RLS or Row Level Security allows admins to restrict the data access for a particular user. You can define RLS only in Power BI Desktop and to define one open up a report.
This is report that is visible to me as an admin
And we want the end user to only view a subset of this report and for that:
Go to the Modeling tab > Manage Roles
The first filter will be on the Year and we want to show only 2007 or 2009
Now we will create another filter on the Category
You can even specify a DAX filter like the following one:
[Category]
IN
FILTER ( VALUES ( ProductCategory[Category] ), ProductCategory[Category] IN { "Audio", "Computers" } )
Once the filters are specified click save.
Now go back to the modeling tab and select View As option
Now select the new role that you have created and click OK:
Now you can see that Guest can only see Audio, Cell Phones, or Computers for 2007 or 2009
Publishing to Power BI Service and Testing RLS
Now the next thing to do is publish the report to Power BI Service
Navigate to your workspace and select the dataset and go to Setting:
On the next screen select elipses and then Test as role option
Now you can see the Guest view that we got earlier in Power BI Desktop
In the next blog I will show you how to implement Dynamic RLS using USERPRINCIPALNAME DAX function to work with email IDs.
Comments