Workspaces - Set Inbound Azure Resource Rules

Service:: Core

API Version:: v1

Sets the inbound Azure resource instance rules for a workspace. This API enables workspace administrators to set inbound Azure resource instance rules that control which Azure resource instances are in the allowed list for a workspace. This feature is currently in preview.

Note

This API is part of a Preview release and is provided for evaluation and development purposes only. It may change based on feedback and is not recommended for production use.

Permissions

The caller must have admin workspace role.

Required Delegated Scopes

Workspace.ReadWrite.All

Microsoft Entra supported identities

This API supports the Microsoft identities listed in this section.

Identity	Support
User	Yes
Service principal and Managed identities	Yes

Interface

PUT https://api.fabric.microsoft.com/v1/workspaces/{workspaceId}/networking/communicationPolicy/inbound/azureResources

URI Parameters

Name	In	Required	Type	Description
workspaceId	path	True	string (uuid)	The workspace ID.

Request Body

Name	Type	Description
rules	WorkspaceInboundAzureResourceRule[]	An array of inbound Azure resource instance rules associated with the workspace.

Responses

Name Type Description

200 OK

Name	Type	Description
200 OK		Request completed successfully.
429 Too Many Requests	ErrorResponse	The service rate limit was exceeded. The server returns a `Retry-After` header indicating, in seconds, how long the client must wait before sending additional requests. Headers Retry-After: integer
Other Status Codes	ErrorResponse	Common error codes: UnknownError - An error occurred.

Request completed successfully.

429 Too Many Requests

ErrorResponse

The service rate limit was exceeded. The server returns a Retry-After header indicating, in seconds, how long the client must wait before sending additional requests.

Headers

Retry-After: integer

Other Status Codes

ErrorResponse

Common error codes:

UnknownError - An error occurred.

Examples

Set workspace resource instance example

Sample request

HTTP

PUT https://api.fabric.microsoft.com/v1/workspaces/47482db6-4583-4672-86dd-999d0f8f4d7a/networking/communicationPolicy/inbound/azureResources

{
  "rules": [
    {
      "displayName": "SQL Server - testsql1",
      "resourceId": "/subscriptions/2374e516-d28b-4898-a39c-6070e078ae31/resourceGroups/testrg/providers/Microsoft.Sql/servers/testsql1"
    },
    {
      "displayName": "Storage Account - teststorageacct",
      "resourceId": "/subscriptions/2374e516-d28b-4898-a39c-6070e078ae31/resourceGroups/testrg/providers/Microsoft.Storage/storageAccounts/teststorageacct"
    }
  ]
}

Sample response

Status code:: 200

Definitions

Name	Description
ErrorRelatedResource	The error related resource details object.
ErrorResponse	The error response.
ErrorResponseDetails	The error response details.
WorkspaceInboundAzureResourceRule	Represents a single inbound Azure resource instance rule that specifies an allowed Azure resource instance for the workspace.
WorkspaceInboundAzureResourceRules	Represents a collection of inbound Azure resource instance rules configured for a workspace. These rules define which Azure resource instances are allowed to access the workspace.

ErrorRelatedResource

Object

The error related resource details object.

Name	Type	Description
resourceId	string	The resource ID that's involved in the error.
resourceType	string	The type of the resource that's involved in the error.

ErrorResponse

Object

The error response.

Name	Type	Description
errorCode	string	A specific identifier that provides information about an error condition, allowing for standardized communication between our service and its users.
message	string	A human readable representation of the error.
moreDetails	ErrorResponseDetails[]	List of additional error details.
relatedResource	ErrorRelatedResource	The error related resource details.
requestId	string (uuid)	ID of the request associated with the error.

ErrorResponseDetails

Object

The error response details.

Name	Type	Description
errorCode	string	A specific identifier that provides information about an error condition, allowing for standardized communication between our service and its users.
message	string	A human readable representation of the error.
relatedResource	ErrorRelatedResource	The error related resource details.

WorkspaceInboundAzureResourceRule

Object

Represents a single inbound Azure resource instance rule that specifies an allowed Azure resource instance for the workspace.

Name	Type	Description
displayName	string	A user-friendly display name for the rule. This name is used for display purposes only and does not affect the rule's functionality.
resourceId	string	The full Azure Resource Manager (ARM) resource ID of the resource within the rule. This is a unique identifier in the format: `/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}`. You can retrieve this from the Azure Portal (Resource properties), Azure CLI (az resource show), or ARM templates.

WorkspaceInboundAzureResourceRules

Object

Represents a collection of inbound Azure resource instance rules configured for a workspace. These rules define which Azure resource instances are allowed to access the workspace.

Name	Type	Description
rules	WorkspaceInboundAzureResourceRule[]	An array of inbound Azure resource instance rules associated with the workspace.