Find everything you need to get certified on Fabric—skills challenges, live sessions, exam prep, role guidance, and more.
Get startedGrow your Fabric skills and prepare for the DP-600 certification exam by completing the latest Microsoft Fabric challenge.
We have existing apps with security group roles set up for accessing them without build permission.
Some users now need build permission and I don't want to click each individual dataset to add the permissions.
Is there a way to update the app, add this new security group with build permission but not grant it to others that already have access to the app?
Solved! Go to Solution.
Hey @TCavins ,
then, it's simply not possible.
You can't restrict the App permission settings to only a subset of the configured security groups.
Regards,
Tom
Hey @TCavins ,
I always recommend disabling the below settings during the Power BI App permission configuration:
Instead provide the build permission explicitly, using the Manage permission settings on the dataset.
You can add a security group that has build permission to the App access, and another security that doesn't have the build permission. The second group will be granted read permission implicitly.
it's also necessary to understand that read permission on the dataset does not overrule configured Row Level Security.
Hopefully, this helps to tackle your challenge.
Regards,
Tom
Yes, we've diabled those settings for existing security groups. However, I don't want to click on every single dataset in my apps and add permissions to build for this new group. At that point, any time we add a new app, we'll have to manually add them there too rather inheriting build permissions from the app.
Hey @TCavins ,
then, it's simply not possible.
You can't restrict the App permission settings to only a subset of the configured security groups.
Regards,
Tom
Ask questions in Eventhouse and KQL, Eventstream, and Reflex.
Check out the May 2024 Power BI update to learn about new features.