Restrict access to Azure synapse dedicated SQL database

Copper Contributor

In our project we are using Azure Synapse Dedicated SQL database. Users will access the reports through PowerBI and they are authenticated using AD. 

We have enabled public access to the database. Because of AD authentication if a user wish to connect to database they can login to the database directly.
The issue here is there is row level security enabled at PowerBI level and user can bypass this if they connect to DB directly.

What is the recommended approach to restrict user access?

1. Enable RowLevel security at database level to restrict data if user connect to database directly.
2. Restrict users from accessing database directly be setting firewall rule which enable only PowerBI server to connect to the database.

Should I go with approach 1 or 2? Or is there any other solution better than this?

Thanks

0 Replies