Share data and manage access to your SQL database in Microsoft Fabric

Applies to:SQL database in Microsoft Fabric

Fabric makes it easy to share items via the share button in the workspace. Fabric SQL database extends this experience by making it possible to share an item using granular SQL permissions. This allows things like sharing a single table in a database.

Prerequisites

Share a database

  1. Open your workspace containing the database in the Fabric portal.

  2. In the list of items, or in an open item, select the Share button. Screenshot of the Share button in the Fabric portal.

  3. The Grant people access dialog opens. Enter the names of the people or groups that need access. Screenshot of the Grant people access dialogue box from the Fabric portal.

    The dialog offers a few simple options to grant broad access to the SQL database for scenarios where a database has been created for a single user or purpose. We'll skip checking any of those boxes here.

  4. Choose whether to notify recipients with an email and add a message.

  5. Select Grant.

  6. The users now have access to connect to the database but are unable to do anything yet. The users can be added to SQL roles by selecting Manage SQL security from the Security menu in the database editor.

  7. Select the db_datareader role and then Manage Access.

  8. Add the users to the role and select Save.

  9. Select the db_datawriter role and then Manage Access.

  10. Add the users to the role and select Save.

The users now have access to read and write every table within the database. They won't have rights on any other Fabric items in the workspace unless they have also been granted. Instead of the broad roles, consider that users could be granted rights on individual tables to follow the principle of least privilege.

Note

Microsoft Purview protection policies can augment effective permission for database users. If your organization uses Microsoft Purview with Microsoft Fabric, see Protect sensitive data in SQL database with Microsoft Purview protection policies.