A Fine Slice Of SQL Server
Koen Verbeeck lets us into the lakehouse:
We’re doing a proof-of-concept with Microsoft Fabric, building our data model in a lakehouse. We’d like to give people access to the data inside it so they can build their own reports with whatever tool they want. Is there an easy way to share access to a lakehouse (preferably not by giving access to the entire workspace)?
Read on to learn how.
Comments closedGilbert Quevauvilliers spans the gap:
I was doing some work recently for a customer and they had data stored in different Lakehouse’s which was in a different App Workspace.
I was pleasantly surprised that this can be quite easy to do.
In my example below I am going to show you how in my notebook I can read a table in a Lakehouse table when it is not attached to any Lakehouse.
It’s good that this is so easy to do, considering that current advice leans toward having multiple workspaces and not cramming everything into one.
Comments closedKoen Verbeeck locks things down:
We are implementing a data analytics solution in Microsoft Fabric. A warehouse is used for the gold layer, and we want to give users access to the data. However, by sharing the warehouse, they can read all the data in all the tables. Some data is sensitive, and only users with the correct permissions should be able to view it. Is it possible to implement more granular access control to the data?
Read on for the answer, as well as an important note on how users might be able to circumvent your permissions settings.
Comments closedKevin Chant covers a bit of security:
I know the option to work with GitHub has got a lot of people excited. Which I why wanted to share my initial thoughts about security with you all. Because a lot of things have come to mind whilst testing this.
I want to highlight immediate implications and options before you all get too involved with testing. To make sure you test working with GitHub safely.
Plus, this post is really useful for those of you looking to test this in a regulated GitHub Enterprise environment. Because it will allow you to explain things to your GitHub administrators better, and/or forward them this post. To explain what you want to achieve.
Read on for Kevin’s thoughts on the matter.
Comments closedJosephine Bush creates and uses a managed identity:
Benefits of Using Managed Identities and Entra Groups
- Enhanced Security: Using managed identities eliminates the need to manage credentials, reducing the risk of credential theft.
- Simplified Management: Entra Groups streamline the management of permissions for multiple users or managed identities, making it easier to apply consistent access policies.
- Scalability: As your organization grows, you can easily manage access by adding new users or managed identities to Entra Groups without needing to update database permissions individually.
Read on to see how you can create one and what you can do with it.
Comments closedPieter Vanhove reminds me that ledger tables exist:
Ledger technology is a way of storing data that ensures its integrity, immutability, and verifiability. It can be used for scenarios where trust and transparency are essential, such as financial transactions, supply chain tracking, or regulatory compliance. Azure offers two services that leverage ledger technology to provide tamper-proof data storage: ledger in Azure SQL Database and Azure Confidential Ledger. In this blog post, we will compare these two services and help you decide which one is best suited for your needs.
Read on for the comparison. I think the answer for most cases is “neither” but there are specific times when ledger tables could make a good amount of sense.
Comments closedUmair Shahid looks at some capabilities in Postgres:
This blog aims to provide an in-depth guide on auditing and monitoring access in PostgreSQL. We will explore various tools, techniques, and best practices to help you implement effective auditing and monitoring strategies in your PostgreSQL environment.
Read on to learn more about pgAudit and PostgreSQL logging.
Comments closedUmair Shahid talks about access rights:
Access control is a fundamental aspect of database security, ensuring that only authorized users can perform specific actions on the data. Effective access control helps protect sensitive information from unauthorized access and prevents data breaches, which can have severe legal and financial repercussions for organizations.
PostgreSQL has a strong reputation for reliability, feature robustness, and performance. One of its notable strengths is its comprehensive support for various access control mechanisms, which allow database administrators to finely tune who can access what data and how.
It turns out that there’s a lot of overlap in how these work between SQL Server and Postgres, though the exact syntax may be a bit different for certain items.
Comments closedKoen Verbeeck talks permissions:
We are starting a new analytics project in Microsoft Fabric, and our data will land in a warehouse. This is the first time we’re using Fabric, and we are wondering about the different options for sharing access to a warehouse we developed in a workspace.
Click through for more information on providing and limiting access to data in a Microsoft Fabric warehouse.
Comments closedThanks for tuning into our posts for the 30 SQL Server security checks in 30 days series this month. I want to recap the entire month of posts with a few homework assignments to get you started today.
Read on for those three assignments, including adopting a security mindset, remembering that humans tend to be the weak points of security, and trying out sp_CheckSecurity.
Comments closed