Microsoft Fabric Blog announces the general availability of Outbound Access Protection (OAP) for Spark workloads, providing workspace-level controls to restrict outbound connectivity and strengthen security.

Outbound Access Protection for Spark Now Generally Available in Microsoft Fabric

Author: Microsoft Fabric Blog

Outbound Access Protection (OAP) for Spark is now generally available in Microsoft Fabric workspaces. This new security feature is designed to restrict outbound connectivity, helping organizations prevent data exfiltration from their Spark workloads.

Key Features

Restricts Outbound Connectivity: Control outbound connections from Spark workloads within Fabric workspaces, limiting exposure to external destinations and other Fabric workspaces in the same tenant.
Granular Workspace Controls: Organizations gain fine-grained governance over where data can be sent, adding a new layer of security for sensitive workloads and compliance requirements.
Centralized Management: OAP functionality can be managed at the workspace level, integrating with existing Fabric security and governance features.
Expansion Plans: Microsoft is actively working to expand OAP coverage to include Data Factory artifacts and additional experiences, further strengthening Fabric’s overall security posture.

How It Works

When enabled, OAP restricts Spark jobs from making outbound connections that haven’t been approved by workspace administrators.
Administrators can specify permitted external endpoints and regulate peer-to-peer connectivity within a tenant.
OAP helps prevent unintentional data leakage and supports regulatory compliance strategies.

Resources and Further Reading

What’s Next?

Microsoft plans to expand OAP support to Data Factory artifacts and encourages user feedback through the Fabric Community.

For feedback, visit the Fabric Ideas portal to share your suggestions on securing and extending Fabric workspace controls.

This post appeared first on “Microsoft Fabric Blog”. Read the entire article here