Microsoft 365 Message Center Archive

MC937920 - Microsoft Purview | Data Loss Prevention: Restrict Access action for semantic models in Microsoft Fabric (preview)

Message ID

MC937920

View in Message Center

Service

Microsoft Purview

Last Updated

Jul 1, 2025

Published Nov 19, 2024

Tag

Updated message
New feature
Admin impact

Roadmap ID

422501

View in M365 Roadmap

Platforms

Web

Summary

Microsoft Purview Data Loss Prevention (DLP) will soon allow restricting access to Fabric semantic models and lakehouses. Public preview for semantic models is available, and for lakehouses, it will start mid-April 2025. General availability begins late October 2025. Admins can configure DLP policies to restrict access to sensitive data.

More information

Updated July 1, 2025: We have updated the timeline below. Thank you for your patience.

Your organization can already apply Microsoft Purview Data Loss Prevention (DLP) policies to Microsoft Fabric, but soon you will also be able to restrict access to Fabric sematic models and lakehouses by applying DLP policies. After this rollout, admins will be able to configure DLP policies that automatically detect sensitive information in sematic models and lakehouses and then restrict access to this data to internal users or data owners

This message is associated with Microsoft 365 Roadmap ID 422501.

When this will happen:

Public Preview: DLP restrict access for sematic models is already available in Public Preview as of November 2024. For Fabric lakehouse, public preview of restrict access will begin rollout mid-April 2025 and is expected to complete by late April 2025. 

General Availability: We will begin rolling out late October 2025 and expect to complete by late November 2025.

How this will affect your organization:

Before this rollout, you can configure DLP policies for Fabric workspaces to audit and notify users through Policy Tips based on sensitive content.

After this rollout, DLP policies can also be configured to block or restrict access to internal users or data owners. This action is especially valuable when your organization has guest users, and you want to enforce proper restrictions to ensure these users do not accidentally access sensitive information.

This change is available by default for admins to configure.

Configuring the Restrict access action in DLP policy for Fabric:

admin controls

What you need to do to prepare:

This rollout will happen automatically by the specified date with no admin action required before the rollout. If your organization does not wish to start using the Restrict access action for Fabric, no additional action is required. If you would like to start restricting access to internal users or data owners, your security or compliance admin will need to update or create new DLP policies for Fabric to include the new Restrict access action.

Review your current configuration to determine the impact for your organization. You may want to notify your users about this change and update any relevant documentation.

Learn more