Control ACCESS to your Microsoft Fabric Lakehouse or Warehouse

Great timing. Exactly what I needed at the moment :D

Thanks Adam. This made it understand the layers of security we have at our fingertips.

Nice video, and nice t-shirt! Appreciate the knowledge sharing. I'm just getting started with Fabric, and watched all the vids in your new playlist.
Q: Have you done one on column obfuscation ?

Excellent explanation! Thanks

Nice video 😊

Thanks for video!
How to give ability to several users to see one row under security rules? As I understand, each row can have the only one user to show.

Still need to dig into RLS but I woild think the opposite is most beneficial being able to give viewer access and block access to the endpoint

Great video ! two questions:
How will these security rules apply to the final powerBi report ? My guess is that the security will be the one from the user who built it (in import mode)
What about the new synapse link from dataverse ? can you also apply thoses policies on the database that is created by the power platform ?

My only concern nowadays with Fabric is the security/capabilities: a lot of enteprises need to segment people, or to have the chance to do it.
In some organizations you can create reports, but no datamarts! I really don't understand why we can't have finer rights...

How are the 3 items in Additional permissions at 2:48 related to the permissions at 4:03? Does only checking Read All SQL endpoint data, map to both Read, ReadData?
Are there longer descriptions of what both 2:48 and 4:03 mean?

It seems that features that had been no-code in Power BI are now partially coded (like RLS shown here) in Fabric. I hope they find back to the mainly no-code approach via GUI.

Q: I have three lakehouses in my Workspace out of which on one i have given a read access to a service principal but when i am connecting via service principal on SSMS i can see all three lakehouses instead of one where am i going wrong service principal has no other access at workspace level just a reader access on one of the lakehouse

Q: Can you create column level security with a group? Example: a you have an access policy “financial data” which should restrict access to some columns/tables. And if someone wants to read this data, they would need to be in certain group. Can this be done?

Not sure that RLS is effective. You would have to have salesrep on every table to restrict data in other tables.

Hi,
excellent video, thanks.
but for now there is a limitation.
in my case I'm using view on my datawarehouse to get data from a lakehouse (in the same workspace using a diamond architecture bronze / silver / gold)
so the view in the datawarehouse allows me to give access to the data to my end user
but the problem : I also have to grant access to the lakehouse to my user.
it's not like in SQL Server where I can have a view in 1 database without granting access to the underlying database itself to my end user.
so, did you have some idea on how to manage the security without duplicating the data and without granting access to my bronze and silver layer?
thanks.