Data Access Control: Object Level Permissions for Security & Governance in Microsoft Fabric
Вставка
- Опубліковано 15 чер 2024
- In this concise tutorial video, I walk you through Data Access Control - Object Level Permissions (aka as Compute permissions) in Microsoft Fabric. We explore how to set granular data permissions within Fabric's compute engine, focusing on the SQL endpoint and semantic models.
The SQL endpoint provides direct SQL access to tables in OneLake and allows for native security configuration through SQL commands, ensuring specific control over table and row-level security for SQL queries. Semantic models enable security to be defined using DAX, applying restrictions to users querying through the semantic model or using Power BI reports built on it. Don't hesitate to leave your questions in the comments, and feel free to share your UA-cam uploads. Cheers!
#microsoftfabric #permissions #objects #fabricsecurity #fabric #msfabric #microsoft #fabricator #DataAnalytics #ai #microsoft #security #powerbi #datawarehouse #lakehouse #dataengineering #datafactory #dataactivator #datascience
For additional content, you can also explore my blog - www.dharmendrakeshari.com/
Data Access Control: Workspace Roles for Security & Governance in Microsoft Fabric: • Data Access Control: W...
Data Access Control: Item permissions for Security & Governance in Microsoft Fabric: • Data Access Control: I...
Additional References: learn.microsoft.com/en-us/fab... - Наука та технологія
Very informative tutorial!!
Very nicely done, thanks Dharmendra!
Thank you Will!
Great video with explanations. Even with the correct GRANT statements to alter the SQL endpoint permissions, a user cannot seem to create VIEWS on a user specific or main dbo schema? does this seem right? A user can perform many DML operations but not create VIEWS?
@rameshpaskarathas6512, did you see any error?
@@KeshariDharmendra.I get an error below: " Error Details The view could not be created because of the following error. Error Code InternalError Message An internal error occurred."
I created some roles in through SQL queries in my lakehouse, I then granted this role to people and they had access to only the tables they should. However, when I woke up my pipelines that overwrite, replace or drop tables to bring in new data had all removed the roles of the people and they had nothing again? Is this how it's supposed to work?
Replace and drop will remove the access instead give access at schema level. GRANT SELECT ON schema:dbo to xyz;
@@KeshariDharmendra Thank you, I was surprised that "Copy data activity" with Overwrite as table action also removed access but it hopefully won't be a problem if I do it at schema level.
@@William-Liljedahl Yes, I am assuming that it should work. If it doesn't, we can think of creating another SP activity in the pipeline to give permission