cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Administration & Architecture
Explore discussions on Databricks administration, deployment strategies, and architectural best practices. Connect with administrators and architects to optimize your Databricks environment for performance, scalability, and security.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Databricks Publish to PowerBI feature - Security aspect

bharatn
New Contributor

2 weeks ago

bharatn_0-1755843099865.png

Can someone please explain what access databricks requires to publish UC tables to powerBI service. In above snapshot I see it says read all workspace - so these are PBI workspace or all databricks workspace?

If I enable this request, will the publish to PBI feature will be available for all the databricks workspace I have?

Above image says 'read and write all datasets' - what does it means? like PBI will able to read and write all tables in databricks? or databricks can read and write all datasets in PBI?

Labels:
0 Kudos
1 REPLY 1

BS_THE_ANALYST
Honored Contributor III

2 weeks ago - last edited 2 weeks ago

 

@bharatn at the bottom of you picture, it says "Show Details". perhaps clicking on that will provide some of the granularity you're looking for. 

If it's DB requesting to Microsoft, it'll be DB being able to see the PBI workspaces. I think the bottom statement is useful, "Maintain data you have given it access to". 

Across the various Power BI workspaces you have, there will be plenty of Semantic Models (Datasets). Databricks isn't going to need to read these nor would it need to. I think when it says Read and Write all Datasets, it'll be based upon the data you've linked in the Power BI dashboard (again, hopefully "Show Details" helps with that)

Here's the Databricks Documentation based on your query: https://learn.microsoft.com/en-us/azure/databricks/partners/bi/power-bi 

BS_THE_ANALYST_0-1755861992612.png


I bounced this query off AI aswell. I think this provides a better answer than me:

What Do These Mean?

1. Workspace.Read.All

  • This refers to Power BI workspaces, not Databricks workspaces.

  • It allows the integration to read metadata about your Power BI workspaces—such as listing available workspaces to publish to. So to your question: when it says "read all workspaces," it's about your Power BI environment, not the Databricks side.

2. Dataset.ReadWrite.All

  • This allows the integration to create new Power BI datasets, update existing ones, and potentially modify their data or structure.

  • In practice, this permission powers the ability to publish Databricks tables (including schemas and relationships from Unity Catalog) into Power BI semantic models (datasets)—either new or existing.

This does not mean that Power BI is reading or writing your Databricks tables. Instead, Databricks uses this permission to manage Power BI datasets—essentially creating or updating the Power BI semantic models based on your Unity Catalog data.

3. Content.Create

  • This grants permission to create new Power BI content—what this includes isn't explicitly broken out in the docs but is generally part of the ability to create datasets and semantic models

Hope that helps @bharatn 

All the best,
BS

 

 

0 Kudos

Join Us as a Local Community Builder!

Passionate about hosting events and connecting people? Help us grow a vibrant local community—sign up today to get started!

Sign Up Now
Announcements