Power BI production readiness checklist

A Power BI semantic model is production-ready when the data team can step away from it and nothing surfaces wrong numbers in their absence. This checklist is the threshold.

1. Model shape

• [ ] Star schema: facts in the middle, dimensions radiating out.
• [ ] One relationship per fact-to-dim edge; no bridge tables without documented many-to-many need.
• [ ] Wide dimensions, narrow facts; every describable attribute on the dim.
• [ ] Conformed dimensions shared across facts (dim_date, dim_customer).
• [ ] Surrogate keys, integer-typed.
• [ ] No calculated columns on facts; derived columns live upstream in dbt or Databricks views.

See model authoring standards for the full rule set.

2. Connectivity

• [ ] Native Databricks connector; ADBC driver.
• [ ] Databricks.Catalogs(...) source, not Databricks.Query.
• [ ] Service principal authentication for service-side refresh; M2M OAuth.
• [ ] Serverless SQL warehouse sized per warehouse reference.
• [ ] Gateway (if on-premises) running v3000.270.10 or later.

3. Storage mode choice

• [ ] Decision documented in PR: why Import, DirectQuery, Dual, or Direct Lake.
• [ ] If DirectQuery or Direct Lake: dims in Dual; automatic aggregations enabled for models >100M fact rows.
• [ ] If Import: incremental refresh policy on every growing fact table.

4. Measures

• [ ] Every measure has a description field in TMDL.
• [ ] Every measure has an explicit FormatString.
• [ ] Measures, not calculated columns.
• [ ] DIVIDE() used where denominators can be zero.
• [ ] Variables (VAR) for any expression used more than once.
• [ ] No bidirectional relationships; CROSSFILTER() in specific measures only.
• [ ] BPA clean; no open violations.

5. Semantic model topology

• [ ] One shared semantic model per domain, not one per team.
• [ ] Published to a gold-tier workspace.
• [ ] Endorsed Certified (for cross-org) or Promoted (for team scope).
• [ ] Thin reports connect via live connection; no report-local semantic models for Certified content.
• [ ] Ownership named; quarterly ownership review on the calendar.

6. Source control

• [ ] PBIP format, not .pbix. .gitignore blocks .pbix.
• [ ] TMDL for the .SemanticModel folder.
• [ ] Per-developer workspaces for testing (workspace-dev-<user>).
• [ ] Trunk-based development; no long-lived feature branches.

7. CI/CD

• [ ] fabric-cicd for deploys; no manual UI-driven deploys to prod.
• [ ] Three environments: dev, staging, prod. XMLA read-write enabled.
• [ ] OIDC authentication from CI to Azure; no long-lived secrets.
• [ ] BPA gate: PRs with violations fail.
• [ ] DAX query tests run on every deploy; fail the deploy on regression.
• [ ] Post-deploy Enhanced Refresh smoke test; fail if refresh errors.

See CI/CD guide.

8. Refresh

• [ ] Refresh driven by Enhanced Refresh API from the orchestrator, not the UI scheduler.
• [ ] Refresh chained to upstream data pipeline success (dbt, Lakeflow, etc.).
• [ ] Incremental refresh policy with RangeStart / RangeEnd parameterization in the M query.
• [ ] commitMode: "transactional" default.
• [ ] Refresh success rate monitored as a first-class SLI (target > 99.5%).

See Enhanced Refresh guide.

9. Performance

• [ ] p95 visual render time on the slowest report < 3 seconds.
• [ ] DAX Studio server timings reviewed for the top 10 measures.
• [ ] Warehouse query history reviewed: p95 warehouse query < 2 seconds.
• [ ] No warehouse queued-queries under normal load.
• [ ] Automatic aggregations enabled where applicable.

10. Row-level security

• [ ] RLS roles defined in TMDL, not in the service.
• [ ] Tested against known users in dev before staging deploy.
• [ ] Role filters on dimension tables, not on fact tables.
• [ ] RLS test cases run in CI: each role sees the expected row count for a fixed test dataset.

11. Governance

• [ ] Tables map to Unity Catalog tables with governance tags (classification, pii, domain, tier).
• [ ] PII-bearing columns flagged; columns with classification: confidential never exposed in visuals without role-based restriction.
• [ ] dbt exposures declare the semantic model as downstream of its source ref()s; lineage flows correctly in UC and dbt docs.
• [ ] Audit trail captured: who accessed the model, when, for Certified models.

12. Documentation

• [ ] Model description: sources, grain, consumers, known limits.
• [ ] Every measure has a description covering what it computes and edge cases.
• [ ] Breaking-change release notes accompany Certified-model version bumps.
• [ ] Dashboard owners listed in the workspace README or equivalent.

13. Rollback

• [ ] Every prod deploy is tagged.
• [ ] Rollback procedure documented: git checkout <tag> && fabric-cicd deploy --target prod.
• [ ] Surgical-fix path documented using ALM Toolkit for single-measure hotfixes.
• [ ] Rollback rehearsed at least once per quarter.

14. Monitoring

Four signals, all as first-class SLIs:

Wire these into your observability stack (Power BI Admin API + Grafana / Datadog / Causeway internal).

15. AWS-specific readiness

For AWS deployments where Databricks sits behind PrivateLink:

• [ ] On-premises data gateway in the AWS VPC; v3000.270.10+.
• [ ] Service principal with M2M OAuth configured in the gateway.
• [ ] Cross-cloud latency budgeted (20-80 ms per query).
• [ ] Gateway monitored for memory and CPU headroom.

16. The Certified gate

Before a semantic model is Certified (org-wide endorsement), a reviewer confirms each section above with a concrete artifact: a PR review note, a CI run link, a screenshot of the post-deploy refresh test result, a runbook link.

Deviations require an RFD and a dated waiver in the workspace README. Waivers expire on a fixed cadence (90 days typical).

See also

• Model authoring standards — per-model rules these readiness items rest on.
• Semantic models — the shared-model pattern.
• Enhanced Refresh — the orchestration pattern section 8 requires.