Earn a 50% discount on the DP-600 certification exam by completing the Fabric 30 Days to Learn It challenge.
I need to hide Patient Identifiable Information (PII) fields in a model. I understand I can create a "Hide PII" role and then assign PII fields to be hidden based on that role. You can see the steps I did for that below.
However, that means by default; all users can view PII fields. Is it possible to set the default behavior for PII fields to not be visible? Then you explicitly have to grant users/groups access to view PII fields (POLP). That, or is there a better strategy out there to do this?
Thanks in advance!
Step 1) Under Manage roles. Create a role named "Hide PII"
Step 2) In Tabular Editor, under OLS set the value to "None" for the Legal First Name column for the Hide PII role
Step 3) Select "View as roles" and select "Hide PII"
Step 4) Verify the Legal First Name field is hidden
Hi @KevinSnow ,
You can not only hide tables and columns but also completely hide the model metadata, so your secured tables and columns are obscured in the field list when using reporting tools like Excel or Power BI. A user without permissions cannot access secured metadata objects via DAX or any other method. To viewers that don’t have the requisite permission, the secured tables or columns simply do not exist.
Please refer to the following blog which explains the relevant steps in detail.
WIsh it is helpful for you!
Best Regards
Lucien
Hi @v-luwang-msft ,
Thank you for the response. I understand that I can hide tables and fields and their metadata by assigning those users to a role, and then in OLS, set it to None for that role on the table or field in question. In other words, by default, a user could see tables and fields that are meant to be secured. Not until they are assigned to a "Hide" like role would the tables and fields in questions be hidden.
My question is, can we change the default behavior so that secured tables and fields are not visible unless you are assigned to a role with permission to view? In other words, anything that is meant to be secured requires you to be assigned to a role with explicit view permissions before you can view it.
User | Count |
---|---|
106 | |
86 | |
81 | |
73 | |
72 |
User | Count |
---|---|
112 | |
100 | |
98 | |
72 | |
66 |