Now Reading: Why Microsoft Fabric Is Becoming the New Operating System for Enterprise Data
-
01
Why Microsoft Fabric Is Becoming the New Operating System for Enterprise Data
1
00:00:00,000 –> 00:00:03,120
You don’t have a data platform, you have a staged illusion,
2
00:00:03,120 –> 00:00:06,960
power BI pretending to be glue, pipelines masking drift,
3
00:00:06,960 –> 00:00:09,440
access you can’t explain, lineage you can’t prove,
4
00:00:09,440 –> 00:00:11,920
you call it analytics, it’s chaos.
5
00:00:11,920 –> 00:00:15,440
Your truth lives in 15 places, non-authoritative,
6
00:00:15,440 –> 00:00:17,120
you blame slow BI.
7
00:00:17,120 –> 00:00:19,760
It’s not BI, it’s entropy.
8
00:00:19,760 –> 00:00:23,200
The system you built multiplies copies, hides logic,
9
00:00:23,200 –> 00:00:24,800
and leaks credentials.
10
00:00:24,800 –> 00:00:27,040
Here’s the thing you weren’t supposed to hear,
11
00:00:27,040 –> 00:00:31,600
one system from raw to inside, fabric, one lake,
12
00:00:31,600 –> 00:00:34,640
medallion, one access path.
13
00:00:34,640 –> 00:00:37,040
But there’s a bug that ruins everything.
14
00:00:37,040 –> 00:00:39,600
You keep smuggling business logic into bronze.
15
00:00:39,600 –> 00:00:42,480
If you can’t name your access path and your contracts,
16
00:00:42,480 –> 00:00:44,160
you don’t have a platform.
17
00:00:44,160 –> 00:00:46,960
You have sprawl why fabric exists,
18
00:00:46,960 –> 00:00:49,040
the hidden cost of fragmentation,
19
00:00:49,040 –> 00:00:51,200
you want the real reason fabric exists,
20
00:00:51,200 –> 00:00:54,480
not the promo, the autopsy, fragmentation,
21
00:00:54,480 –> 00:00:57,040
everywhere, fragmented tools, fragmented logic,
22
00:00:57,040 –> 00:00:58,960
fragmented security, fragmented monitoring,
23
00:00:58,960 –> 00:01:00,800
each team solves their local pain.
24
00:01:00,800 –> 00:01:03,520
Nobody owns the whole, the result isn’t innovation,
25
00:01:03,520 –> 00:01:04,800
it’s copy storms.
26
00:01:04,800 –> 00:01:06,560
Tell me if this sounds like you,
27
00:01:06,560 –> 00:01:08,240
marketing spins up a warehouse,
28
00:01:08,240 –> 00:01:09,760
finance builds a mart,
29
00:01:09,760 –> 00:01:12,640
ups, dumps, CSVs in a lake.
30
00:01:12,640 –> 00:01:16,320
BI stitches the mess with just one more semantic model.
31
00:01:16,320 –> 00:01:19,520
Now there are seven truths, none trusted.
32
00:01:19,520 –> 00:01:21,360
This is your first failure mode,
33
00:01:21,360 –> 00:01:26,240
silo proliferation, copies breed, costs climb,
34
00:01:26,240 –> 00:01:30,240
trust drops, then schema drift,
35
00:01:30,240 –> 00:01:33,280
columns mutate without warning.
36
00:01:33,280 –> 00:01:37,040
Status becomes state, nulls gain meaning.
37
00:01:37,040 –> 00:01:39,280
Your pipelines pretend it’s fine,
38
00:01:39,280 –> 00:01:42,400
until a CEO metric dies quietly on a Sunday night.
39
00:01:42,400 –> 00:01:43,760
You call it a refresh issue.
40
00:01:43,760 –> 00:01:46,160
It’s not, it’s governance rot,
41
00:01:46,160 –> 00:01:48,320
security split brain next,
42
00:01:48,320 –> 00:01:50,640
service principles in five tools,
43
00:01:50,640 –> 00:01:52,560
personal tokens buried in YAML,
44
00:01:52,560 –> 00:01:55,920
a secret in a notebook you forgot to rotate.
45
00:01:55,920 –> 00:01:58,240
Every platform has its own ACLs,
46
00:01:58,240 –> 00:01:59,840
its own audit story,
47
00:01:59,840 –> 00:02:01,760
its own MFA edge cases.
48
00:02:01,760 –> 00:02:05,040
No single sentence answers who can see what,
49
00:02:05,040 –> 00:02:06,720
so you invent theater.
50
00:02:06,720 –> 00:02:09,760
A SharePoint spreadsheet called Access Matrix.
51
00:02:09,760 –> 00:02:11,040
Nobody trusts it either.
52
00:02:11,040 –> 00:02:13,120
And then the bills, in just engine here,
53
00:02:13,120 –> 00:02:15,600
transform engine there, storage in three places,
54
00:02:15,600 –> 00:02:17,120
BI premium on top,
55
00:02:17,120 –> 00:02:20,560
egress fees leaking value on the margins,
56
00:02:20,560 –> 00:02:24,000
you store the same truth four times in slightly different shapes.
57
00:02:24,000 –> 00:02:26,880
You overpay for duplication and latency.
58
00:02:26,880 –> 00:02:28,720
Underneath the simple root cause,
59
00:02:28,720 –> 00:02:31,200
fragmentation fabric is an attack on that root cause,
60
00:02:31,200 –> 00:02:33,280
not a new chart, not a rebrand,
61
00:02:33,280 –> 00:02:35,200
a surface area kill shot.
62
00:02:35,200 –> 00:02:36,560
One identity,
63
00:02:36,560 –> 00:02:37,520
Entra,
64
00:02:37,520 –> 00:02:40,560
the same identity that hits your inbox is the identity
65
00:02:40,560 –> 00:02:41,920
that hits your lake.
66
00:02:41,920 –> 00:02:43,920
Conditional Access MFA groups,
67
00:02:43,920 –> 00:02:46,240
one story, no shadow token forms,
68
00:02:46,240 –> 00:02:48,320
one storage layer, one lake,
69
00:02:48,320 –> 00:02:50,880
open tables, delta format,
70
00:02:50,880 –> 00:02:53,040
shortcuts instead of copies,
71
00:02:53,040 –> 00:02:55,440
you don’t shuttle files between clouds,
72
00:02:55,440 –> 00:02:56,800
you reference them.
73
00:02:56,800 –> 00:02:58,400
The contract is the table,
74
00:02:58,400 –> 00:02:59,360
not the pipeline.
75
00:02:59,360 –> 00:03:02,240
The storage is the platform, not the afterthought.
76
00:03:02,240 –> 00:03:03,920
One governance plane,
77
00:03:03,920 –> 00:03:05,760
Per view plus workspaces,
78
00:03:05,760 –> 00:03:08,320
lineage sensitivity data map roles,
79
00:03:08,320 –> 00:03:10,080
same console, same audit,
80
00:03:10,080 –> 00:03:13,840
Access rides with items inside a workspace boundary,
81
00:03:13,840 –> 00:03:16,480
not duct taped across 10 portals,
82
00:03:16,480 –> 00:03:19,760
discoverability is built in, not bolted on.
83
00:03:19,760 –> 00:03:20,880
One monitoring view,
84
00:03:20,880 –> 00:03:22,640
Capacities workloads, pipelines,
85
00:03:22,640 –> 00:03:24,480
notebooks, semantic models,
86
00:03:24,480 –> 00:03:26,320
one place to see pressure,
87
00:03:26,320 –> 00:03:27,520
one place to prove health,
88
00:03:27,520 –> 00:03:29,040
one place to hunt failure,
89
00:03:29,040 –> 00:03:30,800
that’s the unification bet,
90
00:03:30,800 –> 00:03:33,520
shared identity, shared storage,
91
00:03:33,520 –> 00:03:35,040
shared governance,
92
00:03:35,040 –> 00:03:36,480
shared monitoring,
93
00:03:36,480 –> 00:03:38,080
reduced surface area,
94
00:03:38,080 –> 00:03:39,920
reduced hiding spots.
95
00:03:39,920 –> 00:03:42,000
Now the part you don’t want to admit,
96
00:03:42,000 –> 00:03:44,400
the cost of ignoring this isn’t just money.
97
00:03:44,400 –> 00:03:45,680
It’s cognitive load,
98
00:03:45,680 –> 00:03:48,560
every engineer in your shop keeps a map in their head.
99
00:03:48,560 –> 00:03:50,320
Which tool transforms this table?
100
00:03:50,320 –> 00:03:51,440
Where does the raw land?
101
00:03:51,440 –> 00:03:53,120
What refresh triggers what?
102
00:03:53,120 –> 00:03:55,600
Who’s allowed to fix it when it breaks?
103
00:03:55,600 –> 00:03:57,520
Each inconsistency adds friction.
104
00:03:57,520 –> 00:03:59,040
Each friction adds delay.
105
00:03:59,040 –> 00:04:00,320
Delay becomes a habit,
106
00:04:00,320 –> 00:04:01,680
habits become culture,
107
00:04:01,680 –> 00:04:03,280
culture becomes drift.
108
00:04:03,280 –> 00:04:05,280
And your users, they see the show,
109
00:04:05,280 –> 00:04:06,320
the dashboard loads,
110
00:04:06,320 –> 00:04:07,520
the numbers field off,
111
00:04:07,520 –> 00:04:08,800
they export to excel,
112
00:04:08,800 –> 00:04:10,000
shadow truth blooms,
113
00:04:10,000 –> 00:04:12,160
the platform you build to unify reality
114
00:04:12,160 –> 00:04:14,160
becomes a confusion factory.
115
00:04:14,160 –> 00:04:15,840
Fabric is a reset,
116
00:04:15,840 –> 00:04:16,880
not magic,
117
00:04:16,880 –> 00:04:18,240
just opinionated.
118
00:04:18,240 –> 00:04:19,680
One lake instead of five,
119
00:04:19,680 –> 00:04:22,560
one security posture instead of five contradictory ones,
120
00:04:22,560 –> 00:04:26,000
one capacity meter instead of a cluster of random invoices,
121
00:04:26,000 –> 00:04:28,400
one place to name your access path,
122
00:04:28,400 –> 00:04:30,080
define your contracts,
123
00:04:30,080 –> 00:04:31,920
and force discipline.
124
00:04:31,920 –> 00:04:33,280
Bronze raw.
125
00:04:33,280 –> 00:04:35,200
Silver validated, gold modeled,
126
00:04:35,200 –> 00:04:36,880
logic never smuggled backward.
127
00:04:36,880 –> 00:04:39,520
Let’s be clear about the medallion’s stake in the ground
128
00:04:39,520 –> 00:04:42,560
because this is where most shops lie to themselves.
129
00:04:42,560 –> 00:04:44,240
Bronze is ingestion only.
130
00:04:44,240 –> 00:04:46,160
No business rules,
131
00:04:46,160 –> 00:04:47,280
no deduping,
132
00:04:47,280 –> 00:04:48,400
no joins.
133
00:04:48,400 –> 00:04:51,440
It’s an immutable log of what arrived when from where?
134
00:04:51,440 –> 00:04:53,680
Silver is where you enforce contracts,
135
00:04:53,680 –> 00:04:54,880
types,
136
00:04:54,880 –> 00:04:56,080
nullability,
137
00:04:56,080 –> 00:04:57,680
deduplication,
138
00:04:57,680 –> 00:04:59,360
conformance,
139
00:04:59,360 –> 00:05:02,080
slowly changing dimensions if you need them.
140
00:05:02,080 –> 00:05:03,920
Documented semantics,
141
00:05:03,920 –> 00:05:05,760
tested transforms,
142
00:05:05,760 –> 00:05:08,800
gold is consumption-specific models,
143
00:05:08,800 –> 00:05:10,400
curated metrics,
144
00:05:10,400 –> 00:05:12,000
star schemas,
145
00:05:12,000 –> 00:05:14,800
business logic exposed on purpose,
146
00:05:14,800 –> 00:05:16,560
not hidden in a notebook.
147
00:05:16,560 –> 00:05:18,000
You violate that boundary,
148
00:05:18,000 –> 00:05:19,280
you invite decay,
149
00:05:19,280 –> 00:05:21,120
you bury a quick fix in bronze,
150
00:05:21,120 –> 00:05:22,560
you destroy lineage,
151
00:05:22,560 –> 00:05:24,720
you shove a one-off join into a dashboard,
152
00:05:24,720 –> 00:05:26,160
you destroy reuse,
153
00:05:26,160 –> 00:05:28,080
bad logic thrives in the gaps,
154
00:05:28,080 –> 00:05:29,920
fragmentation feeds on ambiguity.
155
00:05:29,920 –> 00:05:32,000
So fabric compresses those gaps,
156
00:05:32,000 –> 00:05:34,320
workspaces become your security boundary.
157
00:05:34,320 –> 00:05:38,000
One lake becomes your single storage plane.
158
00:05:38,000 –> 00:05:41,520
Per view becomes your discovery and lineage map,
159
00:05:41,520 –> 00:05:45,760
direct lake makes your semantic model the shortest path from gold to inside.
160
00:05:45,760 –> 00:05:47,200
You still have complexity,
161
00:05:47,200 –> 00:05:48,320
but it’s contained,
162
00:05:48,320 –> 00:05:49,840
you still have freedom,
163
00:05:49,840 –> 00:05:50,960
but it’s fenced.
164
00:05:50,960 –> 00:05:53,200
You don’t have to love Microsoft to see the math.
165
00:05:53,200 –> 00:05:56,160
If your life cycle is fragmented, governance is fiction.
166
00:05:56,160 –> 00:05:57,680
If governance is fiction,
167
00:05:57,680 –> 00:05:59,840
trusted analytics are theater.
168
00:05:59,840 –> 00:06:01,600
Unify the life cycle or drown.
169
00:06:01,600 –> 00:06:02,480
That’s the offer,
170
00:06:02,480 –> 00:06:04,160
that’s why fabric exists.
171
00:06:04,160 –> 00:06:05,440
Not to add features,
172
00:06:05,440 –> 00:06:06,800
to remove excuses,
173
00:06:06,800 –> 00:06:08,480
what fabric actually is,
174
00:06:08,480 –> 00:06:09,920
the one platform moment.
175
00:06:09,920 –> 00:06:10,480
Look,
176
00:06:10,480 –> 00:06:12,080
you don’t need another logo.
177
00:06:12,080 –> 00:06:14,160
You need fewer places to hide failure.
178
00:06:14,160 –> 00:06:15,680
Fabric isn’t a feature bundle.
179
00:06:15,680 –> 00:06:16,960
It’s a reduction.
180
00:06:16,960 –> 00:06:20,240
It folds the life cycle into one access path
181
00:06:20,240 –> 00:06:22,640
and dares you to stop lying to yourself.
182
00:06:22,640 –> 00:06:23,920
Start with the spine,
183
00:06:23,920 –> 00:06:24,560
one lake.
184
00:06:24,560 –> 00:06:26,640
It’s your organization’s data lake,
185
00:06:26,640 –> 00:06:27,360
singular,
186
00:06:27,360 –> 00:06:30,000
backed by open delta-parkay tables,
187
00:06:30,000 –> 00:06:31,200
not compatible,
188
00:06:31,200 –> 00:06:32,160
native tables,
189
00:06:32,160 –> 00:06:33,760
not files are the contract.
190
00:06:33,760 –> 00:06:37,200
Shortcuts reference external stores without copying.
191
00:06:37,200 –> 00:06:38,320
Your S3 bucket,
192
00:06:38,320 –> 00:06:40,720
referenced, your ADLS container,
193
00:06:40,720 –> 00:06:41,760
referenced,
194
00:06:41,760 –> 00:06:43,680
no more shuttle scripts that rot.
195
00:06:43,680 –> 00:06:44,800
The lake is the platform,
196
00:06:44,800 –> 00:06:46,080
not a staging accident.
197
00:06:46,080 –> 00:06:48,240
On top of that fabric mounts experiences,
198
00:06:48,240 –> 00:06:50,400
not separate products with separate security,
199
00:06:50,400 –> 00:06:52,400
views on the same storage plane.
200
00:06:52,400 –> 00:06:55,200
Data factory for ingest and orchestration,
201
00:06:55,200 –> 00:06:56,960
data engineering for spark notebooks
202
00:06:56,960 –> 00:06:58,560
and lake house management,
203
00:06:58,560 –> 00:07:01,040
data science for experiments and models,
204
00:07:01,040 –> 00:07:04,240
warehouse for t-school over delta with the Polaris engine,
205
00:07:04,240 –> 00:07:07,840
real-time analytics for KQL over streaming,
206
00:07:07,840 –> 00:07:10,560
power BI for semantic models and reports,
207
00:07:10,560 –> 00:07:13,840
data activator for reflexes when data crosses a line,
208
00:07:13,840 –> 00:07:14,800
different doors,
209
00:07:14,800 –> 00:07:15,840
same floor,
210
00:07:15,840 –> 00:07:16,800
identity,
211
00:07:16,800 –> 00:07:17,360
entry,
212
00:07:17,360 –> 00:07:18,320
full stop,
213
00:07:18,320 –> 00:07:19,520
conditional access,
214
00:07:19,520 –> 00:07:20,320
MFA,
215
00:07:20,320 –> 00:07:21,120
groups,
216
00:07:21,120 –> 00:07:23,040
workspaces as the security boundary,
217
00:07:23,040 –> 00:07:25,200
you assign people to a workspace role.
218
00:07:25,200 –> 00:07:27,440
Those roles govern every item inside,
219
00:07:27,440 –> 00:07:29,600
lake houses, warehouses, pipelines,
220
00:07:29,600 –> 00:07:31,680
notebooks, semantic models, reports,
221
00:07:31,680 –> 00:07:33,360
no parallel ACLs patrol,
222
00:07:33,360 –> 00:07:36,160
no personal tokens hiding in a markdown cell.
223
00:07:36,720 –> 00:07:39,200
One sentence now answers who can see what?
224
00:07:39,200 –> 00:07:40,320
Governance?
225
00:07:40,320 –> 00:07:43,200
Per view rides alongside automatic lineage
226
00:07:43,200 –> 00:07:45,520
across items in the workspace,
227
00:07:45,520 –> 00:07:46,560
scan the lake house,
228
00:07:46,560 –> 00:07:48,160
see downstream semantic models,
229
00:07:48,160 –> 00:07:49,280
see reports,
230
00:07:49,280 –> 00:07:51,680
apply sensitivity labels once they travel.
231
00:07:51,680 –> 00:07:53,280
Discovery from the data map,
232
00:07:53,280 –> 00:07:56,320
glossary terms that actually bind to assets,
233
00:07:56,320 –> 00:07:58,480
so you don’t invent lineage slides anymore.
234
00:07:58,480 –> 00:07:59,600
You show the graph,
235
00:07:59,600 –> 00:08:01,840
monitoring the capacities the heartbeat,
236
00:08:01,840 –> 00:08:03,200
one meter for compute,
237
00:08:03,200 –> 00:08:06,400
one monitoring hub to see pipeline failures,
238
00:08:06,400 –> 00:08:07,760
notebook runs,
239
00:08:07,760 –> 00:08:09,360
warehouse queries,
240
00:08:09,360 –> 00:08:11,280
direct lake refreshes,
241
00:08:11,280 –> 00:08:12,640
report activity,
242
00:08:12,640 –> 00:08:13,840
heat by workload,
243
00:08:13,840 –> 00:08:15,360
spikes by time,
244
00:08:15,360 –> 00:08:17,120
correlate events across the stack
245
00:08:17,120 –> 00:08:20,240
without all tabbing through five admin portals.
246
00:08:20,240 –> 00:08:21,440
When something fails,
247
00:08:21,440 –> 00:08:22,480
you see the chain.
248
00:08:22,480 –> 00:08:25,280
Now the medallion architecture becomes enforceable.
249
00:08:25,280 –> 00:08:26,480
Not aspirational.
250
00:08:26,480 –> 00:08:27,760
Bronze is the landing zone
251
00:08:27,760 –> 00:08:29,360
in the lake house files area,
252
00:08:29,360 –> 00:08:30,320
immutable,
253
00:08:30,320 –> 00:08:32,960
append only source granular,
254
00:08:32,960 –> 00:08:34,560
schema drift captured,
255
00:08:34,560 –> 00:08:35,360
not fixed.
256
00:08:36,160 –> 00:08:38,720
Silver is delta tables in the tables area
257
00:08:38,720 –> 00:08:40,560
that enforce types to dupes,
258
00:08:40,560 –> 00:08:42,800
surrogate keys, conformance,
259
00:08:42,800 –> 00:08:45,200
declarative transforms in notebooks
260
00:08:45,200 –> 00:08:46,240
or data flows,
261
00:08:46,240 –> 00:08:47,040
gen2,
262
00:08:47,040 –> 00:08:48,080
tested,
263
00:08:48,080 –> 00:08:49,120
versioned,
264
00:08:49,120 –> 00:08:50,480
documented,
265
00:08:50,480 –> 00:08:52,080
gold is curated,
266
00:08:52,080 –> 00:08:54,000
dimensional models,
267
00:08:54,000 –> 00:08:55,680
fact and dimension,
268
00:08:55,680 –> 00:08:56,960
delta tables,
269
00:08:56,960 –> 00:08:58,320
surface to power BI
270
00:08:58,320 –> 00:09:00,480
as direct lake semantic models,
271
00:09:00,480 –> 00:09:01,520
measures live in DAX,
272
00:09:01,520 –> 00:09:02,800
not buried upstream,
273
00:09:02,800 –> 00:09:04,560
that boundaries your discipline.
274
00:09:04,560 –> 00:09:06,160
Fabric gives you the rails,
275
00:09:06,160 –> 00:09:07,840
you decide if you stay on them.
276
00:09:07,840 –> 00:09:10,000
Direct lake changes the BI equation.
277
00:09:10,000 –> 00:09:13,600
The semantic model reads delta files directly from one lake.
278
00:09:13,600 –> 00:09:14,480
No import bloat,
279
00:09:14,480 –> 00:09:16,240
no direct query latency tags,
280
00:09:16,240 –> 00:09:17,440
vertipack pages,
281
00:09:17,440 –> 00:09:19,440
data into memory on demand.
282
00:09:19,440 –> 00:09:20,640
Update the goal table,
283
00:09:20,640 –> 00:09:22,880
the model reframes to new files.
284
00:09:22,880 –> 00:09:24,640
You control auto detect
285
00:09:24,640 –> 00:09:26,880
versus scheduled reframing,
286
00:09:26,880 –> 00:09:28,960
freshness without nightly fragility,
287
00:09:28,960 –> 00:09:30,720
performance without copy storms.
288
00:09:30,720 –> 00:09:32,800
Orchestration,
289
00:09:32,800 –> 00:09:35,680
pipeline centralized triggers dependencies,
290
00:09:35,680 –> 00:09:36,800
retries,
291
00:09:36,800 –> 00:09:38,480
triggers spark notebooks,
292
00:09:38,480 –> 00:09:40,640
kick a warehouse stored procedure,
293
00:09:40,640 –> 00:09:42,000
refreshes semantic model,
294
00:09:42,000 –> 00:09:43,440
one schedule spine,
295
00:09:43,440 –> 00:09:45,120
one failure surface,
296
00:09:45,120 –> 00:09:46,480
one audit trail,
297
00:09:46,480 –> 00:09:48,400
the what runs when answer
298
00:09:48,400 –> 00:09:50,400
stops living in someone’s head.
299
00:09:50,400 –> 00:09:52,240
Real time isn’t bolted on.
300
00:09:52,240 –> 00:09:54,880
Event streams shape ingestion from Kafka,
301
00:09:54,880 –> 00:09:57,040
event hubs, MQTT,
302
00:09:57,040 –> 00:09:59,120
route to KQL databases
303
00:09:59,120 –> 00:10:01,200
for sub-second analytics,
304
00:10:01,200 –> 00:10:04,720
land snapshots to one lake for medallion promotion.
305
00:10:04,720 –> 00:10:07,840
Your streaming and batch aren’t estranged cousins.
306
00:10:07,840 –> 00:10:09,680
There are two lanes on the same road.
307
00:10:09,680 –> 00:10:11,440
KQL for fast questions,
308
00:10:11,440 –> 00:10:12,960
delta for durable truth,
309
00:10:12,960 –> 00:10:14,800
AI is not marketing confetti,
310
00:10:14,800 –> 00:10:16,240
copilot drafts pipelines,
311
00:10:16,240 –> 00:10:17,760
SQL, notebook code,
312
00:10:17,760 –> 00:10:19,040
DAX measures.
313
00:10:19,040 –> 00:10:20,560
It reads your data map
314
00:10:20,560 –> 00:10:22,400
to suggest joins and keys.
315
00:10:22,400 –> 00:10:24,800
It’s not a substitute for architecture.
316
00:10:24,800 –> 00:10:26,880
It’s a speed boost for the boring parts.
317
00:10:26,880 –> 00:10:28,400
The guard rail still matter.
318
00:10:28,400 –> 00:10:30,000
Bronze stays raw,
319
00:10:30,000 –> 00:10:31,920
silver stays validated,
320
00:10:31,920 –> 00:10:33,680
gold stays modeled,
321
00:10:33,680 –> 00:10:36,240
copilot accelerates within the fence,
322
00:10:36,240 –> 00:10:37,280
licensing,
323
00:10:37,280 –> 00:10:38,800
one fabric capacity,
324
00:10:38,800 –> 00:10:40,960
F-SQ in Azure,
325
00:10:40,960 –> 00:10:43,360
UMETA workloads not products,
326
00:10:43,360 –> 00:10:46,480
a trusted workspace mode for network controls,
327
00:10:46,480 –> 00:10:48,240
cost management at the subscription.
328
00:10:48,240 –> 00:10:50,160
You stop guessing which SKU
329
00:10:50,160 –> 00:10:51,840
hit the egress bill this month,
330
00:10:51,840 –> 00:10:53,120
one invoice,
331
00:10:53,120 –> 00:10:54,560
one throttle,
332
00:10:54,560 –> 00:10:55,680
predictable.
333
00:10:55,680 –> 00:10:57,680
Security posture tightens
334
00:10:57,680 –> 00:10:59,920
because the surface area shrinks,
335
00:10:59,920 –> 00:11:02,880
the data never leaves one lake unless you say so.
336
00:11:02,880 –> 00:11:04,080
Shortcuts point in,
337
00:11:04,080 –> 00:11:05,920
they don’t spray copies out.
338
00:11:05,920 –> 00:11:09,120
Row level and object level security
339
00:11:09,120 –> 00:11:12,480
live at the semantic model for consumption,
340
00:11:12,480 –> 00:11:13,520
workspace,
341
00:11:13,520 –> 00:11:15,520
rolls for platform access,
342
00:11:15,520 –> 00:11:17,920
classified data carries labels into reports.
343
00:11:17,920 –> 00:11:19,200
Audits land in one place.
344
00:11:19,200 –> 00:11:21,760
You don’t beg five teams for five logs.
345
00:11:21,760 –> 00:11:23,280
This is the one platform moment.
346
00:11:23,280 –> 00:11:24,320
Storage unified,
347
00:11:24,320 –> 00:11:25,360
identity unified,
348
00:11:25,360 –> 00:11:26,400
governance unified,
349
00:11:26,400 –> 00:11:27,440
monitoring unified,
350
00:11:27,440 –> 00:11:28,240
cost unified.
351
00:11:28,240 –> 00:11:29,440
The medallion layers
352
00:11:29,440 –> 00:11:31,920
stop being slides and become folders,
353
00:11:31,920 –> 00:11:34,160
tables and models you can point to.
354
00:11:34,160 –> 00:11:36,400
The semantic model stops being a bandage
355
00:11:36,400 –> 00:11:38,480
and becomes the official interface.
356
00:11:38,480 –> 00:11:40,400
The BI team stops being the glue
357
00:11:40,400 –> 00:11:42,080
and becomes a consumer of gold,
358
00:11:42,080 –> 00:11:43,600
not a maker of silver.
359
00:11:43,600 –> 00:11:45,280
You still have to do the hard part,
360
00:11:45,280 –> 00:11:46,560
name your access path,
361
00:11:46,560 –> 00:11:47,920
define your contracts,
362
00:11:47,920 –> 00:11:49,280
lock your boundaries,
363
00:11:49,280 –> 00:11:51,680
but now the system enforces your intent
364
00:11:51,680 –> 00:11:53,040
instead of undermining it.
365
00:11:53,040 –> 00:11:55,200
Fewer tools, fewer tokens,
366
00:11:55,200 –> 00:11:57,520
fewer copies, fewer excuses.
367
00:11:57,520 –> 00:11:59,520
You don’t need another hero feature.
368
00:11:59,520 –> 00:12:00,880
You need one place to stand.
369
00:12:00,880 –> 00:12:02,240
Fabric gives you that ground.
370
00:12:02,240 –> 00:12:04,080
Now either use it
371
00:12:04,080 –> 00:12:06,080
or keep exporting to excel in the dark.
372
00:12:06,080 –> 00:12:08,400
The medallion architecture,
373
00:12:08,400 –> 00:12:10,160
from available to usable,
374
00:12:10,160 –> 00:12:11,440
you don’t start with truth,
375
00:12:11,440 –> 00:12:12,560
you start with evidence,
376
00:12:12,560 –> 00:12:13,440
then you prove it,
377
00:12:13,440 –> 00:12:14,320
then you present it.
378
00:12:14,320 –> 00:12:15,200
That’s medallion,
379
00:12:15,200 –> 00:12:16,720
bronze, silver, gold,
380
00:12:16,720 –> 00:12:17,520
not a vibe,
381
00:12:17,520 –> 00:12:18,160
a contract.
382
00:12:18,160 –> 00:12:20,400
Bronze is not a playground.
383
00:12:20,400 –> 00:12:22,160
It’s a black box flight recorder,
384
00:12:22,160 –> 00:12:22,880
immutable,
385
00:12:22,880 –> 00:12:24,080
append only,
386
00:12:24,080 –> 00:12:25,360
source granular,
387
00:12:25,360 –> 00:12:26,960
you land exactly what arrived
388
00:12:26,960 –> 00:12:27,760
when it arrived,
389
00:12:27,760 –> 00:12:28,560
where it came from,
390
00:12:28,560 –> 00:12:29,520
no dedoops,
391
00:12:29,520 –> 00:12:30,320
no joins,
392
00:12:30,320 –> 00:12:31,280
no quick fixes.
393
00:12:31,280 –> 00:12:33,440
If the source shipped nulls
394
00:12:33,440 –> 00:12:34,560
in a required field,
395
00:12:34,560 –> 00:12:35,440
that’s the point.
396
00:12:35,440 –> 00:12:37,040
You keep the fracture visible,
397
00:12:37,040 –> 00:12:38,720
because the moment you clean bronze,
398
00:12:38,720 –> 00:12:40,160
you erase the crime scene.
399
00:12:40,160 –> 00:12:40,800
In fabric,
400
00:12:40,800 –> 00:12:42,400
that’s your lake house files area,
401
00:12:42,400 –> 00:12:44,080
one folder per source system,
402
00:12:44,080 –> 00:12:46,720
one partitioning strategy per ingestion cadence.
403
00:12:46,720 –> 00:12:48,480
By day, by hour,
404
00:12:48,480 –> 00:12:50,240
by slice, that matches arrival.
405
00:12:50,240 –> 00:12:52,160
Delta lockstract changes,
406
00:12:52,160 –> 00:12:53,840
you capture schema drift,
407
00:12:53,840 –> 00:12:54,880
don’t conceal it.
408
00:12:54,880 –> 00:12:56,320
You store raw JSON,
409
00:12:56,320 –> 00:12:58,720
as is, and a typed landing if needed,
410
00:12:58,720 –> 00:13:00,080
but both are still bronze.
411
00:13:00,080 –> 00:13:02,800
Your only transforms are structural,
412
00:13:02,800 –> 00:13:04,960
normalized line breaks,
413
00:13:04,960 –> 00:13:07,040
split oversized files,
414
00:13:07,040 –> 00:13:08,960
stamp metadata columns,
415
00:13:08,960 –> 00:13:09,840
arrivals,
416
00:13:09,840 –> 00:13:11,120
the source system,
417
00:13:11,120 –> 00:13:12,640
correlation ID,
418
00:13:12,640 –> 00:13:14,160
evidence preserved.
419
00:13:14,160 –> 00:13:15,520
Now the question moves from
420
00:13:15,520 –> 00:13:16,640
what arrived,
421
00:13:16,640 –> 00:13:17,760
to what’s valid,
422
00:13:17,760 –> 00:13:18,480
that’s silver.
423
00:13:18,480 –> 00:13:22,320
This is the layer where you enforce expectations.
424
00:13:22,320 –> 00:13:23,120
Types,
425
00:13:23,120 –> 00:13:24,240
ranges,
426
00:13:24,240 –> 00:13:26,000
referential integrity,
427
00:13:26,000 –> 00:13:28,480
did duplication with deterministic keys,
428
00:13:28,480 –> 00:13:30,880
late arriving logic formalized,
429
00:13:30,880 –> 00:13:31,840
not improvised,
430
00:13:31,840 –> 00:13:33,440
here you pin meaning to columns.
431
00:13:33,440 –> 00:13:36,480
Status code is not free text,
432
00:13:36,480 –> 00:13:39,120
it references a dimension table you govern,
433
00:13:39,120 –> 00:13:40,640
you declare nullability,
434
00:13:40,640 –> 00:13:42,720
you document semantics next to code,
435
00:13:42,720 –> 00:13:44,560
and you test it,
436
00:13:44,560 –> 00:13:45,280
row counts,
437
00:13:45,280 –> 00:13:46,320
uniqueness,
438
00:13:46,320 –> 00:13:47,680
referential checks,
439
00:13:47,680 –> 00:13:48,960
drift alerts.
440
00:13:48,960 –> 00:13:50,640
Silver is your usable truth,
441
00:13:50,640 –> 00:13:51,840
not yet curated,
442
00:13:51,840 –> 00:13:53,680
solid enough to reuse.
443
00:13:53,680 –> 00:13:57,040
In fabric, silver lives in lake house tables as delta.
444
00:13:57,040 –> 00:14:00,000
It’s built with notebooks or data flows gen 2.
445
00:14:00,000 –> 00:14:02,000
The technique is simple and strict,
446
00:14:02,000 –> 00:14:04,800
read bronze with schema on read.
447
00:14:04,800 –> 00:14:06,800
Profile, reject bad rows
448
00:14:06,800 –> 00:14:09,200
into a quarantine table with reasons,
449
00:14:09,200 –> 00:14:11,600
conform types apply SCD rules
450
00:14:11,600 –> 00:14:14,640
if the business demands slowly changing state,
451
00:14:14,640 –> 00:14:16,800
did duplicate by composite key plus
452
00:14:16,800 –> 00:14:18,160
a winning record rule,
453
00:14:18,160 –> 00:14:20,000
latest event by event keys,
454
00:14:20,000 –> 00:14:20,720
for example,
455
00:14:20,720 –> 00:14:22,720
maintain a hash of business columns
456
00:14:22,720 –> 00:14:24,480
for change detection,
457
00:14:24,480 –> 00:14:25,920
stamp lineage columns,
458
00:14:25,920 –> 00:14:27,520
bronze path,
459
00:14:27,520 –> 00:14:29,600
silver version.
460
00:14:29,600 –> 00:14:31,840
Every transform is idempotent,
461
00:14:31,840 –> 00:14:32,960
every write is atomic,
462
00:14:32,960 –> 00:14:34,640
here’s where most teams cheat,
463
00:14:34,640 –> 00:14:36,800
they slip business logic into silver,
464
00:14:36,800 –> 00:14:38,080
just this once,
465
00:14:38,080 –> 00:14:40,800
they add a special join for a stubborn KPI.
466
00:14:40,800 –> 00:14:41,440
Don’t,
467
00:14:41,440 –> 00:14:42,880
if it encodes business meaning,
468
00:14:42,880 –> 00:14:43,920
it belongs in gold,
469
00:14:43,920 –> 00:14:45,760
silver encodes reality,
470
00:14:45,760 –> 00:14:47,040
gold encodes purpose,
471
00:14:47,040 –> 00:14:49,680
gold is consumption specific,
472
00:14:49,680 –> 00:14:52,000
it’s the model your users touch.
473
00:14:52,000 –> 00:14:54,080
Curated dimensional structures,
474
00:14:54,080 –> 00:14:55,600
conformed dimensions,
475
00:14:55,600 –> 00:14:57,920
fact tables with consistent grain,
476
00:14:57,920 –> 00:15:01,040
build to answer stable questions fast.
477
00:15:01,040 –> 00:15:02,880
This is where you lift measures,
478
00:15:02,880 –> 00:15:04,160
revenue, churn,
479
00:15:04,160 –> 00:15:05,200
ARR,
480
00:15:05,200 –> 00:15:08,320
into DAX with definitions you can defend.
481
00:15:08,320 –> 00:15:11,360
This is where row level security lives for consumption.
482
00:15:11,360 –> 00:15:13,200
This is where you shape experiences,
483
00:15:13,200 –> 00:15:14,560
not data.
484
00:15:14,560 –> 00:15:16,800
In fabric gold is still delta in one lake,
485
00:15:16,800 –> 00:15:19,680
but now you expose it through semantic models,
486
00:15:19,680 –> 00:15:20,880
indirect lake.
487
00:15:20,880 –> 00:15:22,640
Fact tables are thin,
488
00:15:22,640 –> 00:15:24,880
wide where it helps compression,
489
00:15:24,880 –> 00:15:28,160
with integer surrogate keys to dimensions,
490
00:15:28,160 –> 00:15:31,120
dimensions carry histories when they matter.
491
00:15:31,120 –> 00:15:34,240
The star schema stops being an academic exercise
492
00:15:34,240 –> 00:15:37,200
and becomes a performance and governance tool.
493
00:15:37,200 –> 00:15:39,200
Direct leg reads the files directly,
494
00:15:39,200 –> 00:15:40,240
no import lag,
495
00:15:40,240 –> 00:15:41,920
no direct query tax.
496
00:15:41,920 –> 00:15:43,440
If you keep your tables tidy,
497
00:15:43,440 –> 00:15:45,520
partitions align to refresh windows,
498
00:15:45,520 –> 00:15:46,800
small dimension tables,
499
00:15:46,800 –> 00:15:47,920
fully in memory,
500
00:15:47,920 –> 00:15:49,120
measure sane,
501
00:15:49,120 –> 00:15:50,640
you get speed without copies.
502
00:15:50,640 –> 00:15:52,720
The contract between layers is your guardrail,
503
00:15:52,720 –> 00:15:54,560
so put it in words and code.
504
00:15:54,560 –> 00:15:56,720
Bronze contract, immutable append,
505
00:15:56,720 –> 00:15:58,240
no business transforms,
506
00:15:58,240 –> 00:16:01,040
source fidelity retained, drift captured.
507
00:16:01,040 –> 00:16:03,520
Silver contract, validated schema,
508
00:16:03,520 –> 00:16:04,800
documented semantics,
509
00:16:04,800 –> 00:16:07,680
deduped conforming joins only for reference data,
510
00:16:07,680 –> 00:16:10,560
test coverage that blocks publish on failure.
511
00:16:10,560 –> 00:16:13,120
Gold contract, curated stars,
512
00:16:13,120 –> 00:16:14,720
certified measures,
513
00:16:14,720 –> 00:16:17,600
RLS rules documented and tested,
514
00:16:17,600 –> 00:16:20,960
semantic model source bound to specific tables,
515
00:16:20,960 –> 00:16:23,040
no ad hoc sources.
516
00:16:23,040 –> 00:16:24,880
Enforced those contracts with gates,
517
00:16:24,880 –> 00:16:27,600
pipelines won’t advance if silver tests fail.
518
00:16:27,600 –> 00:16:31,200
Semantic models don’t reframe if gold partitions aren’t complete.
519
00:16:31,200 –> 00:16:33,760
Perview tags apply at silver and flow
520
00:16:33,760 –> 00:16:36,400
through to gold reports automatically.
521
00:16:36,400 –> 00:16:38,800
Workspace Rolesgate, who can write to which layer,
522
00:16:38,800 –> 00:16:41,120
you design the friction on purpose.
523
00:16:41,120 –> 00:16:44,000
Edge cases, streaming, don’t panic.
524
00:16:44,000 –> 00:16:46,240
Bronze handles late and out of order events
525
00:16:46,240 –> 00:16:47,760
by watermark and window.
526
00:16:47,760 –> 00:16:51,040
Silver computes a canonical state table
527
00:16:51,040 –> 00:16:54,240
and an events table at different grains.
528
00:16:54,240 –> 00:16:55,840
Gold exposes both,
529
00:16:55,840 –> 00:16:57,440
state for current dashboards,
530
00:16:57,440 –> 00:16:59,520
events for investigations.
531
00:16:59,520 –> 00:17:01,440
Edge case two, third party marts,
532
00:17:01,440 –> 00:17:02,720
you can’t change,
533
00:17:02,720 –> 00:17:04,320
shortcut them into bronze,
534
00:17:04,320 –> 00:17:06,080
mirror their schema into silver
535
00:17:06,080 –> 00:17:07,840
with a thin validation layer.
536
00:17:07,840 –> 00:17:09,360
Only then join in gold,
537
00:17:09,360 –> 00:17:11,920
keep their chaos outside your contracts.
538
00:17:11,920 –> 00:17:14,560
If you remember nothing else, remember this.
539
00:17:14,560 –> 00:17:16,160
Bronze answers what happened.
540
00:17:16,160 –> 00:17:18,880
Silver answers what is true.
541
00:17:18,880 –> 00:17:20,320
Gold answers what it means.
542
00:17:20,320 –> 00:17:22,640
Mix them and you lose the plot.
543
00:17:22,640 –> 00:17:25,520
Keep them clean and the rest of fabric clicks.
544
00:17:25,520 –> 00:17:28,400
Multi workspace architecture,
545
00:17:28,400 –> 00:17:29,920
the Nord1 approach,
546
00:17:29,920 –> 00:17:31,600
you don’t secure chaos.
547
00:17:31,600 –> 00:17:33,200
You contain it, that’s not one.
548
00:17:33,200 –> 00:17:34,400
A climb with fixed anchors,
549
00:17:34,400 –> 00:17:35,680
not vibes, boundaries.
550
00:17:35,680 –> 00:17:39,200
We use multiple workspaces with purpose.
551
00:17:39,200 –> 00:17:41,520
Each workspace is a boundary for security,
552
00:17:41,520 –> 00:17:43,120
cost, change control.
553
00:17:43,120 –> 00:17:45,520
Roads are consistent, names are boring.
554
00:17:45,520 –> 00:17:46,160
That’s the point.
555
00:17:46,160 –> 00:17:49,280
At the top, a platform workspace set.
556
00:17:49,280 –> 00:17:51,840
Three tiers, dev, test,
557
00:17:51,840 –> 00:17:53,840
prod, inside each,
558
00:17:53,840 –> 00:17:55,920
core lake house, warehouse,
559
00:17:55,920 –> 00:17:57,440
shared dimensions,
560
00:17:57,440 –> 00:17:58,960
data factory pipelines,
561
00:17:58,960 –> 00:18:00,080
monitoring artifacts.
562
00:18:00,080 –> 00:18:01,680
This is platform, not project.
563
00:18:01,680 –> 00:18:03,920
It’s where medallion lives as a service.
564
00:18:03,920 –> 00:18:06,240
Then domain workspaces,
565
00:18:06,240 –> 00:18:08,480
finance, sales,
566
00:18:08,480 –> 00:18:11,200
ops, HR, supply chain.
567
00:18:11,840 –> 00:18:14,240
Again, dev, test,
568
00:18:14,240 –> 00:18:16,160
prod for each domain.
569
00:18:16,160 –> 00:18:18,560
Domains don’t own silver infrastructure.
570
00:18:18,560 –> 00:18:21,920
They own gold models and domain specific transforms.
571
00:18:21,920 –> 00:18:24,640
They depend on the platform silver via shortcuts.
572
00:18:24,640 –> 00:18:26,880
Separation of concerns,
573
00:18:26,880 –> 00:18:28,800
no one sneaks logic upstream.
574
00:18:28,800 –> 00:18:31,520
One more tier, shared analytics,
575
00:18:31,520 –> 00:18:33,120
certified semantic models,
576
00:18:33,120 –> 00:18:34,960
conformed metrics,
577
00:18:34,960 –> 00:18:36,880
cross-domain star schemas.
578
00:18:36,880 –> 00:18:39,360
This is the only place with the official measures
579
00:18:39,360 –> 00:18:41,120
the business can certify.
580
00:18:41,120 –> 00:18:42,720
Everything else is a draft.
581
00:18:42,720 –> 00:18:43,840
Walk it with me.
582
00:18:43,840 –> 00:18:45,120
Hybrid narration.
583
00:18:45,120 –> 00:18:46,720
UI callouts.
584
00:18:46,720 –> 00:18:49,040
In fabric, open the left rail.
585
00:18:49,040 –> 00:18:50,080
Click workspaces.
586
00:18:50,080 –> 00:18:51,120
You’ll see folders.
587
00:18:51,120 –> 00:18:52,800
No, but you’ll name like folders.
588
00:18:52,800 –> 00:18:54,080
Prefix everything.
589
00:18:54,080 –> 00:18:55,920
NW, plat, dev,
590
00:18:55,920 –> 00:18:57,920
NW, plat, tst,
591
00:18:57,920 –> 00:18:59,760
NW, plat, prd,
592
00:18:59,760 –> 00:19:01,520
NW, fin, dev.
593
00:19:01,520 –> 00:19:03,200
Same pattern for sales,
594
00:19:03,200 –> 00:19:04,640
ops, HR, supply.
595
00:19:04,640 –> 00:19:06,720
The NW prefix is your org tag.
596
00:19:06,720 –> 00:19:08,000
The middle is the domain.
597
00:19:08,000 –> 00:19:09,840
The suffix is the environment.
598
00:19:09,840 –> 00:19:11,440
Consistency kills doubt.
599
00:19:11,440 –> 00:19:15,120
Open NW, plat, dev, items,
600
00:19:15,120 –> 00:19:17,840
Lakehouse, NW, plat, dev, core, lake,
601
00:19:17,840 –> 00:19:19,920
warehouse, NW, plat, dev, core,
602
00:19:19,920 –> 00:19:22,560
WH, pipelines, NW, plat, dev,
603
00:19:22,560 –> 00:19:24,160
ingest, NW, plat, dev,
604
00:19:24,160 –> 00:19:25,840
promote bronze to silver,
605
00:19:25,840 –> 00:19:28,880
NW, plat, dev, promote silver to gold.
606
00:19:28,880 –> 00:19:31,920
Notebooks, validation suites, monitoring,
607
00:19:31,920 –> 00:19:34,720
a report pinned from monitoring hub with capacity
608
00:19:34,720 –> 00:19:35,920
and pipeline views,
609
00:19:35,920 –> 00:19:37,360
filtered to this workspace.
610
00:19:37,360 –> 00:19:38,320
This is your spine.
611
00:19:38,320 –> 00:19:39,120
Security.
612
00:19:39,120 –> 00:19:41,840
Workspace roles, viewers, contributors, members,
613
00:19:41,840 –> 00:19:44,240
admins, platform team, only as admins.
614
00:19:44,240 –> 00:19:46,160
Data engineers is members for dev,
615
00:19:46,160 –> 00:19:49,920
but readers in test, prod, unless change window opens.
616
00:19:49,920 –> 00:19:52,400
Business users, they don’t enter platform.
617
00:19:52,400 –> 00:19:56,240
Ever.StorageAlignment, one lake, data hub,
618
00:19:56,240 –> 00:20:00,640
in core lake, files, area holds, bronze per source folders,
619
00:20:00,640 –> 00:20:04,720
tables, area holds, silver, and conform dimensions.
620
00:20:04,720 –> 00:20:07,600
Under settings, turn on trusted workspace access
621
00:20:07,600 –> 00:20:10,000
and network isolation as required.
622
00:20:10,000 –> 00:20:11,680
You want predictable blast radius.
623
00:20:11,680 –> 00:20:17,280
Now domains, open NW sales dev items,
624
00:20:17,280 –> 00:20:21,040
lake house, NW sales dev, LH,
625
00:20:21,040 –> 00:20:26,320
semantic models, NW sales dev, gold sales ops,
626
00:20:26,320 –> 00:20:28,400
reports drafts only.
627
00:20:28,400 –> 00:20:29,520
Here’s the trick.
628
00:20:29,520 –> 00:20:30,960
In the domain lake house,
629
00:20:30,960 –> 00:20:34,000
create shortcuts to platform silver tables.
630
00:20:34,000 –> 00:20:36,240
Sales orders, customers, products,
631
00:20:36,240 –> 00:20:40,720
do not copy. Shortcuts point to the platform lake house tables path.
632
00:20:40,720 –> 00:20:43,200
You inherit data lineage security posture.
633
00:20:43,200 –> 00:20:47,040
Your domain adds its own transforms for gold only.
634
00:20:47,040 –> 00:20:50,080
Segmentation tables, derived facts,
635
00:20:50,080 –> 00:20:52,080
domain specific dimensions.
636
00:20:52,080 –> 00:20:54,480
Per view, go to Microsoft Per view hub,
637
00:20:54,480 –> 00:20:58,160
register the ND-plat PRD lake house and warehouse assources,
638
00:20:58,160 –> 00:21:00,960
scan on a schedule, turn on lineage.
639
00:21:00,960 –> 00:21:04,480
Now open lineage on a certified sales semantic model
640
00:21:04,480 –> 00:21:06,160
in shared analytics.
641
00:21:06,160 –> 00:21:08,800
You’ll see the path, shared model,
642
00:21:08,800 –> 00:21:11,760
domain gold tables, shortcut backed,
643
00:21:11,760 –> 00:21:15,120
platform silver, platform bronze source connectors.
644
00:21:15,120 –> 00:21:16,400
You didn’t draw that diagram.
645
00:21:16,400 –> 00:21:17,360
The system did.
646
00:21:17,360 –> 00:21:18,960
That’s how you sleep.
647
00:21:18,960 –> 00:21:21,360
Monitoring, open monitoring hub,
648
00:21:21,360 –> 00:21:24,640
filter by workspace NW-plat PRD.
649
00:21:24,640 –> 00:21:28,480
Pipelines tab, in just success rate, duration cost,
650
00:21:28,480 –> 00:21:31,920
notebooks tab, validation notebook failures,
651
00:21:31,920 –> 00:21:35,680
warehouse tab, query heat for Polaris.
652
00:21:35,680 –> 00:21:39,840
Power BI tab, reframing latency for direct lake models.
653
00:21:39,840 –> 00:21:42,880
One screen, one heartbeat, cost,
654
00:21:42,880 –> 00:21:46,080
fabric capacity in Azure, assign heavy workspaces
655
00:21:46,080 –> 00:21:47,520
to dedicated capacities.
656
00:21:47,520 –> 00:21:50,800
NW-plat PRD on F64 or above if you needed,
657
00:21:50,800 –> 00:21:52,960
domains share in F32 perhaps,
658
00:21:52,960 –> 00:21:54,480
label capacities with tags,
659
00:21:54,480 –> 00:21:56,800
ENV-it prod, domain-to-platform.
660
00:21:56,800 –> 00:22:00,400
Use Azure cost management budgets and alerts.
661
00:22:00,400 –> 00:22:03,760
No guessing, no mystery invoice.
662
00:22:04,400 –> 00:22:06,000
Promotion flow.
663
00:22:06,000 –> 00:22:10,960
Platform first, bronze lands via data factory in NW-plat dev.
664
00:22:10,960 –> 00:22:12,720
Validation notebooks run.
665
00:22:12,720 –> 00:22:17,440
If tests pass a pipeline promotes code via Git branches to test,
666
00:22:17,440 –> 00:22:18,720
data mirrors a subset.
667
00:22:18,720 –> 00:22:20,640
If test passes same to prod,
668
00:22:20,640 –> 00:22:23,280
domains consume via shortcuts.
669
00:22:23,280 –> 00:22:25,760
Their gold models move through dev,
670
00:22:25,760 –> 00:22:28,240
test, prod, with deployment pipelines,
671
00:22:28,240 –> 00:22:31,680
parameterized connections to the corresponding platform workspace.
672
00:22:31,680 –> 00:22:34,160
No hard-coded paths.
673
00:22:34,160 –> 00:22:36,240
Only environment parameters.
674
00:22:36,240 –> 00:22:38,320
Access path clarity.
675
00:22:38,320 –> 00:22:41,200
Business consumers never touch domain workspaces.
676
00:22:41,200 –> 00:22:43,280
They hit shared analytics,
677
00:22:43,280 –> 00:22:45,200
certified models only.
678
00:22:45,200 –> 00:22:47,440
RLS maps to ENTRA groups.
679
00:22:47,440 –> 00:22:49,600
Group names align with domains.
680
00:22:49,600 –> 00:22:53,440
NRLS sales, EMIA, NRLS sales, NAY.
681
00:22:53,440 –> 00:22:54,800
The platform owns the pattern.
682
00:22:54,800 –> 00:22:56,480
Domains populate the membership,
683
00:22:56,480 –> 00:22:57,600
common mistakes.
684
00:22:57,600 –> 00:22:59,920
Domains writing to platform silver.
685
00:22:59,920 –> 00:23:03,280
No, block contributor writes in platform for domain teams.
686
00:23:03,280 –> 00:23:06,480
Domains copying platform tables to their own storage.
687
00:23:06,480 –> 00:23:09,040
No, enforce shortcuts.
688
00:23:09,040 –> 00:23:11,840
Platform sneaking KPIs into silver.
689
00:23:11,840 –> 00:23:15,520
No, code review, gate, with a rule.
690
00:23:15,520 –> 00:23:19,520
Any computed business measure belongs in gold or semantic DAX.
691
00:23:19,520 –> 00:23:21,760
Why not want works?
692
00:23:21,760 –> 00:23:25,120
Fixed anchors, clear lanes.
693
00:23:25,120 –> 00:23:26,960
Platform is the slope.
694
00:23:26,960 –> 00:23:28,240
Domains are routes.
695
00:23:28,240 –> 00:23:30,720
Shared analytics is the summit photo.
696
00:23:30,720 –> 00:23:32,960
You contain complexity to known surfaces.
697
00:23:32,960 –> 00:23:34,800
You reduce places to lie.
698
00:23:34,800 –> 00:23:36,080
You make failure loud.
699
00:23:36,080 –> 00:23:38,720
And when someone asks, “Where does this number come from?”
700
00:23:38,720 –> 00:23:39,920
You click lineage.
701
00:23:39,920 –> 00:23:40,960
You don’t improvise.
702
00:23:40,960 –> 00:23:42,160
You show the access path.
703
00:23:42,160 –> 00:23:44,640
Enterprise proof.
704
00:23:44,640 –> 00:23:46,800
Three scenarios that expose the edge.
705
00:23:46,800 –> 00:23:47,920
You want proof.
706
00:23:47,920 –> 00:23:48,960
Not slides.
707
00:23:48,960 –> 00:23:52,000
Three operations where fragmentation kills you.
708
00:23:52,000 –> 00:23:54,560
And where fabrics single access path holds.
709
00:23:54,560 –> 00:23:55,760
Real time ops first.
710
00:23:55,760 –> 00:23:57,600
The place outages hide.
711
00:23:57,600 –> 00:23:59,440
Ingest is an event stream.
712
00:23:59,440 –> 00:24:01,200
Not a nightly CSV.
713
00:24:01,200 –> 00:24:03,600
Devices published a limit to event hubs.
714
00:24:03,600 –> 00:24:06,160
In fabric, event streams listens.
715
00:24:06,160 –> 00:24:07,520
We define a route.
716
00:24:07,520 –> 00:24:08,720
Raw telemetry.
717
00:24:08,720 –> 00:24:11,200
KQL database for hot analytics.
718
00:24:11,200 –> 00:24:13,360
One-Lake bronze for durability.
719
00:24:13,360 –> 00:24:14,560
No copies.
720
00:24:14,560 –> 00:24:17,520
Shortcuts expose bronze to the platform lake house.
721
00:24:17,520 –> 00:24:20,240
Silver builds two tables.
722
00:24:20,240 –> 00:24:24,080
Events at raw grain and device stayed by last known window
723
00:24:24,080 –> 00:24:25,360
with a watermark.
724
00:24:25,360 –> 00:24:30,080
We validate ranges, discard impossible values to quarantine
725
00:24:30,080 –> 00:24:31,360
and stamp lineage.
726
00:24:31,360 –> 00:24:33,680
Gold shapes two paths.
727
00:24:33,680 –> 00:24:36,800
For operators, a direct lake semantic model over device
728
00:24:36,800 –> 00:24:38,880
and state and a small incidence fact.
729
00:24:38,880 –> 00:24:39,520
Measures.
730
00:24:39,520 –> 00:24:40,320
MTTR.
731
00:24:40,320 –> 00:24:41,200
Active alerts.
732
00:24:41,200 –> 00:24:42,640
SLA breaches.
733
00:24:42,640 –> 00:24:43,680
For investigators.
734
00:24:43,680 –> 00:24:46,640
A KQL dashboard for sub-second queries on events.
735
00:24:46,640 –> 00:24:48,880
Data activator locks the loop.
736
00:24:48,880 –> 00:24:49,680
Condition.
737
00:24:49,680 –> 00:24:50,480
Temperature.
738
00:24:50,480 –> 00:24:52,080
Threshold for N minutes.
739
00:24:52,080 –> 00:24:54,400
And device and state not acknowledged.
740
00:24:54,400 –> 00:24:55,680
Action.
741
00:24:55,680 –> 00:24:56,720
Post to teams.
742
00:24:56,720 –> 00:24:57,920
Create a ticket.
743
00:24:57,920 –> 00:24:59,680
Write an incident row.
744
00:24:59,680 –> 00:25:01,200
One workspace owns the flow.
745
00:25:01,200 –> 00:25:02,480
One lake holds the truth.
746
00:25:02,480 –> 00:25:04,800
KQL and Delta share the spine.
747
00:25:04,800 –> 00:25:05,600
No mirrors.
748
00:25:05,600 –> 00:25:07,200
No hidden refreshes.
749
00:25:07,200 –> 00:25:10,400
And when an exec asks why an alert fired.
750
00:25:10,400 –> 00:25:12,560
Lineage shows source event.
751
00:25:12,560 –> 00:25:13,840
Silver state.
752
00:25:13,840 –> 00:25:14,880
Gold measure.
753
00:25:14,880 –> 00:25:16,000
Reflex trigger.
754
00:25:16,000 –> 00:25:16,880
Case closed.
755
00:25:16,880 –> 00:25:18,400
Now HR.
756
00:25:18,400 –> 00:25:21,520
The domain everyone tiptoes around and leaks anyway.
757
00:25:21,520 –> 00:25:24,080
We isolate with workspaces and labels.
758
00:25:24,080 –> 00:25:26,880
NWHR PRD runs in trusted mode.
759
00:25:26,880 –> 00:25:30,400
Per view marks PII with sensitivity labels.
760
00:25:30,400 –> 00:25:31,360
Confidential.
761
00:25:31,360 –> 00:25:32,960
Highly confidential.
762
00:25:32,960 –> 00:25:37,360
Bronzelands payroll extracts and ATS applicant feeds.
763
00:25:37,360 –> 00:25:38,320
Immutable.
764
00:25:38,320 –> 00:25:40,240
Partitioned by arrival.
765
00:25:40,240 –> 00:25:43,840
Silver enforces schema, masks national identifiers
766
00:25:43,840 –> 00:25:45,840
into a quarantine reference.
767
00:25:45,840 –> 00:25:48,000
And emits conformed tables.
768
00:25:48,000 –> 00:25:50,960
Employees, positions, comp bands,
769
00:25:50,960 –> 00:25:52,720
headcount snapshots.
770
00:25:52,720 –> 00:25:56,080
Test block publish if referential integrity breaks.
771
00:25:56,080 –> 00:25:58,080
No business logic beyond conformance.
772
00:25:58,080 –> 00:25:59,760
Gold is two models, not one.
773
00:25:59,760 –> 00:26:03,040
An HR restricted semantic model with full PII
774
00:26:03,040 –> 00:26:04,880
under strict entry groups.
775
00:26:04,880 –> 00:26:07,840
An HR public certified with masked fields
776
00:26:07,840 –> 00:26:09,280
and only allowed aggregates.
777
00:26:09,280 –> 00:26:12,160
Direct lake reads from the same gold tables.
778
00:26:12,160 –> 00:26:15,600
RLS enforces geography and managerial hierarchy.
779
00:26:15,600 –> 00:26:17,360
Copilot assists in decks.
780
00:26:17,360 –> 00:26:19,920
But measures are defined in a metrics table,
781
00:26:19,920 –> 00:26:21,760
reviewed and certified.
782
00:26:21,760 –> 00:26:24,880
Audit logs prove who opened which report.
783
00:26:24,880 –> 00:26:27,840
If a contractor’s account tries to pivot on salary,
784
00:26:27,840 –> 00:26:29,600
RLS denies.
785
00:26:29,600 –> 00:26:32,320
And the event lands in the central audit.
786
00:26:32,320 –> 00:26:34,160
No exports to someone’s laptop.
787
00:26:34,160 –> 00:26:35,760
No personal tokens.
788
00:26:35,760 –> 00:26:37,840
The access path is the policy.
789
00:26:37,840 –> 00:26:39,280
Supply chain.
790
00:26:39,280 –> 00:26:41,760
Where latency costs money.
791
00:26:41,760 –> 00:26:46,240
Sources, ERP orders, WMS inventory, carrier scans,
792
00:26:46,240 –> 00:26:47,600
vendor ASNs.
793
00:26:47,600 –> 00:26:49,520
Bronzelands each feed as is.
794
00:26:49,520 –> 00:26:53,120
Silver conforms units, currencies, SKUs and time zones.
795
00:26:53,120 –> 00:26:56,640
We compute a canonical order silver, inventory position
796
00:26:56,640 –> 00:26:59,520
and a shipment events stream table pair.
797
00:26:59,520 –> 00:27:01,920
Deduplication is deterministic.
798
00:27:01,920 –> 00:27:05,680
Composite business keys plus latest event keys.
799
00:27:05,680 –> 00:27:09,200
A late arriving scan updates the state, not the past.
800
00:27:09,200 –> 00:27:11,040
Gold serves two models.
801
00:27:11,040 –> 00:27:15,120
An execution model, open orders, back orders, ATP,
802
00:27:15,120 –> 00:27:17,360
projected stockouts by node,
803
00:27:17,360 –> 00:27:20,720
with measures built for our level freshness.
804
00:27:20,720 –> 00:27:22,160
And a planning model.
805
00:27:22,160 –> 00:27:25,120
Weekly aggregates, lead time distributions,
806
00:27:25,120 –> 00:27:29,440
supplier, OTIF, forecast accuracy.
807
00:27:29,440 –> 00:27:34,160
Directly keeps execution fast without import cycles.
808
00:27:34,160 –> 00:27:35,680
Pipelines orchestrate.
809
00:27:35,680 –> 00:27:39,120
Event updates, trigger, silver microbatches.
810
00:27:39,120 –> 00:27:42,560
Scheduled windows, rebuild planning aggregates.
811
00:27:42,560 –> 00:27:46,480
Semantic models, reframe on partition completion.
812
00:27:46,480 –> 00:27:49,680
A stockout risk reflex posts into teams
813
00:27:49,680 –> 00:27:54,160
when ATP drops below threshold within lead time windows,
814
00:27:54,160 –> 00:27:57,040
tagging the correct regional planner.
815
00:27:57,040 –> 00:27:59,120
Lineage binds it all.
816
00:27:59,120 –> 00:28:03,680
Vendor ASN, row to stockout alert in two clicks.
817
00:28:03,680 –> 00:28:05,760
Three domains, same pattern.
818
00:28:05,760 –> 00:28:08,880
One lake, medallion, direct lake, purview,
819
00:28:08,880 –> 00:28:10,760
entra monitoring.
820
00:28:10,760 –> 00:28:12,400
No detours, no secrets.
821
00:28:12,400 –> 00:28:14,400
The edge cases don’t break the platform
822
00:28:14,400 –> 00:28:18,320
when the access path is real and the contracts are enforced.
823
00:28:18,320 –> 00:28:21,760
Hybrid walkthrough, one lake and purview security.
824
00:28:21,760 –> 00:28:24,560
Hybrid narration plus UI callouts.
825
00:28:24,560 –> 00:28:26,640
You want proof this isn’t theater.
826
00:28:26,640 –> 00:28:29,280
Fine, watch the access path form under your cursor.
827
00:28:29,280 –> 00:28:32,720
Open fabric left rail, workspaces, NW-plat.pl.D.
828
00:28:32,720 –> 00:28:34,200
This is the platform spine.
829
00:28:34,200 –> 00:28:38,120
Click, lake house, NW-plat.pl.D. Core Lake.
830
00:28:38,120 –> 00:28:40,320
Top right settings, see it.
831
00:28:40,320 –> 00:28:42,320
Trusted workspace access on.
832
00:28:42,320 –> 00:28:45,600
Network isolation configured to your policy.
833
00:28:45,600 –> 00:28:46,680
Why this matters?
834
00:28:46,680 –> 00:28:49,720
You don’t beg five products to honor your perimeter.
835
00:28:49,720 –> 00:28:52,840
One switch, one blast radius.
836
00:28:52,840 –> 00:28:54,480
Back to the lake house.
837
00:28:54,480 –> 00:28:57,120
One lake data hub, pane on the left.
838
00:28:57,120 –> 00:28:59,160
Files area, bronze.
839
00:28:59,160 –> 00:29:01,840
Tables area, silver and conformed dims.
840
00:29:01,840 –> 00:29:03,560
Expand files, bronze sources,
841
00:29:03,560 –> 00:29:06,600
Epoorders year 2025, month 11.
842
00:29:06,600 –> 00:29:08,800
Immutable, partitioned by arrival.
843
00:29:08,800 –> 00:29:12,680
You’re not cleaning, you’re preserving evidence.
844
00:29:12,680 –> 00:29:15,560
Now tables, silver.orders.
845
00:29:15,560 –> 00:29:18,200
Click the table, schema view.
846
00:29:18,200 –> 00:29:21,880
Types explicit, nullability declared.
847
00:29:21,880 –> 00:29:24,200
Partitioning by order date.
848
00:29:24,200 –> 00:29:27,920
Properties panel, sensitivity shows internal.
849
00:29:27,920 –> 00:29:29,200
Per view will read this.
850
00:29:29,200 –> 00:29:30,320
It will travel.
851
00:29:30,320 –> 00:29:32,960
You won’t be able to accidentally launder PII
852
00:29:32,960 –> 00:29:35,760
into a public report and claim you didn’t know.
853
00:29:35,760 –> 00:29:37,760
The label follows the asset.
854
00:29:37,760 –> 00:29:40,320
UI call out, new shortcut.
855
00:29:40,320 –> 00:29:41,200
Click it.
856
00:29:41,200 –> 00:29:42,920
Choose external one lake.
857
00:29:42,920 –> 00:29:46,440
Browse to NW sales PRDLH.
858
00:29:46,440 –> 00:29:48,480
Tables, silver.
859
00:29:48,480 –> 00:29:49,680
Customers.
860
00:29:49,680 –> 00:29:51,680
Add, no copy, no drift.
861
00:29:51,680 –> 00:29:54,080
Security posture inherited from source.
862
00:29:54,080 –> 00:29:56,320
Shortcuts are your anti-duplication weapon.
863
00:29:56,320 –> 00:29:58,000
You’re allowed references.
864
00:29:58,000 –> 00:30:00,000
You’re not allowed shadow clones.
865
00:30:00,000 –> 00:30:04,880
Security, top bar, ellipses, manage access.
866
00:30:04,880 –> 00:30:08,560
Workspace roles, admins, platform engineering only.
867
00:30:08,560 –> 00:30:10,640
Members restricted, contributors,
868
00:30:10,640 –> 00:30:14,480
none outside the platform, viewers, service principles tied
869
00:30:14,480 –> 00:30:16,120
to pipeline runs.
870
00:30:16,120 –> 00:30:19,760
Principle of least privilege and forced at the workspace
871
00:30:19,760 –> 00:30:22,040
not negotiated per item.
872
00:30:22,040 –> 00:30:24,440
If someone asks for just this one table,
873
00:30:24,440 –> 00:30:26,360
the answer is still no.
874
00:30:26,360 –> 00:30:28,760
It’s a boundary, not a suggestion, identity,
875
00:30:28,760 –> 00:30:31,920
enter groups, click add people or groups, type NW
876
00:30:31,920 –> 00:30:33,640
Plot PRD admins.
877
00:30:33,640 –> 00:30:35,640
It resolves to your enter security group,
878
00:30:35,640 –> 00:30:37,680
same for members, readers.
879
00:30:37,680 –> 00:30:39,800
This is the sentence you’ve been missing.
880
00:30:39,800 –> 00:30:42,240
Access to platform data is governed by
881
00:30:42,240 –> 00:30:45,680
enter groups bound to workspace roles.
882
00:30:45,680 –> 00:30:49,840
No personal tokens, no local users, no exceptions.
883
00:30:49,840 –> 00:30:53,840
Now governance, left rail, purview hub, open it,
884
00:30:53,840 –> 00:30:59,640
sources, register one lake item, NW Plot PRD Core Lake.
885
00:30:59,640 –> 00:31:03,360
Choose scan rule set, standard plus sensitive info.
886
00:31:03,360 –> 00:31:07,360
Schedule nightly to AM before business opens.
887
00:31:07,360 –> 00:31:08,920
Click save and run.
888
00:31:08,920 –> 00:31:11,760
This is where you stop drawing lineage in PowerPoint
889
00:31:11,760 –> 00:31:14,600
once the scan finishes open data map.
890
00:31:14,600 –> 00:31:16,240
Search for silver orders.
891
00:31:16,240 –> 00:31:17,160
Click it.
892
00:31:17,160 –> 00:31:18,840
See the asset page.
893
00:31:18,840 –> 00:31:22,720
Properties, owner, description, business glossary terms.
894
00:31:22,720 –> 00:31:27,280
Assign terms, order, fulfillment, cancellation reason.
895
00:31:27,280 –> 00:31:28,800
Now attach a steward.
896
00:31:28,800 –> 00:31:30,360
Now click lineage.
897
00:31:30,360 –> 00:31:34,400
This is the part your old stack couldn’t show without lies.
898
00:31:34,400 –> 00:31:35,680
Upstream.
899
00:31:35,680 –> 00:31:39,200
Ingest pipeline activity, bronze.
900
00:31:39,200 –> 00:31:43,800
ERP orders partition, transform node,
901
00:31:43,800 –> 00:31:49,320
notebook, promote, bronze to silver, with run IDs.
902
00:31:49,320 –> 00:31:55,840
Downstream, gold.f orders, gold.d customer via shortcut,
903
00:31:55,840 –> 00:32:01,080
semantic model, NW sales PRD gold sales ops reports
904
00:32:01,080 –> 00:32:06,320
that consume it, each hop timestamped, each dependency real.
905
00:32:06,320 –> 00:32:09,600
When an exec asks where did this number come from?
906
00:32:09,600 –> 00:32:10,560
You don’t perform.
907
00:32:10,560 –> 00:32:12,440
You show sensitivity.
908
00:32:12,440 –> 00:32:13,960
Back to the asset page.
909
00:32:13,960 –> 00:32:14,700
Edit.
910
00:32:14,700 –> 00:32:17,480
Set sensitivity, confidential for silver.
911
00:32:17,480 –> 00:32:19,040
Orders, save.
912
00:32:19,040 –> 00:32:21,200
Now jump to Power BI service.
913
00:32:21,200 –> 00:32:23,120
Shared analytics workspace.
914
00:32:23,120 –> 00:32:25,880
Open the sales certified semantic model.
915
00:32:25,880 –> 00:32:27,960
Settings, sensitivity.
916
00:32:27,960 –> 00:32:31,600
See it inherit the highest label from upstream tables.
917
00:32:31,600 –> 00:32:32,600
You didn’t relabel.
918
00:32:32,600 –> 00:32:33,720
It propagated.
919
00:32:33,720 –> 00:32:35,040
Open the sales report.
920
00:32:35,040 –> 00:32:37,360
The label is on the report artifact too.
921
00:32:37,360 –> 00:32:40,920
Export to Excel governed by M365 sensitivity rules.
922
00:32:40,920 –> 00:32:44,920
Screen shots won’t save you, but X filtration gets harder.
923
00:32:44,920 –> 00:32:47,760
And auditable UI call out, purview policy.
924
00:32:47,760 –> 00:32:51,280
Back in purview hub policies, create data access policy.
925
00:32:51,280 –> 00:32:56,400
Scope, NW, PlatPRD core lake table, silver.
926
00:32:56,400 –> 00:32:59,880
Allow red for Entra group and undo sales PRD readers.
927
00:32:59,880 –> 00:33:02,200
Deny data actions for external users.
928
00:33:02,200 –> 00:33:02,720
Publish.
929
00:33:02,720 –> 00:33:05,160
You didn’t touch ACLs in five places.
930
00:33:05,160 –> 00:33:07,720
You set an access intent in one governance plane.
931
00:33:07,720 –> 00:33:09,120
The platform enforces it.
932
00:33:09,120 –> 00:33:13,720
Monitoring the posture, fabric monitoring hub, filters,
933
00:33:13,720 –> 00:33:19,840
workspace, it’s NW plate PRD, tabs, pipelines, notebooks,
934
00:33:19,840 –> 00:33:24,360
Power BI, warehouse, capacity, flip to auditing.
935
00:33:24,360 –> 00:33:29,480
Access logs show service principle NW Platy PRD pipelines
936
00:33:29,480 –> 00:33:34,480
reading bronze ERP orders at 0105 human access to silver.
937
00:33:34,480 –> 00:33:38,800
Orders at 0917 by a member report open events at 0922
938
00:33:38,800 –> 00:33:39,800
correlate.
939
00:33:39,800 –> 00:33:45,040
If an impossible value shows up, you can prove who touched what when.
940
00:33:45,040 –> 00:33:49,120
Now force a failure ingest a malformed file into bronze.
941
00:33:49,120 –> 00:33:52,200
Earp orders data factory pipeline and W PlatPRD
942
00:33:52,200 –> 00:33:53,560
ingest moves it in.
943
00:33:53,560 –> 00:33:56,760
Promote bronze to silver notebook runs and rejects
944
00:33:56,760 –> 00:33:58,280
rows to silver.
945
00:33:58,280 –> 00:34:00,320
Orders quarantine with reasons.
946
00:34:00,320 –> 00:34:03,560
Per view scan runs at Ero2 Huntook and discovers a rise
947
00:34:03,560 –> 00:34:05,200
in rejected rows.
948
00:34:05,200 –> 00:34:06,720
Trigger and alert.
949
00:34:06,720 –> 00:34:09,120
In monitoring, you see the pipeline went red.
950
00:34:09,120 –> 00:34:11,920
Validation notebook flagged drift, semantic model
951
00:34:11,920 –> 00:34:15,680
reframing paused because gold partition completion rule
952
00:34:15,680 –> 00:34:17,600
didn’t meet threshold.
953
00:34:17,600 –> 00:34:19,960
Nothing mysteriously updated.
954
00:34:19,960 –> 00:34:23,720
The contracts held, the blast radius stopped at silver.
955
00:34:23,720 –> 00:34:25,280
That’s the point.
956
00:34:25,280 –> 00:34:27,240
Edge case you think beats this.
957
00:34:27,240 –> 00:34:28,640
External S3.
958
00:34:28,640 –> 00:34:31,480
Open NW PlatPRD Corlec new shortcut.
959
00:34:31,480 –> 00:34:33,040
Amazon S3.
960
00:34:33,040 –> 00:34:35,680
Enter bucket path to raw vendor feed.
961
00:34:35,680 –> 00:34:39,200
Authenticate with a managed identity or ses.
962
00:34:39,200 –> 00:34:41,760
Not a shared key baked into code.
963
00:34:41,760 –> 00:34:45,920
Add, bronze now references external data without copying.
964
00:34:45,920 –> 00:34:48,120
Per view still scans the reference table
965
00:34:48,120 –> 00:34:50,960
once it lands as delta in silver.
966
00:34:50,960 –> 00:34:52,400
Governance remains central.
967
00:34:52,400 –> 00:34:54,000
Identity remains entra.
968
00:34:54,000 –> 00:34:56,720
You didn’t break the model to appease an external vendor.
969
00:34:56,720 –> 00:34:57,520
One more lock.
970
00:34:57,520 –> 00:34:59,600
Row level security for consumption.
971
00:34:59,600 –> 00:35:02,320
In the sales semantic model, model view.
972
00:35:02,320 –> 00:35:06,960
Define RLS roles using DAX filters tied to entra groups.
973
00:35:06,960 –> 00:35:10,160
Region in values, user principle name.
974
00:35:10,160 –> 00:35:12,760
Mapped through a security bridge table.
975
00:35:12,760 –> 00:35:15,480
Assign entra groups in the data set security blade.
976
00:35:15,480 –> 00:35:16,960
This is consumption RLS.
977
00:35:16,960 –> 00:35:20,280
Workspace roles protect platform surfaces.
978
00:35:20,280 –> 00:35:23,160
Two layers, two purposes, no confusion.
979
00:35:23,160 –> 00:35:24,040
You see it now.
980
00:35:24,040 –> 00:35:25,800
One leg contains the data.
981
00:35:25,800 –> 00:35:27,440
Workspaces contain the humans.
982
00:35:27,440 –> 00:35:28,880
Entra contains the identity.
983
00:35:28,880 –> 00:35:30,160
Per view contains the map.
984
00:35:30,160 –> 00:35:33,000
Monitoring contains the truth of what happened.
985
00:35:33,000 –> 00:35:34,720
Shortcuts cut copies out of your life.
986
00:35:34,720 –> 00:35:37,680
Sensitivity labels travel so you can’t pretend data
987
00:35:37,680 –> 00:35:40,840
changed its nature when it hits a pretty chart.
988
00:35:40,840 –> 00:35:44,040
If you can’t show this walk on your platform today,
989
00:35:44,040 –> 00:35:48,760
identity to item, lineage to report, label to export,
990
00:35:48,760 –> 00:35:51,600
failure to alert, you don’t have governance.
991
00:35:51,600 –> 00:35:54,440
You have a spreadsheet that says we tried.
992
00:35:54,440 –> 00:35:56,440
Fabric makes the policy the path.
993
00:35:56,440 –> 00:35:59,560
Now the only question is whether you follow it.
994
00:35:59,560 –> 00:36:01,040
Start fabric the right way.
995
00:36:01,040 –> 00:36:02,480
Do this in seven days.
996
00:36:02,480 –> 00:36:04,600
You don’t fix entropy with vibes.
997
00:36:04,600 –> 00:36:07,160
You fix it with a week of disciplined moves.
998
00:36:07,160 –> 00:36:08,440
Seven days.
999
00:36:08,440 –> 00:36:09,720
No heroics.
1000
00:36:09,720 –> 00:36:13,720
Just the minimum viable platform that refuses to lie.
1001
00:36:13,720 –> 00:36:14,720
Day one.
1002
00:36:14,720 –> 00:36:16,920
Capacity, identity, boundaries.
1003
00:36:16,920 –> 00:36:19,840
In Azure, deploy a fabric FSQ.
1004
00:36:19,840 –> 00:36:20,680
Tag it.
1005
00:36:20,680 –> 00:36:21,680
ENVia prod.
1006
00:36:21,680 –> 00:36:22,960
Owner but platform.
1007
00:36:22,960 –> 00:36:23,960
Cost Center.
1008
00:36:23,960 –> 00:36:24,960
Analytics.
1009
00:36:24,960 –> 00:36:30,120
Map budgets in Azure cost management with alerts at 70, 90, 100%.
1010
00:36:30,120 –> 00:36:32,800
In Microsoft, 365.
1011
00:36:32,800 –> 00:36:34,040
Confirm Entra.
1012
00:36:34,040 –> 00:36:35,360
Conditional access.
1013
00:36:35,360 –> 00:36:36,360
Baseline.
1014
00:36:36,360 –> 00:36:37,880
MFA required.
1015
00:36:37,880 –> 00:36:39,680
Compliant device for admins.
1016
00:36:39,680 –> 00:36:42,600
Sign in risk policy enabled.
1017
00:36:42,600 –> 00:36:47,400
Create Entra groups that match workspace roles before you create the workspaces.
1018
00:36:47,400 –> 00:36:50,920
NW, Plat, PR, the admins.
1019
00:36:50,920 –> 00:36:52,480
Members, readers.
1020
00:36:52,480 –> 00:36:54,400
Same pattern for dev and test.
1021
00:36:54,400 –> 00:36:55,560
Same for each domain.
1022
00:36:55,560 –> 00:36:59,120
NW sales PR, the admins, members, readers.
1023
00:36:59,120 –> 00:37:00,920
Names are boring on purpose.
1024
00:37:00,920 –> 00:37:02,240
Boring scales.
1025
00:37:02,240 –> 00:37:03,600
Day two.
1026
00:37:03,600 –> 00:37:06,920
Workspaces and one lake spine.
1027
00:37:06,920 –> 00:37:09,400
Create three platform workspaces.
1028
00:37:09,400 –> 00:37:14,400
NW, Plat, dev, NW, Plat, TST, NW, Plat, PR, D.
1029
00:37:14,400 –> 00:37:16,760
Assign them to your fabric capacity.
1030
00:37:16,760 –> 00:37:20,320
In each create a core lake house and a core warehouse.
1031
00:37:20,320 –> 00:37:24,200
In the core lake house define bronze file structure first.
1032
00:37:24,200 –> 00:37:29,440
Files, bronze, sources, system, entity, partition.
1033
00:37:29,440 –> 00:37:31,440
Partition by arrival cadence.
1034
00:37:31,440 –> 00:37:36,440
Create table silver with a placeholder empty schema for your first entities.
1035
00:37:36,440 –> 00:37:39,520
Builders, customers, products, delta format.
1036
00:37:39,520 –> 00:37:45,840
In workspace settings enable trusted workspace mode and network isolation per your perimeter.
1037
00:37:45,840 –> 00:37:48,920
Bind the Entra groups to workspace roles.
1038
00:37:48,920 –> 00:37:50,240
No individuals.
1039
00:37:50,240 –> 00:37:51,720
No exceptions.
1040
00:37:51,720 –> 00:37:52,800
Day three.
1041
00:37:52,800 –> 00:37:55,160
In jest and validation contracts.
1042
00:37:55,160 –> 00:38:00,160
In NW, Plat, dev build one data flow, gen two or pipeline for a single source entity,
1043
00:38:00,160 –> 00:38:02,160
ERP orders.
1044
00:38:02,160 –> 00:38:08,120
Create raw into bronze with metadata columns, arrival T’s, source, correlation ID.
1045
00:38:08,120 –> 00:38:09,520
Build one notebook.
1046
00:38:09,520 –> 00:38:11,560
Promote bronze to silver orders.
1047
00:38:11,560 –> 00:38:17,320
It reads bronze profile schema and forces types dedupes deterministically write silver
1048
00:38:17,320 –> 00:38:20,120
with partitioning by business date.
1049
00:38:20,120 –> 00:38:23,360
Add a quarantine table for rejects with reasons.
1050
00:38:23,360 –> 00:38:25,040
Write three tests.
1051
00:38:25,040 –> 00:38:28,120
Row count sanity primary key uniqueness.
1052
00:38:28,120 –> 00:38:31,280
Foreign key existence to a conformed dim.
1053
00:38:31,280 –> 00:38:32,880
Double it if needed.
1054
00:38:32,880 –> 00:38:35,760
Fail the pipeline if tests fail.
1055
00:38:35,760 –> 00:38:37,880
Identit write only.
1056
00:38:37,880 –> 00:38:39,600
Atomic commits.
1057
00:38:39,600 –> 00:38:44,000
You’re teaching the system to refuse bad truth.
1058
00:38:44,000 –> 00:38:45,480
Day four.
1059
00:38:45,480 –> 00:38:48,480
Gold and a semantic model without lies.
1060
00:38:48,480 –> 00:38:50,320
Create a gold table.
1061
00:38:50,320 –> 00:38:52,960
F orders from silver.
1062
00:38:52,960 –> 00:38:55,400
Orders with stable grain.
1063
00:38:55,400 –> 00:39:01,080
Create conformed dims for date, customer, product in platform silver.
1064
00:39:01,080 –> 00:39:04,200
Orders them to domains via shortcuts.
1065
00:39:04,200 –> 00:39:09,040
In shared analytics dev build one semantic model in direct lake over gold F orders and
1066
00:39:09,040 –> 00:39:10,360
dims.
1067
00:39:10,360 –> 00:39:13,920
Define five certified measures in a metrics table.
1068
00:39:13,920 –> 00:39:19,160
Orders, revenue, margin, average order value, on time percent if you have it.
1069
00:39:19,160 –> 00:39:21,160
No kpi logic buried upstream.
1070
00:39:21,160 –> 00:39:24,800
Wire a single report page with those measures in a date slicer.
1071
00:39:24,800 –> 00:39:26,240
It’s not a dashboard.
1072
00:39:26,240 –> 00:39:27,240
It’s a proof.
1073
00:39:27,240 –> 00:39:31,640
Direct lake path works measures are index and no copies exist.
1074
00:39:31,640 –> 00:39:32,960
Day five.
1075
00:39:32,960 –> 00:39:34,920
Governance stitched into the path.
1076
00:39:34,920 –> 00:39:40,760
Open purview hub register NW Platt PRD core lake house and warehouse.
1077
00:39:40,760 –> 00:39:45,520
Configure a scan rule set that includes sensitive info detection.
1078
00:39:45,520 –> 00:39:47,120
Schedule nightly scans.
1079
00:39:47,120 –> 00:39:51,760
Assign business glossary terms to silver assets.
1080
00:39:51,760 –> 00:39:52,760
Order.
1081
00:39:52,760 –> 00:39:53,760
Customer.
1082
00:39:53,760 –> 00:39:55,440
Cancelation reason.
1083
00:39:55,440 –> 00:40:01,320
Accessitivity on silver tables where appropriate internal confidential confirm propagation
1084
00:40:01,320 –> 00:40:06,160
into the shared analytics semantic model and report labels.
1085
00:40:06,160 –> 00:40:12,560
Create a purview data access policy that grants read to NW sales PRD readers on specific
1086
00:40:12,560 –> 00:40:17,440
silver tables publish in power bi set certification rules.
1087
00:40:17,440 –> 00:40:23,000
So only platform stewards can certify data sets and only shared analytics can host certified
1088
00:40:23,000 –> 00:40:24,080
models.
1089
00:40:24,080 –> 00:40:27,320
You just turned governance from a memo into code.
1090
00:40:27,320 –> 00:40:33,320
Day six monitoring failure drills reframing discipline in monitoring hub pin of view filter
1091
00:40:33,320 –> 00:40:41,840
to NW Platt PRD and shared analytics PRD pipelines notebooks power bi capacity add alerts
1092
00:40:41,840 –> 00:40:50,400
for pipeline failures and capacity saturation 80% for 15 minutes in the semantic model settings
1093
00:40:50,400 –> 00:40:57,600
disable auto detect reframing for production use pipeline driven reframing after gold partition
1094
00:40:57,600 –> 00:40:58,600
completion.
1095
00:40:58,600 –> 00:41:03,280
Now break something on purpose push a malformed bronze file watch the notebook reject rose
1096
00:41:03,280 –> 00:41:10,160
to quarantine pipeline fail reframing pause verify lineage in purview shows the fail transform
1097
00:41:10,160 –> 00:41:15,720
fix the source rerun watch success propagate you’re teaching the team what loud failure looks
1098
00:41:15,720 –> 00:41:18,320
like silences the enemy.
1099
00:41:18,320 –> 00:41:24,840
Day seven domains shortcuts and access path rehearsal create one domain workspace set
1100
00:41:24,840 –> 00:41:33,780
NW sales dev TST PRD in NW sales PRD create a lake house add shortcuts to platform silver
1101
00:41:33,780 –> 00:41:41,840
orders customers products build one domain specific goal table F sales ops derived from platform
1102
00:41:41,840 –> 00:41:48,600
silver no duplication no upstream logic build a domain semantic model apply RLS using
1103
00:41:48,600 –> 00:41:53,800
intro groups mapped through a security bridge table publish a thin report to shared analytics
1104
00:41:53,800 –> 00:41:59,760
PRD and certified after review now rehearse the access path with your stakeholders show
1105
00:41:59,760 –> 00:42:06,000
one lake folder for bronze silver table schema goal table contract semantic model measures
1106
00:42:06,000 –> 00:42:12,480
lineage graph sensitivity label on the report and monitoring hub for the last 24 hours name
1107
00:42:12,480 –> 00:42:16,760
each boundary allowed if there’s a step you can’t show fix it the platform is the demo
1108
00:42:16,760 –> 00:42:22,880
at the end of seven days you don’t have everything you have the spine one capacity one platform
1109
00:42:22,880 –> 00:42:30,600
one domain one end to end path contracts and forced governance visible monitoring loud
1110
00:42:30,600 –> 00:42:36,520
you replaced we’re working on it with evidence now you scale by repetition not reinvention
1111
00:42:36,520 –> 00:42:42,360
conclusion the fabric mindset shift here’s the shift you stop treating data as a project
1112
00:42:42,360 –> 00:42:48,800
you treat it as a system with one access path one set of contracts one blast radius bronze
1113
00:42:48,800 –> 00:42:56,040
preserves evidence silver and forces truth gold exposes meaning workspaces contain humans
1114
00:42:56,040 –> 00:43:02,560
one lake contains data entra contains identity purview contains the map monitoring contains
1115
00:43:02,560 –> 00:43:07,800
the heartbeat if you’re ready to build the spine in seven days do it now subscribe then
1116
00:43:07,800 –> 00:43:12,720
watch the dev test prod deployment playbook next it’s the exact pipeline and gede flow
1117
00:43:12,720 –> 00:43:19,040
I use to enforce these contracts at scale and the theater name your access path enforce it
1118
00:43:19,040 –> 00:43:21,680
or admit you’re still exporting to excel in the dark
