Jump to content

Recommended Posts

Guest Kruti_Mehta
Posted

[HEADING=1]Overview[/HEADING]

 

As a SaaS service, Fabric offers a complete security package for the entire platform. The Fabric platform comprises of experiences like include Lakehouse, Data Factory, Synapse Data Engineering, Synapse Data Warehouse, Power BI, and others. To understand the security in Fabric we have broken down Fabric components into the following layers:

 

[HEADING=1]Fabric Components[/HEADING]

  1. Data - Where the data actually resides inside Fabric (Warehouse/Lakehouse/Eventhouse/OneLake/Fabric clusters)
  2. Items - These are the building blocks of the Fabric platform. They're the objects that you create and manage in Fabric. There are different types of items, such as data warehouses, data pipelines, semantic models, reports, and dashboards.
  3. Workspace - A logical is a collection of items that brings together different functionality in a single tenant. It acts as a container that leverages capacity for the work that is executed, and provides controls for who can access the items in it. For example, in a sales workspace, users associated with the sales organization can create a data warehouse, run notebooks, create semantic models, create reports, etc.
  4. Domain - A logical grouping of workspaces. Domains are used to organize items in a way that makes sense for your organization. You can group things together in a way that makes it easier for the right people to have access to the right workspaces. For example, you might have a domain for sales, another for marketing, and another for finance.
  5. Capacity - A dedicated set of resources that is available at a given time to be used. A tenant can have one or more capacities associated with it. Capacity defines the ability of a resource to perform an activity or to produce output. Different items consume different capacity at a certain time. Fabric offers capacity through the Fabric SKU and Trials.
  6. Tenant - A dedicated space for organizations to create, store, and manage Fabric items. There's often a single instance of Fabric for an organization, and it's aligned with Microsoft Entra ID. The Fabric tenant maps to the root of OneLake and is at the top level of the hierarchy.You can create any number of workspaces, which you can think of as folders, within a tenant.
  7. One-lake - Microsoft Fabric Lake is also known as OneLake.There is OneLake per tenant. It comes automatically with every Microsoft Fabric tenant and is designed to be the single place for all your analytics data. Its the unified storage layer for Fabric
  8. Power BI - Power BI is an online software service (SaaS, or Software as a Service) offering as part of Microsoft Fabric. Its the unified visualization layer for Fabric. When a Power BI report loads data from OneLake, the data goes through the internal Microsoft network.

[HEADING=1]largevv2px999.png.b60deb87f05d8945881492c6379f7f92.png[/HEADING]

[HEADING=1]Fabric Layer-wise Security Features[/HEADING]

Layer Feature
Data Handling and Security Encryption, Labelling, Customer Lockbox
Access Management Authentication, Authorization, Workspace Identities, Guest user sharing
Item Security Share item via link, Impact Analysis, Semantic Model, Data Warehouse, Lakehouse, Data Factory
Workspace Security Workspace Roles, Access Management, Settings, Retention, Governance, Lineage, State
Domain Security Domain Roles, Creation, Settings, Assignment, Endorsement, Auditing
Capacity Security Tenant Concept and Settings, Capacity License and Features, Access Management, Consumption, Disaster Recovery
PowerBI Security PowerBI Embedded Analytics, Row-level security, Object/Column-Level Security, Dynamic Data Masking
OneLake Security Encryption, Restricted External Access, Shortcuts, Least Privilege, BCDR
Network Security Private Endpoint, Private Links, Service Tags, URL's and Ports

 

Continue reading...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...