2.4. Configure Security and Governance

💡 First Principle: Security in Fabric operates like building security with multiple checkpoints—lobby access (workspace), floor access (item), and room access (data). A visitor might get into the lobby but not past the elevators; an employee might access their floor but not the executive suite. Understanding how these layers stack determines whether your data is properly protected or accidentally exposed.

What breaks without layered security? Consider a workspace containing sensitive financial reports and general operational dashboards. Without proper configuration, giving someone access to view the dashboards might accidentally grant them access to the financial reports. Or worse, someone with report access might discover they can also query the underlying lakehouse directly, bypassing report-level restrictions.