Free Preparation Discussions
MENU
Microsoft DP-600 Exam - Topic 1 Question 52 Discussion
Topic #: 1
You have a Fabric workspace named Workspace1 that contains the following items:
A warehouse named Warehouse1
A semantic model named Model1
An interactive report named Report1
You need to allow a user named User1 to access a single table in Warehouse1. The solution must follow the principle of least privilege.
What should you do first?
Requirement
Fabric workspace: Workspace1
Contains: Warehouse1, Model1, Report1
Task: Allow User1 to access a single table in Warehouse1.
Must follow principle of least privilege grant only the exact permissions required.
Step 1: Evaluate Options
A . Assign object level permissions to User1 for Warehouse1.
In Fabric warehouses, you can grant permissions at the object level (table, schema, or column).
If the requirement is access to only one table, the correct approach is to grant SELECT permissions on that specific table.
This satisfies least privilege.
Correct.
B . Assign the db_datareader role to User1 for Warehouse1.
db_datareader provides read access to all tables in the database/warehouse.
This violates least privilege.
Not correct.
C . Share Warehouse1 with User1.
Sharing grants access to the whole warehouse.
Too broad, not least privilege.
Not correct.
D . Assign the Viewer role to User1 for Workspace1.
Viewer role allows seeing all items in the workspace (warehouse, model, reports).
This would expose more than the single table.
Not correct.
Step 2: Correct Action
Use object-level permissions:
GRANT SELECT ON dbo.TableName TO [User1];
This ensures User1 can only query that specific table, nothing else.
Reference
Manage object-level security in Microsoft Fabric warehouses
Currently there are no comments in this discussion, be the first to comment!