Question 105414 in Azure Question posted in
The official documentation to get you started can be found here.

Can PowerBI inherit RLS from Azure Synapse SQL?

I have a Azure Synapse SQL table which contains a list of companies.

I have created an access matrix, security predicate and policy to filter data presented based on the user.

Create FUNCTION spf.rls_securitypredicate_dimcompany(@Companycode AS nvarchar(50))  
RETURNS TABLE  
WITH SCHEMABINDING  
AS  
RETURN SELECT 1 AS tvf_securitypredicate_result
From dwh.dimCompany a
Join spf.AccessMatrix b on a.companycode = b.companycode
Where (a.CompanyCode = @Companycode
        and 
        b.emailaddress = USER_NAME()
        )

This works fine as when someone executes a query on this dataset it only presents data relevant to their login.
I’ve published a PowerBI Dashboard to a shared workspace and RLS has been applied as per my login and not the user viewing the PBI report.
Is there a way of inheriting the RLS from Synapse to PBI or would i have to recreate the RLS feature in PBI?

Tags:

2

Answers


  1. 0

    The solution will depend on whether DirectQuery is being used or data is being imported.

    • The security roles in your data source are not utilized when importing data into your Power BI dataset. Establishing RLS will help you impose security restrictions on users that connect to Power BI.
    • When utilizing DirectQuery, the security roles from your data source are utilized. In order to apply security rules to the data when a user reads a report, Power BI queries the underlying data source using the user’s login information.

    Refer – Row-level security (RLS) with Power BI

    Login or Signup to reply.
  2. 0

    And in Import mode you can apply compatible RLS by importing the AccessMatrix table and using it in Power BI Dynamic Row-Level security. So Power BI would be enforcing the RLS based on the data entitlement data stored in Synapse.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search