Microsoft Purview · Unified Catalog Governance
Local Catalog Reader
Read published concepts only in assigned governance domain. Limits federated access for regulatory requirements.
Scope: Published content in assigned governance domain only
Permissions
- View published data products in assigned domain only
- Access published glossary terms within domain
- Search and discover data within domain boundaries
- Request access to data products in assigned domain
- Blocked from viewing other domains unless explicitly granted access
Common use cases
- Regulatory isolation for HIPAA, GDPR, or other compliance domains
- Highly confidential domains requiring access restrictions
- Geographic data residency requirements
- Third-party contractors with limited scope access
- Vendor access to specific domain only
- Legal or compliance domains with confidentiality requirements
Best practices
- Use sparingly - hinders federated governance approach
- Document regulatory or legal justification for restriction
- Prefer Global Catalog Reader for most users
- Use for HIPAA, GDPR, or other regulated data domains
- Combine with Data Map collection permissions for access control
- Regular review of necessity - remove restriction when no longer needed
- Consider if technical controls (Azure RBAC) are more appropriate
Security considerations
- Breaks federated governance model by creating silos
- Use only when legally or regulatorily required
- Overuse creates data silos and reduces collaboration
- May need for contractors or third parties
- Does not restrict access to underlying data (needs Data Map controls)
- Published-only access - more restrictive than Governance Domain Reader