🏭🗒️Microsoft Fabric: Workspaces [Notes]

Disclaimer: This is work in progress intended to consolidate information from various sources for learning purposes. For the latest information please consult the documentation (see the links below)! 

Last updated: 25-Mar-2025

[Microsoft Fabric] Workspace

• {def} a collection of items that brings together different functionality in a single environment designed for collaboration
• {default} created in organization's shared capacity
• workspaces can be assigned to other capacities
• includes My Workspaces
• via Workspace settings >> Premium
• components
• header
• contains
• name 
• brief description of the workspace
• links to other functionality
• toolbar 
• contains 
• controls for managing items to the workspace 
• controls for managing files
• view area
• enables selecting a view
• {type} list view
• {subitem} task flow
• area in which users can create or view a graphical representation of the data project [3]
• ⇐ shows the logical flow of the project [3]
• ⇐ it doesn't show the flow of data [3]
• can be hided via Show/Hide arrows
• {subitem} items list
• area in which the users can see the items and folders in the workspace [3]
• one can filter the items list by selecting the tasks, if any defined [3]
• {subitem} resize bar
• elements that allow to resize the task flow and items list by dragging the resize bar up or down [3]
• {type} lineage view
• shows the flow of data between the items in the workspace [3]
• {feature} workspace settings 
• allows to manage and update the workspace [3]
• {feature} contact list 
• allows to specify which users receive notification about issues occurring in the workspace [3] 
• {default} contains workspace's creator [3]
• {feature} SharePoint integration 
• allows to configure a M365 Group whose SharePoint document library is available to workspace users [3]
• ⇐ the group is created outside of MF first [3]
• restrictions may apply to the environment
• {best practice} give access to the workspace to the same M365 Group whose file storage is configured [3]
• MF doesn't synchronize permissions between users or groups with workspace access, and users or groups with M365 Group membership [3]
• {feature} workspace identity
• an automatically managed service principal that can be associated with a Fabric workspace [6]
• workspaces with a workspace identity can securely read or write to firewall-enabled ADSL Gen2 accounts through trusted workspace access for OneLake shortcuts [6]
• Fabric creates a service principal in Microsoft Entra ID to represent the identity [6]
• ⇐ an accompanying app registration is also created [6]
• Fabric automatically manages the credentials associated with workspace identities [6]
• ⇒ prevents credential leaks and downtime due to improper credential handling [6]
• used to obtain Microsoft Entra tokens without the customer having to manage any credentials [6]
• Fabric items can use the identity when connecting to resources that support Microsoft Entra authentication [6]
• can be created in the workspace settings of any workspace except My workspaces
• automatically assigned to the workspace contributor role and has access to workspace items [6]
• {feature} workspace roles
• allows to manage who can do what in a workspace [4]
• sit on top of OneLake and divide the data lake into separate containers that can be secured independently [4]
• extend the Power BI workspace roles by associating new MF capabilities 
• e.g. data integration, data exploration
• can be assigned to 
• individual users
• security groups
• Microsoft 365 groups
• distribution lists
• {role} Admin
• {role} Member
• {role} Contributor
• {role} Viewer
• user groups
• members get the role(s) assigned
• users existing in several group get the highest level of permission that's provided by the roles that they're assigned [4]
• {concept} [nested group]
• {concept} current workspace
• the active open workspace
• {action} create new workspace
• {action} pin workspace
• {action} delete workspace
• everything contained within the workspace is deleted for all group members [3]
• the associated app is also removed from AppSource [3]
• {warning} if the workspace has a workspace identity, that workspace identity will be irretrievably lost [3]
• this may cause Fabric items relying on the workspace identity for trusted workspace access or authentication to break [3]
• only admins can perform the operation
• {action} manage workspace
  
• {action} take ownership of Fabric items
• Fabric items may stop working correctly [5]
• {scenario} the owner leaves the organization [5]
• {scenario}the owner don't sign in for more than 90 days [5]
• in such cases, anyone with read and write permissions on an item can take ownership of the item [5]
• become the owner of any child items the item might have
• {limitation} one can't take over ownership of child items directly [5]
• ⇐ one can take ownership only through the parent item [5]
• {limitation} can contain a maximum of 1000 items
• Fabric and Power BI
• {limitation} certain special characters aren't supported in workspace names when using an XMLA endpoint [3]
• {limitation} a user or a service principal can be a member of up to 1000 workspaces [3]
• {feature} auditing
• several activities are audited for workspaces [3]
• CreateFolder
• DeleteFolder
• UpdateFolder
• UpdateFolderAccess
• {feature} workspace monitoring 
• Eventhouse secure read-only database that collects and organizes logs and metrics from a range of Fabric items in the workspace [1]
• accessible only to workspace users with at least a contributor role [1]
• users can access and analyze logs and metrics [1]
• the data is aggregated or detailed [1]
• can be queried via KQL or SQL [1]
• supports both historical log analysis and real-time data streaming [1]
• accessible from the workspace [1]
• one can build and save query sets and dashboards to simplify data exploration [1]
• use the workspace settings to delete the database [1]
•  wait about 15 minutes before recreating a deleted database [1]
• {action} share the database
• users need workspace member or admin role [1]
• {limitation} one can enable either 
• workspace monitoring 
• log analytics
• if enabled, the log analytics configuration must be deleted first before enabling workspace monitoring [1]
• one should wait for a few hours before enabling workspace monitoring [1]
• {limitation} retention period for monitoring data: 30 days [1]
• {limitation}the ingestion can't be configured to filter for specific log type or category [1]
• e.g. error or workload type.
• {limitation} user data operation logs aren't available even though the table is available in the monitoring database [1]
• {prerequisite} Power BI Premium or Fabric capacity [1]
• {prerequisite} workspace admins can turn on monitoring for their workspaces tenant setting is enabled [1]
• enabling the setting, requires Fabric administrator rights [1]
• {prerequisite} admin role in the workspace [1]
• workspace permissions
•  the first security boundary for data within OneLake [7]
• each workspace represents a single domain or project area where teams can collaborate on data [7]
• security is managed through Fabric workspace roles [7]
• items can have permissions configured separately from the workspace roles [7]
• permissions can be configured either by [7]
• sharing an item 
• managing the permissions of an item

Previous Post <<||>> Next Post

References:
[1] Microsoft Learn (2024) Fabric: What is workspace monitoring (preview)? [link]

[2] Microsoft Fabric Update Blog (2024) Announcing preview of Workspace Monitoring? [link]
[3] Microsoft Learn (2024) Fabric: Workspaces in Microsoft Fabric and Power BI [link]
[4] Microsoft Learn (2024) Fabric: Roles in workspaces in Microsoft Fabric [link]
[5] Microsoft Learn (2024) Fabric: Take ownership of Fabric items [link]
[6] Microsoft Learn (2024) Fabric: Workspace identity [link]
[7] Microsoft Learn (2024) Fabric: Role-based access control (RBAC) [link]

Resources:

[R1] Microsoft Learn (2025) Fabric: What's new in Microsoft Fabric? [link]

Acronyms:
ADSL Gen2 - Azure Data Lake Storage Gen2
KQL - Kusto Query Language
M365 - Microsoft 365
MF - Microsoft Fabric

SQL - Structured Query Language

🏭🗒️Microsoft Fabric: Folders [Notes]

Disclaimer: This is work in progress intended to consolidate information from various sources for learning purposes. For the latest information please consult the documentation (see the links below)! 

Last updated: 22-Jan-2025

[Microsoft Fabric] Folders

• {def} organizational units inside a workspace that enable users to efficiently organize and manage artifacts in the workspace [1]
• identifiable by its name
• {constraint} must be unique in a folder or at the root level of the workspace
• {constraint} can’t include certain special characters [1]
• C0 and C1 control codes [1]
• leading or trailing spaces [1]
• characters: ~"#.&*:<>?/{|} [1]
• {constraint} can’t have system-reserved names
• e.g. $recycle.bin, recycled, recycler.
• {constraint} its length can't exceed 255 characters
• {operation} create folder
• can be created in
• an existing folder (aka nested subfolder) [1]
• {restriction} a maximum of 10 levels of nested subfolders can be created [1]
• up to 10 folders can be created in the root folder [1]
• {benefit} provide a hierarchical structure for organizing and managing items [1]
• the root
• {operation} move folder
• {operation} rename folder
• same rules applies as for folders’ creation [1]
• {operation} delete folder
• {restriction} currently can be deleted only empty folders [1]
• {recommendation} make sure the folder is empty [1]
•  {operation} create item in in folder
• {restriction} certain items can’t be created in a folder
• dataflows gen2
• streaming semantic models
• streaming dataflows
• ⇐ items created from the home page or the Create hub, are created at the root level of the workspace [1]
• {operation} move file(s) between folders [1]
• {operation} publish to folder [1]
•   Power BI reports can be published to specific folders
• {restriction} folders' name must be unique throughout an entire workspace, regardless of their location [1]
• when publishing a report to a workspace that has another report with the same name in a different folder, the report will publish to the location of the already existing report [1]
• {limitation}may not be supported by certain features
•   e.g. Git
• {recommendation} use folders to organize workspaces [1]
• {permissions}
• inherit the permissions of the workspace where they're located [1] [2]
• workspace admins, members, and contributors can create, modify, and delete folders in the workspace [1]
• viewers can only view folder hierarchy and navigate in the workspace [1]
• [deployment pipelines] deploying items in folders to a different stage, the folder hierarchy is automatically applied [2]

Previous Post  <<||>>  Next Post

References:
[1] Microsoft Fabric (2024) Create folders in workspaces [link]
[2] Microsoft Fabric (2024) The deployment pipelines process [link]
[3] Microsoft Fabric Updates Blog (2025) Define security on folders within a shortcut using OneLake data access roles [link]
[4] Microsoft Fabric Updates Blog (2025) Announcing the General Availability of Folder in Workspace [link]
[5] Microsoft Fabric Updates Blog (2025) Announcing Folder in Workspace in Public Preview [link]
[6] Microsoft Fabric Updates Blog (2025) Getting the size of OneLake data items or folders [link]

Resources:

[R1] Microsoft Learn (2025) Fabric: What's new in Microsoft Fabric? [link]

🏭📑Microsoft Fabric: Medallion Architecture [Notes]

Disclaimer: This is work in progress intended to consolidate information from various sources for learning purposes. For the latest information please consult the documentation (see the links below)! 

Last updated: 10-Mar-2024

Medallion Architecture in Microsoft Fabric [1]

Medallion architecture

• a recommended data design pattern used to organize data in a lakehouse logically [2]
• compatible with the concept of data mesh
• {goal} incrementally and progressively improve the structure and quality of data as it progresses through each stage [1]
• brings structure and efficiency to a lakehouse environment [2]
• ensures that data is reliable and consistent as it goes through various checks and changes [2]
•  complements other data organization methods, rather than replacing them [2]
• consists of three distinct layers (or zones)
• {layer} bronze (aka raw zone) 
• stores source data in its original format [1]
• the data in this layer is typically append-only and immutable [1]
• {recommendation} store the data in its original format, or use Parquet or Delta Lake [1]
• {recommendation} create a shortcut in the bronze zone instead of copying the data across [1]
• works with OneLake, ADLS Gen2, Amazon S3, Google
• {operation} ingest data
• {characteristic} maintains the raw state of the data source [3]
• {characteristic} is appended incrementally and grows over time [3]
• {characteristic} can be any combination of streaming and batch transactions [3]
• ⇒ retaining the full, unprocessed history
• ⇒ provides the ability to recreate any state of a given data system [3]
• additional metadata may be added to data on ingest
• e.g. source file names, recording the time data was processed
• {goal} enhanced discoverability [3]
• {goal} description of the state of the source dataset [3]
• {goal} optimized performance in downstream applications [3]
• {layer} silver (aka enriched zone) 
• stores data sourced from the bronze layer
• the raw data has been 
• cleansed
• standardized
• structured as tables (rows and columns)
• integrated with other data to provide an enterprise view of all business entities
• {recommendation} use Delta tables 
• provide extra capabilities and performance enhancements [1]
• {default} every engine in Fabric writes data in the delta format and use V-Order write-time optimization to the Parquet file format [1]
• {operation} validate and deduplicate data
• for any data pipeline, the silver layer may contain more than one table [3]
• {layer} gold (aka curated zone)
• stores data sourced from the silver layer [1]
• the data is refined to meet specific downstream business and analytics requirements [1]
• tables typically conform to star schema design
• supports the development of data models that are optimized for performance and usability [1]
• use lakehouses (one for each zone), a data warehouse, or combination of both
• the decision should be based on team's preference and expertise of your team. 
• different analytic engines can be used [1]
• ⇐ schemas and tables within each layer can take on a variety of forms and degrees of normalization [3]
• depends on the frequency and nature of data updates and the downstream use cases for the data [3]
• {pattern} create each zone as a lakehouse
• business users access data by using the SQL analytics endpoint [1]
• {pattern} create the bronze and silver zones as lakehouses, and the gold zone as data warehouse
• business users access data by using the data warehouse endpoint [1]
• {pattern} create all lakehouses in a single Fabric workspace
• {recommendation} create each lakehouse in its own workspace [1]
• provides more control and better governance at the zone level [1]
• {concept} data transformation 
• involves altering the structure or content of data to meet specific requirements [2] 
• via Dataflows (Gen2), notebooks
• {concept} data orchestration 
• refers to the coordination and management of multiple data-related processes, ensuring they work together to achieve a desired outcome [2]
• via data pipelines

Previous Post  <<||>>  Next Post

References:
[1] Microsoft Learn: Fabric (2023) Implement medallion lakehouse architecture in Microsoft Fabric (link)
[2] Microsoft Learn: Fabric (2023) Organize a Fabric lakehouse using medallion architecture design (link)
[3] Microsoft Learn: Azure (2023) What is the medallion lakehouse architecture? (link)

Resources:
[R1] Serverless.SQL (2023) Data Loading Options With Fabric Workspaces, by Andy Cutler (link)
[R2] Microsoft Learn: Fabric (2023) Lakehouse end-to-end scenario: overview and architecture (link)
[R3] Microsoft Learn (2025) Fabric: What's new in Microsoft Fabric? [link]

Acronyms:
ADLS - Azure Data Lake Store Gen2