Create static Row Level Security in Power BI

RLS or Row Level Security allows admins to restrict the data access for a particular user. You can define RLS only in Power BI Desktop and to define one open up a report.

This is report that is visible to me as an admin

And we want the end user to only view a subset of this report and for that:

Go to the Modeling tab > Manage Roles

The first filter will be on the Year and we want to show only 2007 or 2009

Now we will create another filter on the Category

You can even specify a DAX filter like the following one:

[Category]

IN

FILTER ( VALUES ( ProductCategory[Category] ), ProductCategory[Category] IN { "Audio", "Computers" } )

Once the filters are specified click save.

Now go back to the modeling tab and select View As option

Now select the new role that you have created and click OK:

Now you can see that Guest can only see Audio, Cell Phones, or Computers for 2007 or 2009

Publishing to Power BI Service and Testing RLS

Now the next thing to do is publish the report to Power BI Service

Navigate to your workspace and select the dataset and go to Setting:

On the next screen select elipses and then Test as role option

Now you can see the Guest view that we got earlier in Power BI Desktop

In the next blog I will show you how to implement Dynamic RLS using USERPRINCIPALNAME DAX function to work with email IDs.