Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Microsoft is giving away 50,000 FREE Microsoft Certification exam vouchers. Get Fabric certified for FREE! Learn more

rsaprano
Most Valuable Professional
‎11-26-2024 01:36 PM

Navigating the (new) DP-600 exam: Part 1 - Maintaining Data Analytics solutions

Overview of Module 1 - Maintaining Data Analytics solutions (25-30%)

 

In Module 1, the focus is on effective governance, security, and management of analytics solutions within the Microsoft Fabric environment. Picture a scenario where an organization relies heavily on Power BI reports to track financial performance, with the data for these reports coming from an Enterprise Resource Planning (ERP) System such as SAP, brought into MS Fabric and managed through lakehouses/Data Warehouses or Eventhouses.

 

Keeping all these artifacts secure and up to date while ensuring that different teams only access relevant data requires careful control. This is where role-based security comes into play. By assigning roles like Admin, Member, Contributor, and Viewer within Fabric workspaces, and combining these with item level permissions, teams can collaborate safely without risking sensitive data leaks.

 

Within a workspace, Fabric items can have permissions configured separately from the workspace roles. You can configure permissions either through sharing an item or by managing the permissions of an item. Consider the following permissions applied to a Data Warehouse item that is shared:

 

  • Read: only allows the recipient to connect to the SQL analytics endpoint, the equivalent of CONNECT permissions in SQL Server. The shared recipient will not be able to query any table or view or execute any function or stored procedure unless they are provided access to objects within the Warehouse using T-SQL GRANT statement.
  • ReadData:  The user can read all the tables/columns within the Warehouse. If you want to further restrict and provide granular access to some objects within the Warehouse, you can do this using T-SQL GRANT/REVOKE/DENY statements. 
  • ReadAll:  The user has read access to the underlying parquet files in OneLake, which can be consumed using Spark. ReadAll should be provided only if the shared recipient wants complete access to your warehouse's files using the Spark engine.
  • Build: The shared recipient can build reports on top of the default semantic model that is connected to your Warehouse to create Power BI reports on this data.

Techniques such as Row-Level Security (RLS) and Object-Level Security (OLS) in Power BI ensure that, for example, only senior finance officers view detailed revenue data, while regional managers see data only for their respective territories. Using DAX expressions, such as USERPRINCIPALNAME() in the semantic model security roles enables dynamic filtering of content based on the username (email address) of the logged in user which can be mapped to data points using a table which is brought in as a dataset in the semantic model.

 

Lifecycle management is another critical aspect, highlighting the need for efficient version control and deployment processes. Imagine a scenario where a financial team is preparing to launch a series of reports for a quarterly review. Using Git integration, changes to Power BI reports/models (and other Fabric items) can be tracked, making it easier to revert or audit modifications.

 

rsaprano_0-1732543306194.jpeg

 

It is possible to synchronize a Fabric workspace with a branch of a Repo in Azure Dev Ops or Github (where modified files can be pushed into from local developer machines via a Pull request).

 

With Git integration set up in the Fabric workspace, items will show with a status indicating the synchronization status between the Repo and the workspace:

 

rsaprano_1-1732543306195.jpeg

 

Deployment Pipelines in Fabric allow content to flow seamlessly from development to test, and finally to production environments, minimizing errors. You can use deployment rules to modify parameters, such as switching from a test dataset to a production dataset automatically when moving between environments. These practices, combined with testing environments and user simulations, provide a controlled space to refine and validate analytics solutions, ensuring readiness for real-world deployment.

 

By mastering these scenarios and leveraging Microsoft Fabric’s tools, analytics professionals are equipped to build secure, efficient, and easily maintainable solutions. Techniques like Git version control and deployment pipelines create a foundation that supports reliable, scalable analytics across organizations.

 

Module 1 Worked Example: Setting up Git Integration using Azure Dev Ops

 

The attached PDF shows a worked example of setting up git integration using Azure Dev Ops with your local machine (Where you can save PBIP files) and the Fabric service.

 


This example is avaialable as an interactive "practice the clicks" exercise in the DP600 Study guide e-book available from msfabrictraining.com

Labels: