Additional gateway security roles for Power BI
We are excited to announce additional gateway security roles for Power BI!
These additional security roles allow for more granularity in assigning roles for the gateway. The new change is that non-admins of the gateway can be allowed to create connections (data sources) on the gateway. This way, your gateway admins are not the bottleneck anymore for creating connections (data sources).
Security roles
There are three security roles for the on-premises data gateway. When you install an on-premises data gateway, you automatically become the admin of the gateway. There can be multiple admins on the gateway.
The three security roles for the on-premises data gateway are:
- Admin: An admin can manage and update the on-premises data gateway. An admin is allowed to create connections (data sources) on the gateway. An admin is allowed to manage (add/delete) users with admin, connection creator, and connection creator with sharing roles on the gateway. An admin can also manage access to all connections created on the gateway.
- Connection creator: A connection creator is allowed to create connections/data sources on the gateway. A connection creator can also test if the gateway is online or offline. A connection creator can’t manage or update the gateway and can’t add or remove others on the gateway.
- Connection creator with sharing: A connection creator with sharing is allowed to create connections/data sources on the gateway and test the gateway status. This user is allowed to share the gateway with other users as a connection creator but isn’t allowed to remove a user from the gateway.
When you create a connection (data source) in the on-premises data gateway, you become the owner of the connection (data source). Multiple owners are allowed.
The three connection roles are:
- Owner: The owner of the connection (data source) is allowed to see and update credentials. An owner can also delete the connection. An owner can assign others to the connection with Owner, User, or User with sharing permissions.
- User: A user is allowed to use the connection (data source) in Power BI reports and Power BI dataflows, or in Power Apps. A user isn’t allowed to see or update credentials.
- User with sharing: A user with sharing is allowed to use the connection (data source) in Power BI reports and Power BI dataflows, or in Power Apps. A user with sharing is allowed to share the data source with others with User permission.
How to manage the gateway and connection (data source) roles
To manage on-premises data gateways:
- Navigate to the Power Platform admin center.
- Navigate to the On-premises data gateways tab.
- Select a gateway cluster.
- In the top ribbon, select Manage users.
- Depending on your role, you can now assign users to the gateway.
To manage data sources:
- Navigate to the Power Platform admin center.
- Select a connection (data source).
- In the top ribbon, select Manage users.
- Depending on your role, you can now assign users to the connection.
Nice information
ReplyDeleteThanks for your feedback
Delete