I am curious what everyone is using to manage permissions in Fabric/Power BI.
When using live pointers to semantic models, users need permissions on both the report and the dataset. The report may be owned by an analyst but the dataset is owned by the IT team. If there is RLS on a dataset that adds another layer to it. With new Fabric permissions coming I can imagine this will add another layer of complexity.
Currently today, we are using Azure Entra ID groups. We have used Power Apps in combination with Approvals for users to request access and data owners to approve. In most cases, we expose reports using a Power BI App. I have audiences set up so if users do not have access to the content of the app they see the embedded Power App with directions on how to request permission. However, some users are still getting links directly to the reports in the workspace and not the app so they click the "Get access to this report". It is causing a lot of confusion.
Also as we move towards Fabri and OneLake I would like to make sure I am thinking of how to best organize the permissions as we anticipate having to implement a lot of RLS on the data in the lake .
What is everyone else doing? Curious if there are better processes we have not explored. Thanks!