Introduzca su información para suscribirse al Blog de Microsoft Fabric.

Gracias por suscribirse al blog de Microsoft Fabric. Recibirá notificaciones por correo electrónico cuando publiquemos nuevas publicaciones.

Microsoft Fabric Updates Blog

  1. Actualizaciones
  2. All

OneLake security (Preview)

Building on our earlier preview access, we are excited to announce the full preview of OneLake security, a significant milestone in our ongoing commitment to delivering a secure, scalable, and easy-to-manage data lake experience. OneLake security is now available to try without any sign up, allowing you to quickly secure data across your OneLake data.

What is OneLake security?

OneLake security is a powerful fine-grained access control model that lives natively with your data in OneLake. Instead of managing security at each query engine, OneLake security allows you to create a single security definition that is enforced consistently inside and outside of Fabric. When sharing your data, you can use OneLake security to create security roles with unique folder, row, and/or column level permissions so users can only access the data they should. For example, if you had a lakehouse with customers insights; you could use OneLake security to share the data with your analyst team to build reports while removing rows or columns containing Personally Identifiable Information (PII) like names and addresses. This security then propagates automatically, so whether users access the lakehouse from Power BI or Spark or even Copilot, they only see what you’ve authorized.

Check out this video to see OneLake security in action!

OneLake security pairs seamlessly with shortcuts, enabling data to be democratized throughout your organization without creating copies or security risks. Data owners can define security to control the data business analysts can see. That can then be consumed using shortcuts from the business analyst’s own lakehouse. The data is now available for data analysis, without creating a copy of the data. But because OneLake security was configured for the data, all access to the data still follows the same restrictions configured by the data owner. This gives data owners the freedom to share access to data without losing control over its security.

You can learn more about how to integrate shortcuts and OneLake security in the OneLake shortcut security documentation.

OneLake security’s preview covers the following features and capabilities:

  • Create roles in OneLake to grant access to data.
  • Define the tables and/or folders reach role can access.
  • Restrict tables further using row and/or column level security.
  • Easily manage assignment of your roles with a user interface or via API.

With this release, OneLake data access roles have now officially evolved into OneLake security. OneLake security is a superset of OneLake data access roles, meaning you will have no changes to your functionality. There is also no action you need to take as all workspaces using data access roles have already been seamlessly migrated to use OneLake security automatically.

What’s New in OneLake Security?

Following our update in June, we’ve continued to make improvements and respond to feedback about the feature. Thanks to every one of the hundreds of customers that signed up for the feature and provided your thoughts and comments.

SQL Analytics Endpoint

  • We’ve added a new UI experience to surface security sync errors directly to the SQL Endpoint owner, including helpful resolution steps. Customers can identify issues with their security roles and quickly make changes.
  • The SQL Endpoint now has a detailed UI showing the differences between User’s identity and Delegated mode.
  • We’ve added backend improvements and optimizations to the security sync process for faster updates.

Lakehouse and Spark

  • Lakehouse now automatically applies column level security to the object explorer. By expanding a table, users can view only the columns they have access to, instead of the previous error.
  • Spark notebooks now support using OneLake security with non-schema lakehouses.
  • Notebook queries with RLS and CLS now start faster with live pools for the system context. This drastically reduces the startup time for queries where RLS or CLS is involved.
  • General performance improvements to RLS and CLS queries, making them now 4x faster than before.

Power BI semantic models

  • Semantic models now have better performance for queries with RLS.

Check out the OneLake Security Demo for more information.

Getting Started

The preview of OneLake security is now available to all users. Check out the feature now in your workspace, review our updated documentation, or sign up for a free Microsoft Fabric trial to see OneLake security in action for yourself!

Entradas de blog relacionadas

OneLake security (Preview)

Imagen destacada del blog

Fabric October 2025 Feature Summary
octubre 29, 2025 por Adam Saxton

This month’s update delivers key advancements across Microsoft Fabric, including enhanced security with Outbound Access Protection and Workspace-Level Private Link, smarter data engineering features like Adaptive Target File Size, and new integrations such as Data Agent in Lakehouse. Together, these improvements streamline workflows and strengthen data governance for users. Contents Events & Announcements Fabric Data … Continue reading “Fabric October 2025 Feature Summary”

Más información
Imagen destacada del blog

Unlock Real-Time Intelligence with the Eventhouse Endpoint for Lakehouse
octubre 20, 2025 por Tzvia Gitlin Troyna

The Eventhouse Endpoint for Lakehouse is a powerful new capability in Microsoft Fabric that enables users to query Lakehouse tables with exceptional speed and ease, delivering real-time insights with high performance with large data volume, flexibility, advanced analytics capabilities, support for enhanced data formats such as strings and dynamic types and simplicity. Whether you’re working … Continue reading “Unlock Real-Time Intelligence with the Eventhouse Endpoint for Lakehouse”

Más información