Cross-Tenant Purview Scan of Fabric Lakehouse fails to ingest Sub-items (Delta Tables)
Environment: Tenant 1 (Consumer): Azure Purview (Microsoft Purview Data Map). Tenant 2 (Provider): Microsoft Fabric (Capacity + Workspaces). Architecture: Purview in Tenant 1 is scanning Fabric in Tenant 2 via the "Fabric" Data Source using Azure Auto-Resolve Integration Runtime. The Issue: I can successfully scan and see Item-level metadata (e.g., Workspace Name, Lakehouse Name). However, I am getting Zero sub-item visibility. No Delta Tables, no Columns, and no sub-item lineage are being ingested into Purview. Configuration Verified: Service Principal (SPN): Created an App Registration in Tenant 2 (Fabric Tenant). Permissions: The SPN is a Member (and I tested Admin) of the target Fabric Workspace. Fabric Admin Settings (Tenant 2): Allow service principals to use read-only admin APIs: Enabled for the SPN's Security Group. Enhance admin APIs responses with detailed metadata: Enabled. Enhance admin APIs responses with DAX and mashup expressions: Enabled. My Specific Questions for the Product Team / MVPs/Members: Authentication Flow: For sub-item ingestion (Delta Tables) to work cross-tenant, is it sufficient for the SPN to be a standard App Registration in Tenant 2 (Provider), or does Fabric require the "Cross-Tenant Access" (Guest User) flow where a shadow SPN is created via the specific trusted external tenants configuration? API Limitation: Is the "Enhanced Metadata" API payload (metadata/subartifacts) restricted to Same-Tenant calls only during the current Preview? I suspect the API is returning a standard payload instead of the enhanced one due to the cross-tenant boundary. Workaround: Has anyone successfully forced ingestion of Delta Tables cross-tenant by using the Apache Atlas REST API to manually inject the schema entities, or is there a specific hidden toggle in the Fabric Admin Portal (perhaps specifically for "External Principals") that I am missing?
Azure Purview Self-Service Access policy not working.
Using this https://learn.microsoft.com/en-us/purview/how-to-policies-self-service-storage we created a Workflow for self-service data access policy. When a consumer submits a request for a Read access to a data asset, it successfully sends the request to the data owner of the asset. Data Owner approves the request, and after approval, a policy gets successfully auto generated. But the consumer still does not have Read access to the data asset via Azure Portal or Azure Storage Explorer. According to following official documentations and a video from Purview teams, the consumer should have a Read access to the data asset. Question: What we may have been missing and how the issue can be resolved? Remarks: We have verified all the prerequisites described in the above link, as follows: Ran the short PowerShell script: # Install the Az module Install-Module -Name Az -Scope CurrentUser -Repository PSGallery -Force # Login into the subscription Connect-AzAccount -Subscription <SubscriptionID> # Register the feature Register-AzProviderFeature -FeatureName AllowPurviewPolicyEnforcement -ProviderNamespace Microsoft.Storage Data Asset: ADLSGen2 Storage Account [This was created after the above script run] Purview Collection: Collection1 (subcollection of root collection) Data Owner roles on the storage account: IAM Owner, Storage Blob Data Contributor Data Owner roles on Collection1: Data Curator, Data Reader Consumer role on Collection1: Reader A screenshot of the policy auto-generated after an approval from data owner: Ref: https://learn.microsoft.com/en-us/purview/concept-self-service-data-access-policy https://learn.microsoft.com/en-us/purview/how-to-workflow-self-service-data-access-hybrid https://learn.microsoft.com/en-us/purview/how-to-enable-data-policy-enforcement https://www.youtube.com/watch?v=CFE8ltT19SsAzure SQL Database's Primary Key and Foreign Key is not missing Azure Purview
Azure Purview can scan the Primary Key and Foreign Key constraints from Azure non-native software like Salesforces. But Azure Purview is not scanning the Primary Key and Foreign Key constraints from Azure native software like Azure SQL DB. Refer below screenshot Please refer above screenshot, ID columns is Primary key in Azure SQL Database. But Primary key icon is not shown in Azure Purview. Could you please help us in this issue?
