As Fabric/Power BI administrators, there is currently no straightforward, tenant‑wide way to identify which semantic models have Row‑Level Security (RLS) applied.

Today, the only option is to:

• Scan workspaces individually using Workspace IDs
• Drill down one level to the semantic model
• Extract metadata to determine whether RLS is configured

While this approach works, it is manual, time‑consuming, and not scalable for large environments with hundreds or thousands of workspaces.

Proposed Idea

Introduce a built‑in, centralized way for administrators to view RLS configuration metadata across the entire Fabric tenant, without needing to scan each workspace individually.

Ideally, this would include:

• A tenant‑level report or admin view showing all semantic models with RLS enabled
• Exposure of RLS metadata via:
  • Fabric Admin Portal
  • Enhanced Admin APIs or XMLA/Metadata endpoints
• Filters by workspace, dataset/semantic model, or RLS presence (Yes/No)

Why This Matters

This capability would significantly improve:

• Security auditing and compliance
• Governance and risk management
• Operational efficiency for admins

Administrators need fast answers to questions like:

• Which semantic models are protected by RLS?
• Where is sensitive data being restricted (or not)?
• Are RLS policies consistently applied across the organization?

Business Value

• Reduces manual monitoring effort
• Improves security posture and compliance readiness
• Enables proactive governance at scale
• Aligns with enterprise‑grade admin expectations for Fabric

Summary

A tenant‑wide, readily available view of semantic models with RLS enabled would be a major enhancement for Fabric administrators. Having this information centrally available—rather than derived through workspace‑by‑workspace scans—would make auditing, governance, and security management far more effective.