Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Shape the future of the Fabric Community! Your insights matter. That’s why we created a quick survey to learn about your experience finding answers to technical questions. Take survey.

Reply
andrerodrigues
Regular Visitor

Granting a single User Access to a Single Object in a Lakehouse SQL Endpoint

Can @Microsoft  or someone help with how to grant a specific user access to a single object, in this case, a view, within a particular schema in the SQL Endpoint of a lakehouse in the workspace, without granting access to anything else, just this view within this schema in the SQL Endpoint.

What we have so far is adding the user as a viewer in "manage access", denying all access to all schemas within the lakehouse using SQL queries, and then granting access to the specific object (the view) to the respective user. 

Could you help us and let us know if there is a simpler or clearer way to grant this access?

3 ACCEPTED SOLUTIONS
AndyDDC
Most Valuable Professional
Most Valuable Professional

Hi @andrerodrigues you can add the user (or group) to the Lakehouse permissions without checking any of the options.  This adds the user to the Lakehouse permissions as "connect" only.  You can then issue GRANT statements to specify the objects the user (or group) has access to.

 

AndyDDC_0-1729102733806.png

 

--------------------------------------------------------------------------------

If my reply has been useful, please consider providing kudos and marking

as the solution for other community members to find

--------------------------------------------------------------------------------

 

View solution in original post

Hi @andrerodrigues ,

 

The box which @AndyDDC shows, can be found this way:

 

Click the three dots next to the lakehouse name, and then "Manage permissions"

 

frithjof_v_3-1729414927940.png

 

And then "+Add user"

 

frithjof_v_1-1729414520071.png

 

View solution in original post

Shreya_Barhate
Frequent Visitor

The permissions for Lakehouse and SQL endpoints in Microsoft Fabric need to be applied separately because they serve different purposes and have distinct security models.
To provide access to a Single Object in a Lakehouse SQL Endpoint you need share the lakehouse without any additional permission enabled
Shreya_Barhate_0-1729590654562.png

 

Then run the GRANT statement for the object you need to provide access for
SQL:
GRANT SELECT ON OBJECT::schemaname.tablename TO [user@domain.com];  
GO

Now the user should be able to view the data from table.

View solution in original post

4 REPLIES 4
Shreya_Barhate
Frequent Visitor

The permissions for Lakehouse and SQL endpoints in Microsoft Fabric need to be applied separately because they serve different purposes and have distinct security models.
To provide access to a Single Object in a Lakehouse SQL Endpoint you need share the lakehouse without any additional permission enabled
Shreya_Barhate_0-1729590654562.png

 

Then run the GRANT statement for the object you need to provide access for
SQL:
GRANT SELECT ON OBJECT::schemaname.tablename TO [user@domain.com];  
GO

Now the user should be able to view the data from table.
AndyDDC
Most Valuable Professional
Most Valuable Professional

Hi @andrerodrigues you can add the user (or group) to the Lakehouse permissions without checking any of the options.  This adds the user to the Lakehouse permissions as "connect" only.  You can then issue GRANT statements to specify the objects the user (or group) has access to.

 

AndyDDC_0-1729102733806.png

 

--------------------------------------------------------------------------------

If my reply has been useful, please consider providing kudos and marking

as the solution for other community members to find

--------------------------------------------------------------------------------

 

Hello @AndyDDC 
Could you explain where do you access that menu in the Print Screen? Because on my screen, the only menu related with the accesses that I can utilize is this below: 

andrerodrigues_0-1729268778814.png

And using this botton I cannot have those options.

Thank you a lot for the help!

Hi @andrerodrigues ,

 

The box which @AndyDDC shows, can be found this way:

 

Click the three dots next to the lakehouse name, and then "Manage permissions"

 

frithjof_v_3-1729414927940.png

 

And then "+Add user"

 

frithjof_v_1-1729414520071.png

 

Helpful resources

Announcements
November Carousel

Fabric Community Update - November 2024

Find out what's new and trending in the Fabric Community.

Dec Fabric Community Survey

We want your feedback!

Your insights matter. That’s why we created a quick survey to learn about your experience finding answers to technical questions.

November Update

Fabric Monthly Update - November 2024

Check out the November 2024 Fabric update to learn about new features.

Live Sessions with Fabric DB

Be one of the first to start using Fabric Databases

Starting December 3, join live sessions with database experts and the Fabric product team to learn just how easy it is to get started.