How can we grant access to a Schema present in Fabric Datawarehouse to all users present in Azure AD Group?

Earlier in our Azure Datawarehouse, whenever we wanted to grant access to multiple users on a specific schemas having tables.

We used to run the below commands.

create role [DB TEAM_Demo]

create user [TEAM_Demo_AD] FROM EXTERNAL PROVIDER

EXEC sp_addrolemember 'DB TEAM_Demo', 'TEAM_Demo_AD'

GRANT ALTER, DELETE, EXECUTE, INSERT, SELECT, UPDATE ON SCHEMA:: SANDBOX_Demo TO [DB TEAM_demo]

However, in Fabric data warehouse, the CREATE USER command is not supported. Therefore, I am unable to grant access to an Azure AD group and have to grant access to individual users instead, which is not very helpful for us.

Can I grant users in an AD group access to a specific schema?

I got the solution using Copilot on how to grant access to a specific schema in Fabric Data warehouse to an AD group. Details below -

Steps to Grant Access to a Specific Schema

1. Create a Role for the AD Group:

   • First, create a role that will be used to manage permissions for the AD group.

   CREATE ROLE [DB_FABRIC_POP_AD];
   
   

2. Add the AD Group to the Role:

   • Add the Azure AD group to the newly created role.

   ALTER ROLE [DB_FABRIC_POP_AD] ADD MEMBER [Your_AD_Group_Name];
   
   

3. Grant Permissions on the Specific Schema:

   • Grant the necessary permissions on the specific schema to the role.

   GRANT SELECT ON SCHEMA::[ABC] TO [DB_FABRIC_POP_AD];
   

Post running the above queries with updated schema and AD group name, I was able to get the desired result.