Synapse Workspace should have managed virtual network enabled, the default is disabled.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | synapse |
| Provider | Azure |
| Vulnerability Type | omission |
Description#
The Synapse Workspace is configured without managed virtual network enabled, which means it does not use an isolated network environment for secure communications with other Azure resources. This leaves the workspace exposed to public endpoints instead of using private links.
Impact#
Without a managed virtual network and private endpoints, sensitive data in the Synapse Workspace could be accessed over the public internet, increasing the risk of unauthorized access, data leakage, and exposure to network-based attacks.
Resolution#
Set manage virtual network to enabled