Implementing Row-Level Security (RLS) and Column-Level Security (CLS) on a Mirrored database in Microsoft Fabric
When working with Mirrored Databases in Microsoft Fabric, you may notice that the security pane for Row-Level Security (RLS) and Column-Level Security (CLS) is grayed out and read-only. Why is the OneLake Security UI Disabled? This is not a bug or a missing feature; it is centered on Schema Integrity: Source Control: For Mirrored Databases, the source system is the "Source of Truth." The schema, column definitions, and overall structure are defined at the origin. Preventing Drift: Fabric is engineered to prevent source and security drift. By locking the UI, Fabric ensures that the mirrored item remains a faithful reflection of the source without conflicting security logic being applied mid-stream. The "Permission" Misconception A common question I get is around the role of Workspace permissions. The critical point here is, h aving Fabric Admin or Contributor permissions will not enable the RLS/CLS UI. The interface is ...