Solved: Query About File Sharing and Access in OneLake Wor...

HamidBee · ‎01-12-2024

Hi All,

I'm considering using OneLake, integrated with Microsoft Fabric, as a unified data lake solution for my organization. Before proceeding, I have a specific question regarding file sharing and access within OneLake:

When you download and set up OneLake, and start adding files to your workspace, does everyone in your organization automatically have access to these files? Or is there a need to set up specific access permissions or sharing settings for each file or folder within OneLake?.

This is from the MS docs:

"OneLake is a single, unified, logical data lake for your whole organization. Like OneDrive, OneLake comes automatically with every Microsoft Fabric tenant and is designed to be the single place for all your analytics data. OneLake brings customers:

One data lake for the entire organization One copy of data for use with multiple analytical engines One data lake for the entire organization Before OneLake, it was easier for customers to create multiple lakes for different business groups rather than collaborating on a single lake, even with the extra overhead of managing multiple resources. OneLake focuses on removing these challenges by improving collaboration. Every customer tenant has exactly one OneLake. There can never be more than one and if you have Fabric, there can never be zero. Every Fabric tenant automatically provisions OneLake, with no extra resources to set up or manage."

I'm particularly interested in understanding how OneLake handles default access to new data items within its environment. This information is crucial for ensuring the appropriate level of data privacy and collaboration within my team.

Any insights or experiences you can share about file access management and sharing in OneLake would be greatly appreciated!

Thank you in advance for your help!.

Anonymous · ‎01-14-2024

Hi @HamidBee

Here is my answer for your concerns:

In OneLake, access to files and folders is not automatically granted to everyone in the organization by default. When new data items are added to OneLake, the default access permissions would typically be set to private or restricted to certain roles or individuals, depending on your organization's policies and the configuration of the lake.

Microsoft Fabric workspaces sit on top of OneLake and divide the data lake into separate containers that can be secured independently. Workspace roles let you manage who can do what in a Microsoft Fabric workspace. When a new data item is added to a workspace in OneLake, only workspace members will have specific permissions on the item automatically. To learn about how to manage workspace access and role permissions, please read the following documentations:

Roles in workspaces in Microsoft Fabric

Give users access to workspaces

In addition, you can also share a data item with someone who doesn't have a role in the workspace which the item is located in, please read Share items in Microsoft Fabric

You don't have to download OneLake. It is there in the Fabric Service online. To discover the data in Fabric service, you can read Discover Fabric content in the OneLake data hub

One application you can download to manage data in OneLake is OneLake file explorer application, which is seamlessly integrates OneLake with Windows File Explorer. This application automatically syncs all OneLake items that you have access to in Windows File Explorer. Please read Access Fabric data locally with OneLake file explorer

For more concerns and practices regarding data privacy and data security, you could read the following documentations:

Apply sensitivity labels to Fabric items

OneLake security

Get started securing your data in OneLake

Best Regards,
Jing
If this post helps, please Accept it as Solution to help other members find it. Appreciate your Kudos!

View solution in original post

HamidBee · ‎01-15-2024

Thank you very much for the detailed reply.

Anonymous · ‎01-14-2024