Solved: Dynamic RLS with security group

Anonymous · ‎04-26-2022

Hi, there is a dynamic RLS in my report.

Some can see all locations' data, some can only see 1 specific location.

There are ~50 locations in total.

VAR _Role = MAXX(FILTER('Table', 'Table'[UserName] = userprincipalname() ), 'Table'[location])
RETURN
IF (_Role = "All", TRUE(),
[UserName]  = userprincipalname() )

Since the users will be keep increasing, in this case, is it possible I can create a secuirty group including all ppl in my company, while still applying the RLS rule? and how to do that? thanks.

Anonymous · ‎04-28-2022

Hi @Anonymous ,

In the Power BI service, you can add a member to the role by typing in the email address or name of the user or security group. You can't add Groups created in Power BI. You can add members external to your organization.

You can use the following groups to set up row level security.

Distribution Group
Mail-enabled Group
Security Group

Note, however, that Office 365 groups are not supported and cannot be added to any roles.

More details: Row-level security (RLS) with Power BI

I have also found a similar post, please refer to it to see if it helps you.

Dynamic RLS with AD Security Groups - best practices and app sharing?

After setting up RLS, you can publish an app, add the "all employees" group you mentioned, and then they will see different content according to the permissions you set, and other users outside of RLS can access the report, but they can't see all the data.
Remember not to give the user build permission of the dataset or edit permission of the report, otherwise RLS won't work.

If I have misunderstood your meaning, please provide more details.

Best Regards

Community Support Team _ Polly

If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

View solution in original post

Anonymous · ‎04-28-2022