall/azure-synapse-workspace-managed-virtual-network-private-endpoints-azure-ad.png" alt-text="Screenshot of the Managed virtual network page, with the Add button for Azure Tenant Tenants highlighted.":::
+:::image type="content" source="./media/synpase-workspace-ip-firewall/azure-synapse-workspace-managed-virtual-network-private-endpoints-azure-ad.png" lightbox="./media/synpase-workspace-ip-firewall/azure-synapse-workspace-managed-virtual-network-private-endpoints-azure-ad.png" alt-text="Screenshot of the Managed virtual network page, with the Add button for Azure Tenants highlighted.":::
 
 After the workspace is created, you can check whether your Azure Synapse workspace is associated to a Managed workspace Virtual Network by selecting **Overview** from Azure portal.
 
 :::image type="content" source="./media/synpase-workspace-ip-firewall/azure-synapse-analytics-overview-managed-virtual-network-enabled.png" lightbox="./media/synpase-workspace-ip-firewall/azure-synapse-analytics-overview-managed-virtual-network-enabled.png" alt-text="Screenshot of the Azure Synapse workspace overview page indicating that a managed virtual network is enabled.":::
 
-## Next steps
-
-Create an [Azure Synapse Workspace](../quickstart-create-workspace.md)
-
-Learn more about [Managed private endpoints](./synapse-workspace-managed-private-endpoints.md)
+## Related content
 
-[Create Managed private endpoints to your data sources](./how-to-create-managed-private-endpoints.md)
+- Create an [Azure Synapse Workspace](../quickstart-create-workspace.md)
+- Learn more about [Managed private endpoints](./synapse-workspace-managed-private-endpoints.md)
+- [Create Managed private endpoints to your data sources](./how-to-create-managed-private-endpoints.md)
@@ -5,7 +5,7 @@ author: kalyankadiyala-Microsoft
 ms.service: azure-synapse-analytics
 ms.topic: overview
 ms.subservice: spark
-ms.date: 05/10/2022
+ms.date: 01/22/2025
 ms.author: kakadiya
 ms.reviewer: ktuckerdavis, aniket.adnaik
 --- 
@@ -46,9 +46,9 @@ At a high-level, the connector provides the following capabilities:
 
 ![A high-level data flow diagram to describe the connector's orchestration of a write request.](./media/synapse-spark-sql-pool-import-export/synapse-dedicated-sql-pool-spark-connector-write-orchestration.png)
 
-## Pre-requisites
+## Prerequisites
 
-Pre-requisites such as setting up required Azure resources and steps to configure them are discussed in this section.
+Prerequisites such as setting up required Azure resources and steps to configure them are discussed in this section.
 
 ### Azure resources
 
@@ -94,7 +94,7 @@ A basic authentication approach requires user to configure `username` and `passw
 There are two ways to grant access permissions to Azure Data Lake Storage Gen2 - Storage Account:
 
 * Role based Access Control role - [Storage Blob Data Contributor role](../../role-based-access-control/built-in-roles.md#storage-blob-data-contributor)
-  * Assigning the `Storage Blob Data Contributor Role` grants the User permissions to read, write and delete from the Azure Storage Blob Containers.
+  * Assigning the `Storage Blob Data Contributor Role` grants the User permissions to read, write, and delete from the Azure Storage Blob Containers.
   * RBAC offers a coarse control approach at the container level.
 * [Access Control Lists (ACL)](../../storage/blobs/data-lake-storage-access-control.md)
   * ACL approach allows for fine-grained controls over specific paths and/or files under a given folder.
@@ -152,7 +152,7 @@ To successfully bootstrap and orchestrate the read or write operation, the Conne
 Following is the list of configuration options based on usage scenario:
 
 * **Read using Microsoft Entra ID based authentication**
-  * Credentials are auto-mapped, and user isn't required to provide specific configuration options.
+  * Credentials are automapped, and user isn't required to provide specific configuration options.
   * Three-part table name argument on `synapsesql` method is required to read from respective table in Azure Synapse Dedicated SQL Pool.
 * **Read using basic authentication**
   * Azure Synapse Dedicated SQL End Point
@@ -281,7 +281,7 @@ dfToReadFromTable.show()
 > * Table name and query cannot be specified at the same time.
 > * Only select queries are allowed. DDL and DML SQLs are not allowed.
 > * The select and filter options on dataframe are not pushed down to the SQL dedicated pool when a query is specified.
-> * Read from a query is only available in Spark 3.1 and 3.2. 
+> * Read from a query is only available in Spark 3.
 
 ##### [Scala](#tab/scala2)
 
@@ -569,18 +569,6 @@ dfToReadFromQueryAsArgument.show()
 
 #### Write Request - `synapsesql` method signature
 
-The method signature for the Connector version built for [Spark 2.4.8](./apache-spark-24-runtime.md) has one less argument, than that applied to the Spark 3.1.2 version. Following are the two method signatures:
-
-* Spark Pool Version 2.4.8
-
-```Scala
-synapsesql(tableName:String, 
-           tableType:String = Constants.INTERNAL, 
-           location:Option[String] = None):Unit
-```
-
-* Spark Pool Version 3.1.2
-
 ##### [Scala](#tab/scala3)
 
 ```Scala
@@ -974,7 +962,7 @@ By default, a write response is printed to the cell output. On failure, the curr
   * When writing large data sets, it's important to factor in the impact of [DWU Performance Level](../../synapse-analytics/sql-data-warehouse/quickstart-scale-compute-portal.md) setting that limits [transaction size](../../synapse-analytics/sql-data-warehouse/sql-data-warehouse-develop-transactions.md#transaction-size).
 * Monitor [Azure Data Lake Storage Gen2](../../storage/blobs/data-lake-storage-best-practices.md) utilization trends to spot throttling behaviors that can [impact](../../storage/common/scalability-targets-standard-account.md) read and write performance.
 
-## References
+## Related content
 
 * [Runtime library versions](../../synapse-analytics/spark/apache-spark-3-runtime.md)
 * [Azure Storage](../../storage/blobs/data-lake-storage-introduction.md)