I want to understand how Power BI service connect to Azure Synapse dedicated pool. Is that native connection or ODBC or OLDB. how can we trust the security of this connection especially in the direct query ? and
What is the best practice connecting power bi service to Azure dedicated pool of course in different VNET , but one Azure active directory using gateway or connect directly
Related
Recently, we deployed a dedicated SQL Pool to a Synapse Workspace in production. In development we can access both the serverless SQL pool and the dedicated SQL pool. However, in production we can access the serverless SQL pool, but we cannot reach the dedicated SQL pool (either in the portal where upon trying to view the database objects we get an AjaxError or when trying to connect via SSMS where we get a Named Pipes Error message):
Named Pipes Error message
Both the development and the production Synapse instance have private endpoints (in separate vnets and subnets). We access both using a VM that is associated to a virtual network that is peered with the network with the private endpoints of the Synapse instances.
Any ideas what could cause this behavior and how to fix it?
Thanks in advance!
Error
AJAX Error when selecting the database and running a statement against it in the Develop Widget 
Cause and Mitigation
Local network is restricting access to the SQL Logical Services on Port 443 and Port 1443.
Allow access to the services on the specified ports which would grant
access to the web endpoint of the database services.
Source: Synapse Workspace Pools and On Demand Inaccessible
Additional Useful link: https://learn.microsoft.com/en-us/azure/azure-sql/database/connect-query-portal
I have an Azure SQL Database as PaaS Solution. I have some network access rules in the Firewall of Azure SQL Database. I want to connect PowerBI to Azure SQL Database securely. I had checked the option of Allow access to Azure Services in Firewall. However, it also makes the database visible to any component deployed within Azure, such as a virtual machine.
Are there any methods to use Azure SQL Database(Paas) securely from PowerBI?
If you don't want to set Allow access to Azure Services in Azure SQL database firewall, you could add the current client IP address to the firewall.
It will only allow your current client/computer to access the Azure SQL.
Then you could access the Azure SQL database from PowerBI securely.
I'm trying to make a connection between on-premises server and azure server. I tried to ping the azure server IP from on-premises server but no connection was made (Note: I'm on a free-trial plan). I did some research and found out either VPN setup / ExpressRoute is required. My question is:
is it possible to make a connection in free-trial plan?
is there any way to make a hybrid connection without setting up VPN/ExpressRoute?
I believe it is, but it will cost you whatever the cheapest VPN costs (basic SKU).
Azure Service Bus Relay might be an option, depending on what you are after
Firstly, make sure you have set the Azure SQL database firewall settings, then the Azure SQL database will allow the connect from the On-premise SQL Server.
Azure SQL Server doesn't have the IP property, you must use the fully qualified name to connect to the SQL Azure server, format like:
[servername].database.windows.net
You can get this On portal:
Hope this helps.
I am trying to connect to Azure SQL database through on-premise SSMS and SSIS (its a requirement to push data on premise to Azure cloud). But my organization's firewall is blocking the connection to Azure database, although the Azure subscription is with same org. I tried pulling data with Azure Data Factory but it requires installation of Data Gateway and firewall is also blocking installation/registration of this gateway. Is there any alternate way to bypass this. Raising firewall exception for Data Gateway is not an option in this case. Thanks
Are sure your firewall blocks the installation of Data Management Gateway? I don't really know how a firewall achieves this. Maybe you meant Group Policy?
Using Data Management Gateway to move data to Azure SQL database is only requiring outgoing port 443, which is allowed by default in most firewalls.
If the Group Policy blocks installation of Data Management Gateway, you could try to upload data to a Azure Blob at first (also require outgoing port 443), and then using Data Factory to copy data from Azure Blob to Azure SQL database (gateway is not needed in that case).
Azure SQL works on Port 1433. You are unable to access Azure SQL probably because your organization's firewall is blocking this port. If you can get port 1433 enabled with your network admin then it should work.
What are the differences between Hybrid Connection and the On-Premises Data Gateway?
Initially my focus is on Azure App Services (Web Apps, Logic Apps, maybe API Apps) connecting to internal web services
I started checking out Hybrid Connections versus Service Bus Relay, but another member of the team mentioned the On-Premises Data Gateway which is coming from the Microsoft business application platform, so Power BI, Microsoft Flow and Power Apps
So I'm now confused over the direction ... is the Gateway replacing Hybrid and Relay?
I'm not totally sure about this but it seems that On-Premises Data Gateway is a connection between On-Premise and servers (IaaS) in Azure. Hybrid Connection is used to connect On-Premise to e.g. Web Apps (PaaS) in Azure.
So I would say that at least one difference is whether On-Premise is connected to IaaS or PaaS.
My answer above is based on information in following links:
https://learn.microsoft.com/en-us/azure/analysis-services/analysis-services-gateway
https://azure.microsoft.com/sv-se/resources/videos/josh-twist-introduces-hybrid-connections
From an integration perspective, let's say you want to read some data from on-premises SQL server as a step in a logic app.
If you have either a Site-to-Site VPN or ExpressRoute providing connectivity between your on-premises network and Azure VNET, create an Azure ISE (Integration Services Environment) deployed to an Azure VNET. You will then be able to connect directly to the SQL server from your Logic App (since it is resolvable / contactable via DNS). Ref:
https://learn.microsoft.com/en-us/azure/logic-apps/connect-virtual-network-vnet-isolated-environment-overview
If you do not have this connectivity in place, you can install a Data Gateway component on-premises to present configured internal data sources to Azure using a persistent outbound connection (like app proxy). Ref:
https://learn.microsoft.com/en-us/azure/logic-apps/logic-apps-gateway-connection
However, even if you do have network connectivity in place, in some scenarios (and from experiences) there may be a benefit in using the Data Gateway for it's caching capabilities (if applicable to the scenario). Ref:
https://learn.microsoft.com/en-us/power-bi/guidance/gateway-onprem-sizing