Thanks for video! How to give ability to several users to see one row under security rules? As I understand, each row can have the only one user to show.
Nice video, and nice t-shirt! Appreciate the knowledge sharing. I'm just getting started with Fabric, and watched all the vids in your new playlist. Q: Have you done one on column obfuscation ?
How are the 3 items in Additional permissions at 2:48 related to the permissions at 4:03? Does only checking Read All SQL endpoint data, map to both Read, ReadData? Are there longer descriptions of what both 2:48 and 4:03 mean?
Great video ! two questions: How will these security rules apply to the final powerBi report ? My guess is that the security will be the one from the user who built it (in import mode) What about the new synapse link from dataverse ? can you also apply thoses policies on the database that is created by the power platform ?
Hi, I am trying to write data to Lakehouse using Service Principal ID, and I am unable to grant access the way you showed it here. Can you please suggest ways?
My only concern nowadays with Fabric is the security/capabilities: a lot of enteprises need to segment people, or to have the chance to do it. In some organizations you can create reports, but no datamarts! I really don't understand why we can't have finer rights...
If I want to connect to my database with an external user (an app in my case) where i dont have an email but a key and id, is it possible? or MFA Autentification its a limit?
Q: Can you create column level security with a group? Example: a you have an access policy “financial data” which should restrict access to some columns/tables. And if someone wants to read this data, they would need to be in certain group. Can this be done?
Q: I have three lakehouses in my Workspace out of which on one i have given a read access to a service principal but when i am connecting via service principal on SSMS i can see all three lakehouses instead of one where am i going wrong service principal has no other access at workspace level just a reader access on one of the lakehouse
Hi, excellent video, thanks. but for now there is a limitation. in my case I'm using view on my datawarehouse to get data from a lakehouse (in the same workspace using a diamond architecture bronze / silver / gold) so the view in the datawarehouse allows me to give access to the data to my end user but the problem : I also have to grant access to the lakehouse to my user. it's not like in SQL Server where I can have a view in 1 database without granting access to the underlying database itself to my end user. so, did you have some idea on how to manage the security without duplicating the data and without granting access to my bronze and silver layer? thanks.
It seems that features that had been no-code in Power BI are now partially coded (like RLS shown here) in Fabric. I hope they find back to the mainly no-code approach via GUI.
Sorry to say this, but the granularity control of items in Fabric is horrible. In a wspace for example, either everyone only sees EVERYTHING or everyone can change EVERYTHING. This is terrible, because if I want to give permission to one of my users to write to a specific folder in a lakehouse and not even see the rest of the folders, where this users not have any interset, the answer is: I'm sorry, you pay 2K$ monthly, but Fabric doesn't do this simple management accesses.
Great timing. Exactly what I needed at the moment :D
Thanks Adam. This made it understand the layers of security we have at our fingertips.
Thanks for video!
How to give ability to several users to see one row under security rules? As I understand, each row can have the only one user to show.
Nice video, and nice t-shirt! Appreciate the knowledge sharing. I'm just getting started with Fabric, and watched all the vids in your new playlist.
Q: Have you done one on column obfuscation ?
How are the 3 items in Additional permissions at 2:48 related to the permissions at 4:03? Does only checking Read All SQL endpoint data, map to both Read, ReadData?
Are there longer descriptions of what both 2:48 and 4:03 mean?
Still need to dig into RLS but I woild think the opposite is most beneficial being able to give viewer access and block access to the endpoint
Nice video 😊
Excellent explanation! Thanks
Great video ! two questions:
How will these security rules apply to the final powerBi report ? My guess is that the security will be the one from the user who built it (in import mode)
What about the new synapse link from dataverse ? can you also apply thoses policies on the database that is created by the power platform ?
Hi, I am trying to write data to Lakehouse using Service Principal ID, and I am unable to grant access the way you showed it here. Can you please suggest ways?
My only concern nowadays with Fabric is the security/capabilities: a lot of enteprises need to segment people, or to have the chance to do it.
In some organizations you can create reports, but no datamarts! I really don't understand why we can't have finer rights...
Thank you!
If I want to connect to my database with an external user (an app in my case) where i dont have an email but a key and id, is it possible? or MFA Autentification its a limit?
Q: Can you create column level security with a group? Example: a you have an access policy “financial data” which should restrict access to some columns/tables. And if someone wants to read this data, they would need to be in certain group. Can this be done?
Like a sales rep only seeing their sales numbers? You would have to define row level security
I suspect the same way you can call the users name, you should be able to call their department
Q: I have three lakehouses in my Workspace out of which on one i have given a read access to a service principal but when i am connecting via service principal on SSMS i can see all three lakehouses instead of one where am i going wrong service principal has no other access at workspace level just a reader access on one of the lakehouse
Not sure that RLS is effective. You would have to have salesrep on every table to restrict data in other tables.
Hi,
excellent video, thanks.
but for now there is a limitation.
in my case I'm using view on my datawarehouse to get data from a lakehouse (in the same workspace using a diamond architecture bronze / silver / gold)
so the view in the datawarehouse allows me to give access to the data to my end user
but the problem : I also have to grant access to the lakehouse to my user.
it's not like in SQL Server where I can have a view in 1 database without granting access to the underlying database itself to my end user.
so, did you have some idea on how to manage the security without duplicating the data and without granting access to my bronze and silver layer?
thanks.
It seems that features that had been no-code in Power BI are now partially coded (like RLS shown here) in Fabric. I hope they find back to the mainly no-code approach via GUI.
Sorry to say this, but the granularity control of items in Fabric is horrible. In a wspace for example, either everyone only sees EVERYTHING or everyone can change EVERYTHING. This is terrible, because if I want to give permission to one of my users to write to a specific folder in a lakehouse and not even see the rest of the folders, where this users not have any interset, the answer is: I'm sorry, you pay 2K$ monthly, but Fabric doesn't do this simple management accesses.