Forum Discussion
Azure purview + power FULL PBI tenant scan + restrictions & confidentiality on front exposition
Hi All
I would like to know please, if after a FULL Power BI tenant scan (backend) , it exists a restrictions/confidentiality / isolations mechanism for frontend consumers ?
Exp : Gucci Purview consumers only see Gucci Workspaces catalog data
etc. ...
If yes, do we need to play with :
Several PBI resources based FULL tenant scan + each time a WS list ?
AND Several collections based these different PBI resources
Exp : A Gucci pbi collection is linked to a PBI Gucci resources
OR other method please to deal with data isolations
Exp : Only one full pbi scan scan & several collections based WS filters ... ?
Have a good end of the year fiesta
Thanks a lot for any advise
Christophe
5 Replies
- minettes
Microsoft
At the moment Purview can only do a full scan of your Power BI tenant. Currently the only thing you can exclude is personal workspaces.
With some customers we worked around this by using the API to move certain assets to different collections which can have different security applied.
I expect that scoped scan will be possible in the future, but when , still remains to be seen.- Hi Minettes
Great thanks for this precision
Data-galaxy & Atlan create connections to X WS
& not a full scan like purview
Then on these tools you have : Gucci connection with 12 WS
Ford connection with 23 WS
& each connection is linked to a FRONT access
A front service with particular accesses & roles
On purview semantic do you please call the FRONT access a collection ?
If you don’t follow Data galaxy & Atlan , and want to realize full tenant WS scans , please offer on FRONT several collections(one by Maison) with several WS inside- minettesI am not very familiar with Atlan or Galaxy but it sounds like a "front" is like a persona specific landing page?
Purview doesn't currently have that, but you can limit what will be displayed to your user by giving them access to only relevant collections.
However, for that to work, you need to scan assets into the collection you wish to map to a certain user group. A collection is not really the same as a "front" rather a group of assets that will have the same security permissions applied.
I hope this helps 🙂
- Hi It sounds this feature doesn't still exist Use case : On Microsoft Purview FRONT a restriction mechanism for Power BI metatada Example : Marco for Airfrance-HR security group can only see HR PBI WS ;>) Power BI backend is a full scan (All Workspaces)
