Earn a 50% discount on the DP-600 certification exam by completing the Fabric 30 Days to Learn It challenge.
I've created a report using my user account as the authentication method. I've now published it on the Power online service. I want to change the authentication type to service principal. What permissions will the service principal require? I want to connect to data sources like log analytics workpace and SharePoint, the Connection type for both is "Web". I also want to Connect to Azure Resource Graph.
Solved! Go to Solution.
Hi @Marizach ,
You can create a service principal in Azure AD. The service principal will require at least Reader role permissions to access the resources in Azure. Maybe this document can help you: Run queries with Azure Resource Graph Power BI connector - Azure Resource Graph | Microsoft Learn
For Log Analytics Workspace, the service principal needs permissions to run queries and potentially write data. This usually requires the Log Analytics Reader and Log Analytics Contributor roles.
For SharePoint, the service principal should have permissions to read from the SharePoint lists or folders you’re connecting to. This typically involves having Read access to the SharePoint site.
To connect to the Azure Resource Graph, the service principal needs permissions to run queries at the tenant, subscription, or management group level, depending on your requirements.
If you want to learn more about Azure Log Analytics, i think you can read this document: Using Azure Log Analytics in Power BI - Power BI | Microsoft Learn
Best Regards
Yilong Zhou
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
Hi @Marizach ,
You can create a service principal in Azure AD. The service principal will require at least Reader role permissions to access the resources in Azure. Maybe this document can help you: Run queries with Azure Resource Graph Power BI connector - Azure Resource Graph | Microsoft Learn
For Log Analytics Workspace, the service principal needs permissions to run queries and potentially write data. This usually requires the Log Analytics Reader and Log Analytics Contributor roles.
For SharePoint, the service principal should have permissions to read from the SharePoint lists or folders you’re connecting to. This typically involves having Read access to the SharePoint site.
To connect to the Azure Resource Graph, the service principal needs permissions to run queries at the tenant, subscription, or management group level, depending on your requirements.
If you want to learn more about Azure Log Analytics, i think you can read this document: Using Azure Log Analytics in Power BI - Power BI | Microsoft Learn
Best Regards
Yilong Zhou
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.