Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

View all the Fabric Data Days sessions on demand. View schedule

Reply
manashchak
New Member

Providing Fabric Job Monitor Access to Support Team (Without Lakehouse/Power BI Access)

‎08-11-2025 05:47 AM

Hi,

We need to provide the Support team with Fabric job monitoring access so they can track pipeline jobs and take necessary action if any job fails in the production environment.

However, we do not want to grant them access to:

  • Production Lakehouse data
  • Power BI reports in the production environment

Could you please advise on the best approach to grant job monitor access in Fabric while restricting their access to Lakehouse data and Power BI reports?

Regards,
Manash

Message 1 of 10
605 Views
0
9 REPLIES 9
HarishKM
Memorable Member
Memorable Member

‎08-13-2025 02:56 AM

@manashchak Hey,
I will follow below steps 

 

1) Define custom roles that focus specifically on job monitoring without data access. Ensure these roles have permissions such as viewing job status and logs but restrict permissions for data access and Power BI report view.

2) Check if existing roles like FabricJobMonitor or similar roles suit your needs and restrict from database and report access.

3) If your Fabric environment allows, grant permissions specifically for monitoring tasks, alerts, and notifications on pipeline jobs but not data access.

4) Allow access to logs, alerts, and monitoring dashboards which don't expose direct data

5)  Ensure the Lakehouse data access permissions are strictly defined. Only grant data access to predefined fully trusted roles.

6) Within Power BI, set permissions at workspace or report level to ensure Support team roles cannot view or edit reports.

7) If necessary, consider data masking or encryption at rest for Lakehouse data that makes accidental exposure less impactful.

😎 If Fabric supports dedicated monitoring dashboards or APIs, configure these for Support team usage without revealing underlying data

 

 


Thanks

Harish M

Kindly accept it as solution if it solved your problem. Kindly give kudos.

 

Message 10 of 10
491 Views
0
BalajiL
Helper III
Helper III

‎08-11-2025 07:22 AM

@manashchak 

Can you confirm the requirement is Support team should not have access to any of the workspace items and they need only to check job level access?   

Option 1: In that case 

  • Set up a dedicated workspace that uses Fabric’s workspace monitoring capabilities via Fabric APIs or Eventstreams.
  • Push pipeline run logs to this monitoring workspace.
  • Give Support team access from the dedicated workspace.

Option 2:  Give minimal access at workspace level - viewer.  They can able to view but not able to edit. 

Option 3:  Give item level access instead at workspace level. 

 

 

Message 6 of 10
563 Views
manashchak
New Member
In response to BalajiL

‎08-11-2025 07:32 AM

Thanks for your response.

For Option 2 & Option 3 - Since it is a production environment, we need to restrict the support team's access to data even at the viewer level.
Unfortunately, granular-level access is not available for Data Pipelines.

Message 7 of 10
561 Views
v-lgarikapat
Community Support
Community Support
In response to manashchak

‎08-12-2025 10:21 PM

Hi @manashchak ,

Thanks for reaching out to the Microsoft fabric community forum.

@BalajiL , @wardy912 , 

Thanks for your prompt response,

Since granular-level access is not currently available for Data Pipelines, This appears to be a current limitation in Fabric . I recommend submitting this scenario as a feature request on the official Fabric Ideas forum. The Product Team actively reviews submissions there, and suggestions with strong community support are often considered for future enhancements.

We appreciate your collaboration and support!

Best Regards,
Lakshmi.
Message 8 of 10
498 Views
0
v-lgarikapat
Community Support
Community Support
In response to v-lgarikapat

‎08-20-2025 02:22 AM

Hi @manashchak ,

I just wanted to follow up with you to check if you had a chance to submit the scenario to the Ideas forum.

 

Best Regards,

Lakshmi.

 

 

 

Message 9 of 10
412 Views
0
manashchak
New Member

‎08-11-2025 07:07 AM

Ok Thanks.

Message 5 of 10
563 Views
0
wardy912
Memorable Member
Memorable Member

‎08-11-2025 06:42 AM

Hi @manashchak 

 

 You should isolate the production lakehouse data and reports in a workspace that they do not have access to.

Data pipelines can be added into a separate workspace. All users have access to the monitoring hub and only have visibility of items that have been shared with or created by them.

 

I hope i've understood the request there, it does feel like workspace separation is all that's required.

 

Obviously someone with access to the lakehouse will need to create the connection, but can add either individual users or a security group to allow visibility in the pipeline.

 

 You may also want to prevent the users from editing pipelines. In that case, you will need to share the pipeline directly from the item level.

 

 If you decide it's best to give them limited access to the lakehouse, you can look at onelake security.

 

I hope this helps, please give a thumbs up and mark as solved if it does, thanks!

Message 2 of 10
587 Views
manashchak
New Member
In response to wardy912

‎08-11-2025 06:50 AM

Thanks for the response. 

can you please elaborate on this point: " You may also want to prevent the users from editing pipelines. In that case, you will need to share the pipeline directly from the item level."

 

Message 3 of 10
584 Views
0
wardy912
Memorable Member
Memorable Member
In response to manashchak

‎08-11-2025 07:02 AM

I've just checked and unfortunately this is actually missing for pipelines! With other fabric items, you can click the 3 dots next to them and select 'manage permissions' to assign direct access to the individual item, rather than giving users workspace access which may be too much. 

 

wardy912_0-1754920924985.png

Shame this is not available on pipelines (yet!) Sorry for the incorrect info

Message 4 of 10
575 Views

Helpful resources

Announcements
November Fabric Update Carousel

Fabric Monthly Update - November 2025

Check out the November 2025 Fabric update to learn about new features.

FabCon Atlanta 2026 carousel

FabCon Atlanta 2026

Join us at FabCon Atlanta, March 16-20, for the ultimate Fabric, Power BI, AI and SQL community-led event. Save $200 with code FABCOMM.

View All
Top Kudoed Authors
View All