Introduction

Microsoft Fabric provides robust security controls for managing data access. For the DP-600 certification exam, mastering file-level access control is essential to restrict access to specific folders within a Fabric Lakehouse. In this tutorial, you'll learn how to implement file-level access control using OneLake data access roles to enhance security and compliance while ensuring users have access only to the necessary data.

File-Level Access Control

File-level access control in Microsoft Fabric enables administrators to define security roles that grant read access to specific folders within a Fabric Lakehouse. This ensures that sensitive data remains protected while allowing authorized users to access relevant information.

Unlike broader workspace-level or item-level security, file-level access control ensures that users can only view permitted folders when accessing the Lakehouse.

OneLake data access roles help manage access to specific folders by assigning users to predefined roles. If a user is not assigned to a role with access to a folder, they will not see any data in that Lakehouse.

Implement File-Level Access Control

To configure file-level security in a Fabric Lakehouse, open the desired Lakehouse and follow these steps:

1. Create Role ✅

In the top-right, click Manage OneLake Data Access (Preview).

The Manage OneLake data access opens. Click + New role.

Enter a role name and choose whether the role applies to All folders or Selected folders:

You can view this post with the tier: Academy Membership

Join academy now to read the post and get access to the full library of premium posts for academy members only.

Join Academy Already have an account? Sign In