Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Level up your Power BI skills this month - build one visual each week and tell better stories with data! Get started

Reply
faikar
Frequent Visitor

Choosing Between RBAC and ABAC in Power BI and SSAS Tabular

‎02-19-2026 06:19 PM

Hello,

I would like to ask about the best approach for managing access control in a Power BI and SSAS Tabular environment.

In our company, analytics products are built using SQL Server Analysis Services (Tabular) and presented through Power BI dashboards.

We need to restrict access based on sales regions. For example:

  • Users in Region 1 can only see Region 1 data

  • Users in Region 2 can only see Region 2 data

  • Users in Region 3 can only see Region 3 data

We are currently considering two approaches:

  • Role-Based Access Control (RBAC)

  • Attribute-Based Access Control (ABAC)

Which approach is more appropriate for this scenario in terms of scalability, maintainability, and alignment with Power BI and SSAS Tabular security models?

Thank you.

Message 1 of 4
390 Views
1 ACCEPTED SOLUTION
cengizhanarslan
Super User
Super User

‎02-19-2026 10:42 PM

If you create one role per region, you’ll end up with:

  • Many roles as regions/subregions grow

  • Users needing multi-region access → role explosion

  • Higher admin overhead every org change

Instead, use a single (or few) RLS roles and drive filtering from a User ↔ Region mapping table (attributes).

 

Best Practice:

1) A security table like:

  • UserRegion
  • UPN (user email)
  • RegionKey

2) Relationship:

  • UserRegion[RegionKey] -> DimRegion[RegionKey]

3) Role filter (dynamic): 

  • UserRegion[UPN] = USERPRINCIPALNAME()
 
Now users automatically see only their region(s). Add/remove rows in UserRegion and security updates without creating new roles. Scales well, easy to maintain, and aligns with Tabular + Power BI best practice.

 

_________________________________________________________
If this helped, ✓ Mark as Solution | Kudos appreciated
Connect on LinkedIn | Follow on Medium
AI-assisted tools are used solely for wording support. All conclusions are independently reviewed.

View solution in original post

Message 2 of 4
345 Views
3 REPLIES 3
v-prasare
Community Support
Community Support

‎02-26-2026 03:36 AM

Hi @faikar,

We would like to confirm if our community members answer resolves your query or if you need further help. If you still have any questions or need more support, please feel free to let us know. We are happy to help you.

 

 

 

Thank you for your patience and look forward to hearing from you.
Best Regards,
Prashanth Are
MS Fabric community support

Message 4 of 4
245 Views
0
v-prasare
Community Support
Community Support

‎02-23-2026 06:40 AM

Hi @faikar,

We would like to confirm if our community members answer resolves your query or if you need further help. If you still have any questions or need more support, please feel free to let us know. We are happy to help you.

 

 

 

Thank you for your patience and look forward to hearing from you.
Best Regards,
Prashanth Are
MS Fabric community support

Message 3 of 4
294 Views
0
cengizhanarslan
Super User
Super User

‎02-19-2026 10:42 PM

If you create one role per region, you’ll end up with:

  • Many roles as regions/subregions grow

  • Users needing multi-region access → role explosion

  • Higher admin overhead every org change

Instead, use a single (or few) RLS roles and drive filtering from a User ↔ Region mapping table (attributes).

 

Best Practice:

1) A security table like:

  • UserRegion
  • UPN (user email)
  • RegionKey

2) Relationship:

  • UserRegion[RegionKey] -> DimRegion[RegionKey]

3) Role filter (dynamic): 

  • UserRegion[UPN] = USERPRINCIPALNAME()
 
Now users automatically see only their region(s). Add/remove rows in UserRegion and security updates without creating new roles. Scales well, easy to maintain, and aligns with Tabular + Power BI best practice.

 

_________________________________________________________
If this helped, ✓ Mark as Solution | Kudos appreciated
Connect on LinkedIn | Follow on Medium
AI-assisted tools are used solely for wording support. All conclusions are independently reviewed.
Message 2 of 4
346 Views

Helpful resources

Announcements
Fabric SQL PBI Data Days

Data Days 2026 coming soon!

Sign up to receive a private message when registration opens and key events begin.

New to Fabric survey Carousel

New to Fabric Survey

If you have recently started exploring Fabric, we'd love to hear how it's going. Your feedback can help with product improvements.

Power BI DataViz World Championships carousel

Power BI DataViz World Championships - June 2026

A new Power BI DataViz World Championship is coming this June! Don't miss out on submitting your entry.

View All