![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 75%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMN%3C/text%3E%3C/svg%3E)
Azure Synapse Analytics
An Azure analytics service that brings together data integration, enterprise data warehousing, and big data analytics. Previously known as Azure SQL Data Warehouse.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 13%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPV%3C/text%3E%3C/svg%3E)
Hello Mondli Ndlela!
Thanks for posting your query on QnA! Let me try to help you with my observations here.
See, when a Synapse workspace is configured for private access, its internal services and components (like Spark pools and SQL serverless endpoint) communicate exclusively within your VNet via private endpoints. When you switch to public access and then back to private, this process can lead to a state where the Synapse control plane cannot correctly provision or manage its internal resources. This can cause a generic "Resource provisioning failed" error that indicates a problem with the service's ability to communicate with its dependencies over the network.
Suggested Actions to Resolve
Since this is a provisioning failure, direct troubleshooting of a running resource isn't possible. You can try the following steps to troubleshoot it better
Revert to Public Access (Temporarily): The fastest way to restore functionality and make the workspace accessible for management is to temporarily toggle the network access back to public. This often resolves the provisioning issue by allowing the internal services to bypass the private endpoint configuration and recover.
- Delete and Recreate Private Endpoints: Once the workspace is accessible again, delete the existing private endpoints and their corresponding DNS records. Then, recreate the private endpoints for your Synapse workspace. This ensures a clean, correct link between the workspace and your VNet. For detailed instructions, refer to the Azure Synapse Analytics Private Endpoints documentation and https://learn.microsoft.com/en-us/azure/synapse-analytics/security/connectivity-settings?tabs=workspace.
- Validate DNS Resolution: A common cause of issues with private endpoints is incorrect DNS resolution. The private DNS zone (e.g.,
privatelink.sql.azuresynapse.net) must be linked to your VNet and contain A records that point to the private IP addresses of your Synapse resources. You can refer this similar issue as well for troubleshooting.
Also, To better understand your specific situation and provide more targeted advice, could you please answer the following:
- After changing the Synapse workspace's network access back to private, did you delete and recreate the private endpoints?
- Can you confirm that the private DNS zones for the Synapse workspace are properly configured and linked to the VNet? Specifically, check for the
privatelink.sql.azuresynapse.netandprivatelink.dev.azuresynapse.netzones and their A records. - What specific actions were you performing when the provisioning failed? Were you trying to start a Spark pool, run a pipeline, or something else?
Please try to share some screenshot of the error or logs if possible so that I can guide you more accurately.
Thanks, and Happy to Help!
Pratyush