Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Join us for an expert-led overview of the tools and concepts you'll need to become a Certified Power BI Data Analyst and pass exam PL-300. Register now.

Reply
Clara_HCN
Frequent Visitor

How to limit a Power BI report built from Azure SQL database to be published to personal workspace

‎07-03-2025 07:23 PM

I am working on the Power BI reports management, and my organization would like to take control of publishing Power BI reports. If any Power BI report connect to Azure SQL database, the report should be published into public workspace rather than personal workspace. Is it possible to manage it?

Labels:
Message 1 of 12
324 Views
0
1 ACCEPTED SOLUTION
v-tejrama
Community Support
Community Support
In response to Clara_HCN

Monday

Hi @Clara_HCN ,

 

Thanks for explaining your situation more clearly. Given that you have multiple Azure SQL environments Development, Test, Acceptance, and Production and wish to ensure that reports using Production Azure SQL are only published to shared workspaces, while also managing publishing permissions, you can achieve this with a mix of governance and security measures.

I recommend creating dedicated Power BI workspaces for each environment and restricting publishing rights in the Production workspace to selected users. This prevents unauthorized publishing of Production SQL reports to public workspaces. Implementing a naming convention for connections such as including Prod or Test in the server name will help with tracking.

Additionally, Microsoft Purview’s DLP policies can detect and alert you to any attempts to publish Production SQL reports to the wrong workspace. Enabling Power BI audit logs will provide oversight on who is publishing and to which environment. Disabling personal workspace publishing via the Admin Portal ensures all reports are managed through approved workspaces.

Assign appropriate roles through security groups, such as contributor for developers and admin for reviewers, and consider a manual review process for reports built on Production SQL before final publishing. While Power BI does not offer a direct setting to block publishing by data source, these steps provide effective control and visibility. Please let me know if you need assistance with DLP or security role configuration.

Thank you,
Tejaswi.

View solution in original post

Message 11 of 12
71 Views
11 REPLIES 11
rohit1991
Super User
Super User

‎07-04-2025 12:21 AM

Hi @Clara_HCN ,

Power BI does not offer a direct way to block users from publishing reports to their personal workspace, but this can be managed through a combination of governance policies and permission settings. To control where reports connected to sensitive data sources like Azure SQL Database are published, organizations should restrict access to personal workspaces by using Microsoft 365 security groups and enforce role-based access to organizational workspaces.

 

Additionally, using managed permissions within Power BI Apps allows administrators to publish a single version of a report and share it with multiple audience groups while keeping tight control over who sees what. This approach not only ensures data governance but also enhances report distribution efficiency and compliance. For more structured access, consider adopting the “Apps for Multiple Audiences” model, which allows precise permission control across different user groups without duplicating content.


Did it work? ✔ Give a Kudo • Mark as Solution – help others too!
Message 12 of 12
221 Views
0
v-tejrama
Community Support
Community Support

‎07-04-2025 12:01 AM

Hi @Clara_HCN ,

Thanks for reaching out to the Microsoft fabric community forum.

 

I understand your goal, and while Power BI doesn't currently offer automatic controls to direct report publishing based on data source such as ensuring anything using Azure SQL lands in a shared workspace rather than a personal one we can still establish strong safeguards.

Here are effective steps you can take:

  1. Disable publishing to personal workspaces in the Power BI Admin Portal. This guarantees reports are only published to approved, shared workspaces.
  2. Implement DLP (Data Loss Prevention) policies to detect and alert you when reports use Azure SQL, helping prevent sensitive data from being published in the wrong place.
  3. Leverage audit logs to track Azure SQL connections and report destinations, with the option to set up alerts for unusual activity.
  4. Restrict Azure SQL access by IP or VNet, ensuring only authorized Power BI workspaces can connect.

While there isn't a single setting for conditional publishing, these strategies will give you robust control and visibility over how and where reports leveraging Azure SQL are published.

 

If the response has addressed your query, please "Accept it as a solution" and give a "Kudos" so other members can easily find it.


Best Regards,
Tejaswi.
Community Support

 

Message 6 of 12
231 Views
0
Clara_HCN
Frequent Visitor
In response to v-tejrama

‎07-04-2025 12:19 AM

Hi @v-tejrama ,thanks for your answer. But if we take the steps recommended by you, will it reject all reports to be published in personal workspace?

Message 7 of 12
221 Views
0
v-tejrama
Community Support
Community Support
In response to Clara_HCN

‎07-04-2025 03:38 AM

Hi @Clara_HCN ,

Thanks for coming back,

 

Yes, if you go ahead and disable publishing to personal workspaces in the Power BI Admin Portal, it will block all reports from being published there, no matter what data source they’re using.

So it's kind of an all-or-nothing switch. Power BI doesn't let you block just Azure SQL reports, once you turn that setting off, no one will be able to publish anything to their personal workspace unless they’ve been specifically allowed.

That said, you can make it a bit more flexible by using security groups. For example, you could allow certain users (like developers or trusted teams) to keep publishing to personal workspaces, while restricting everyone else.

 

Thank you.

Message 8 of 12
170 Views
0
v-tejrama
Community Support
Community Support
In response to v-tejrama

‎07-07-2025 01:57 AM

Hi @Clara_HCN ,

 

I wanted to check if you had the opportunity to review the information provided. Please feel free to contact us if you have any further questions.

 

Thank you.

Message 9 of 12
117 Views
0
Clara_HCN
Frequent Visitor
In response to v-tejrama

Monday

Thanks @v-tejrama . In my case,

1. We have different environments for Azure SQL(Development-Test-Acceptance-Production).

2. We want report builders to publish reports to public workspaces if they build reports from production Azure SQL.

3. But we don't want report builders to create and publish reports to public workspace without control.  

Do you have any good idea on how to achieve it? Thanks.

Message 10 of 12
97 Views
0
v-tejrama
Community Support
Community Support
In response to Clara_HCN

Monday

Hi @Clara_HCN ,

 

Thanks for explaining your situation more clearly. Given that you have multiple Azure SQL environments Development, Test, Acceptance, and Production and wish to ensure that reports using Production Azure SQL are only published to shared workspaces, while also managing publishing permissions, you can achieve this with a mix of governance and security measures.

I recommend creating dedicated Power BI workspaces for each environment and restricting publishing rights in the Production workspace to selected users. This prevents unauthorized publishing of Production SQL reports to public workspaces. Implementing a naming convention for connections such as including Prod or Test in the server name will help with tracking.

Additionally, Microsoft Purview’s DLP policies can detect and alert you to any attempts to publish Production SQL reports to the wrong workspace. Enabling Power BI audit logs will provide oversight on who is publishing and to which environment. Disabling personal workspace publishing via the Admin Portal ensures all reports are managed through approved workspaces.

Assign appropriate roles through security groups, such as contributor for developers and admin for reviewers, and consider a manual review process for reports built on Production SQL before final publishing. While Power BI does not offer a direct setting to block publishing by data source, these steps provide effective control and visibility. Please let me know if you need assistance with DLP or security role configuration.

Thank you,
Tejaswi.

Message 11 of 12
72 Views
Akash_Varuna
Community Champion
Community Champion

‎07-03-2025 09:42 PM

Hi @Clara_HCN Power BI doesn’t support blocking publishing to personal workspaces based on data source. You can disable personal workspace publishing via admin portal settings. Use DLP policies and audit logs to monitor Azure SQL usage. Also, restrict Azure SQL access to specific IPs or VNets for better control.

Message 2 of 12
280 Views
0
Clara_HCN
Frequent Visitor
In response to Akash_Varuna

‎07-03-2025 11:01 PM

Hi @Akash_Varuna , thanks for your reply. If we can disable the publishing to personal workspace, is it possible to add approal process when the users press the button of Publish in Power BI Desktop? Thanks.

Message 3 of 12
263 Views
0
Akash_Varuna
Community Champion
Community Champion
In response to Clara_HCN

‎07-03-2025 11:10 PM

Hi @Clara_HCN I dont think it is supported when users click “Publish” from Power BI Desktop. You can disable publishing to personal workspaces via the admin portal. For governance, use deployment pipelines and restrict workspace access. Audit logs and DLP policies help monitor and enforce compliance.

Message 4 of 12
253 Views
0
Clara_HCN
Frequent Visitor
In response to Akash_Varuna

‎07-04-2025 12:21 AM

Hi @Akash_Varuna thanks. If we disable publishing to personal workspaces, does it means the users are not allowed to publish any reports in their own personal workspaces? thanks.

Message 5 of 12
221 Views
0

Helpful resources

Announcements
Join our Fabric User Panel

Join our Fabric User Panel

This is your chance to engage directly with the engineering team behind Fabric and Power BI. Share your experiences and shape the future.

June 2025 Power BI Update Carousel

Power BI Monthly Update - June 2025

Check out the June 2025 Power BI update to learn about new features.

June 2025 community update carousel

Fabric Community Update - June 2025

Find out what's new and trending in the Fabric community.

View All