Share via

Azure Synapse Link Roles

Manuel Alejandro Estrada Doñes 20 Reputation points
2025-03-10T18:50:37.9866667+00:00

Hi Team

I have a Synapse Link With F&O now we are transitioning to Production, but all the UAT process has been made with SysAdmin permissions on the Power Platform Environment, I tried to find documentation about the roles but can't find anything, could you please let me know where i can find this documentation the idea is set some role different to Sys Admin in th environment but that this role can add tables in case is need it.

Regards.

Azure Synapse Analytics
Azure Synapse Analytics
An Azure analytics service that brings together data integration, enterprise data warehousing, and big data analytics. Previously known as Azure SQL Data Warehouse.
5,233 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Ganesh Gurram 4,965 Reputation points Microsoft External Staff
    2025-03-11T05:44:51.4066667+00:00

    Hi @Manuel Alejandro Estrada Doñes

    To manage Azure Synapse Link for Dynamics 365 Finance and Operations (F&O) without granting full System Administrator (SysAdmin) permissions, you can assign specific roles that provide the necessary access to add tables while maintaining security. Here's how you can achieve this:

    To add tables in Azure Synapse Link for Dataverse, users need specific permissions in both the Power Platform environment and the Dynamics 365 F&O environment:

    Environment Maker Role - This role allows users to create resources within an environment, including connections and gateways, which are essential for configuring Azure Synapse Link.

    Data Management Permissions - Users should have permissions to access the Data Management workspace to manage data entities and tables.

    System Administration Permissions - Limited permissions to access system administration settings may be necessary, especially for enabling features like change tracking on tables.

    For tables to be available for selection in Azure Synapse Link, change tracking must be enabled:

    Verify Change Tracking - Ensure that change tracking is enabled for the tables you intend to sync. This can be done in the Dynamics 365 F&O environment under System Administration > Setup > System parameters > Database.

    SQL Row Version Change Tracking - Starting from Dynamics 365 F&O version 10.0.39, the SQL row version change tracking configuration is enabled by default. However, it's advisable to verify this setting. If needed, re-enable it by navigating to System Administration > Setup > License configuration, unchecking and then rechecking the 'Sql row version change tracking' option, and saving the changes.

    Instead of granting SysAdmin permissions, consider assigning the following roles:

    Create a custom security role that includes the necessary privileges to manage data entities and enable change tracking. Assign this role to users responsible for configuring Azure Synapse Link.

    Assign the Environment Maker role to users in the Power Platform environment to allow them to set up and manage Azure Synapse Link configurations.

    For detailed guidance on setting up and managing Azure Synapse Link with Dynamics 365 F&O, refer to the following resources:

    By assigning these specific roles and ensuring necessary configurations, you can securely manage Azure Synapse Link for Dynamics 365 F&O without granting full SysAdmin permissions.

    Hope this helps. Do let us know if you have any further queries.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.