Edit

Workspaces - Set Network Communication Policy

Service:
Core
API Version:
v1

Sets the networking communication policy for the specified workspace.
This API uses the PUT method and overwrites all settings. If only a partial policy is provided in the request body, remaining settings are set to the default values. Always call the Get Network Communication Policy operation first and provide the full policy in the request body.

Note

If defaultAction is omitted from the request body, it defaults to Allow, which may unintentionally open inbound and outbound network access. Always explicitly specify defaultAction in every PUT request body.

Permissions

The caller must have admin workspace role.

Required Delegated Scopes

Workspace.ReadWrite.All

Microsoft Entra supported identities

This API supports the Microsoft identities listed in this section.

Identity Support
User Yes
Service principal and Managed identities Yes

Interface

PUT https://api.fabric.microsoft.com/v1/workspaces/{workspaceId}/networking/communicationPolicy

URI Parameters

Name In Required Type Description
workspaceId
 path True

string (uuid)

The workspace ID.

Request Header

Name Required Type Description
If-Match

string

An ETag value. The ETag must be specified in quotes. If provided, the call will succeed only if the resource's ETag matches the provided ETag.

Request Body

Name Type Description
inbound

InboundRules

The inbound network communications properties for a workspace.
outbound

OutboundRules

The outbound network communications properties for a workspace.

Responses

Name Type Description
200 OK

Request completed successfully.

Headers

ETag: string
429 Too Many Requests

ErrorResponse

The service rate limit was exceeded. The server returns a Retry-After header indicating, in seconds, how long the client must wait before sending additional requests.

Headers

Retry-After: integer
Other Status Codes

ErrorResponse

Common error codes:

  • UnknownError - An error occurred.

Examples

Set workspace networking communication policy example

Sample request

PUT https://api.fabric.microsoft.com/v1/workspaces/47482db6-4583-4672-86dd-999d0f8f4d7a/networking/communicationPolicy

{
  "inbound": {
    "publicAccessRules": {
      "defaultAction": "Allow"
    }
  },
  "outbound": {
    "publicAccessRules": {
      "defaultAction": "Deny"
    }
  }
}

Sample response

Status code:
200 
ETag: 0f8fad5b-d9cb-469f-a165-70867728950e

Definitions

Name Description
ErrorRelatedResource

The error related resource details object.
ErrorResponse

The error response.
ErrorResponseDetails

The error response details.
InboundRules

The policy for all inbound communications to a workspace.
NetworkAccessRule

The default policy for workspace access from public networks. If omitted from a PUT request body, this field defaults to Allow, which may unintentionally open network access. Always explicitly specify this field in every PUT request body.
NetworkRules

The policy defining access to/from a workspace to/from public networks.
OutboundRules

The policy for all outbound communications from a workspace.
WorkspaceNetworkingCommunicationPolicy

The networking communication policy for a workspace.

ErrorRelatedResource

Object

The error related resource details object.

Name Type Description
resourceId

string

The resource ID that's involved in the error.
resourceType

string

The type of the resource that's involved in the error.

ErrorResponse

Object

The error response.

Name Type Description
errorCode

string

A specific identifier that provides information about an error condition, allowing for standardized communication between our service and its users.
isRetriable

boolean

When true, the request can be retried. Use the Retry-After response header to determine the delay, if available.
message

string

A human readable representation of the error.
moreDetails

ErrorResponseDetails[]

List of additional error details.
relatedResource

ErrorRelatedResource

The error related resource details.
requestId

string (uuid)

ID of the request associated with the error.

ErrorResponseDetails

Object

The error response details.

Name Type Description
errorCode

string

A specific identifier that provides information about an error condition, allowing for standardized communication between our service and its users.
message

string

A human readable representation of the error.
relatedResource

ErrorRelatedResource

The error related resource details.

InboundRules

Object

The policy for all inbound communications to a workspace.

Name Type Description
publicAccessRules

NetworkRules

The policy for inbound communications to a workspace from public networks.

NetworkAccessRule

Enumeration

The default policy for workspace access from public networks. If omitted from a PUT request body, this field defaults to Allow, which may unintentionally open network access. Always explicitly specify this field in every PUT request body.

Value Description
Allow

Allow all connections.
Deny

Deny all connections.

NetworkRules

Object

The policy defining access to/from a workspace to/from public networks.

Name Type Description
defaultAction

NetworkAccessRule

The default policy for workspace access from public networks. If omitted from a PUT request body, this field defaults to Allow, which may unintentionally open network access. Always explicitly specify this field in every PUT request body.

OutboundRules

Object

The policy for all outbound communications from a workspace.

Name Type Description
publicAccessRules

NetworkRules

The policy for outbound communications to public networks from a workspace.

WorkspaceNetworkingCommunicationPolicy

Object

The networking communication policy for a workspace.

Name Type Description
inbound

InboundRules

The inbound network communications properties for a workspace.
outbound

OutboundRules

The outbound network communications properties for a workspace.