cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Azure purview + power FULL PBI tenant scan + restrictions & confidentiality on front exposition

Christoph1250
Copper Contributor

‎Dec 30 2022 03:56 AM - edited ‎Dec 30 2022 04:00 AM

‎Dec 30 2022 03:56 AM - edited ‎Dec 30 2022 04:00 AM

Azure purview + power FULL PBI tenant scan + restrictions & confidentiality on front exposition

Hi All

 

I would like to know  please,  if after a FULL Power BI tenant scan (backend)  , it exists a restrictions/confidentiality / isolations   mechanism  for frontend consumers ? 

 

Exp  : Gucci  Purview consumers only see Gucci  Workspaces  catalog data       

etc. ...

 

If  yes,  do we  need  to play with :

Several PBI  resources  based  FULL  tenant scan +  each time a  WS list ?

AND  Several collections based  these different PBI  resources

 

Exp : A Gucci pbi  collection is linked to  a PBI  Gucci  resources

 

OR other method please to deal with data isolations
Exp : Only one full pbi scan scan &   several collections based WS filters ... ?  

Have a good end of the year fiesta

Thanks a lot for any advise 
Christophe   

1,279 Views
0 Likes
5 Replies
Reply
5 Replies
Christophe11105

‎Jan 03 2023 02:27 AM

‎Jan 03 2023 02:27 AM

Re: Azure purview + power FULL PBI tenant scan + restrictions & confidentiality on front exposition

Hi It sounds this feature doesn't still exist Use case : On Microsoft Purview FRONT a restriction mechanism for Power BI metatada Example : Marco for Airfrance-HR security group can only see HR PBI WS ;>) Power BI backend is a full scan (All Workspaces)
0 Likes
Reply
minettes

‎Jan 30 2023 01:45 PM

‎Jan 30 2023 01:45 PM

Re: Azure purview + power FULL PBI tenant scan + restrictions & confidentiality on front exposi

At the moment Purview can only do a full scan of your Power BI tenant. Currently the only thing you can exclude is personal workspaces.
With some customers we worked around this by using the API to move certain assets to different collections which can have different security applied.
I expect that scoped scan will be possible in the future, but when , still remains to be seen.
0 Likes
Reply
Christophe11105

‎Jan 31 2023 01:44 AM

‎Jan 31 2023 01:44 AM

Re: Azure purview + power FULL PBI tenant scan + restrictions & confidentiality on front exposi

Hi Minettes
Great thanks for this precision
Data-galaxy & Atlan create connections to X WS
& not a full scan like purview
Then on these tools you have : Gucci connection with 12 WS
Ford connection with 23 WS

& each connection is linked to a FRONT access
A front service with particular accesses & roles

On purview semantic do you please call the FRONT access a collection ?

If you don’t follow Data galaxy & Atlan , and want to realize full tenant WS scans , please offer on FRONT several collections(one by Maison) with several WS inside
0 Likes
Reply
minettes

‎Jan 31 2023 11:43 AM

‎Jan 31 2023 11:43 AM

Re: Azure purview + power FULL PBI tenant scan + restrictions & confidentiality on front exposi

I am not very familiar with Atlan or Galaxy but it sounds like a "front" is like a persona specific landing page?
Purview doesn't currently have that, but you can limit what will be displayed to your user by giving them access to only relevant collections.
However, for that to work, you need to scan assets into the collection you wish to map to a certain user group. A collection is not really the same as a "front" rather a group of assets that will have the same security permissions applied.
I hope this helps :)
0 Likes
Reply
Christophe11105

‎Feb 01 2023 10:23 AM

‎Feb 01 2023 10:23 AM

Re: Azure purview + power FULL PBI tenant scan + restrictions & confidentiality on front exposi

Thanks a lot Minettes
Has helped me a lot

Totally agree with you

FRONT is just exposition & we need to manage persona access (confidentiality) via backend collections for purview .. or RLS for power BI
I also noted MS is working on API , around how to add specific PBI assets (WS list?) on particular collections
FIAT_collection , FORD_collection etc …
Will be great this day ....
0 Likes
Reply