Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.
Hello everyone,
I have build a report which uses data from 2 datasets located in different workspaces - this works neatly.
However, users who are supposed to see the report have access to either one of these workspaces (never both of them) due to data confidentiality. Instead, I have granted the users access only to the particular dataset in the workspace they don't have access to (which works well and they can see and open only that dataset on that workspace).
And now the problem I am trying to solve:
(1) the users have access to the whole workspace where the report is located
(2) the users have limited access (just to the dataset) in the worspace containing the second dataset
(3) the users can open and see the report and datasets individually and separately
(4) the users get a data access error on any graphs/visuals sourcing from the dataset located in the workspace they don't have access to
Is it possible to make that configuration work? The idea is to avoid granting them access to the whole workspace which they are not supposed to see.
P.S. The datamodel uses Live connection to the 2 datasets.
Best regards,
Tihomir
Hello @Anonymous ,
(1), (2), (3) are all solved/working - the issue is when I get to step (4), i.e. combining all that together.
Maybe this visual will help explain it:
At the end, I don't want to grant them access to Workspace 2 as a whole, but I want them to be able to see the data coming from Dataset 2.
Try implementing RLS in dataset 2
First implement RLS in Power BI Desktop then in your workspace 2 assign users(only those who needs to see the report) to your RLS role.
I think users from workspace 1 couldn't access data from workspace 2. So apply RLS for users from workspace 1.
But that would allow the users to see all the reports in workspace 2, right? This is the scenario which I'm trying to avoid.
By Implementing RLS you are limiting their access. RLS allows users to see only those data they are given access to.
Consider this scenario,
You have a dataset that contains sales data and info about employee like salesperson or manager. Now if you implement rls for salesperson, they will only see sales data for themselves. They can't see other salespersons or managers data.
Now come to you case, when you are implementing rls for users in workspace 2 for the users who has access to workspace 1 but not 2, they can only access their related information. But you have to specify which data they can access and implement proper filtering in your rls role.
Hope you get my point if not, do let me know.
Hello @TihomirHristov
Let me be clear, for problem 1. do you want to give access to specific users? or limit users' access?
2. are the users, who want to limit access from a different workspace?
As for
3. it can be implemented by solving 1 and 2
4. users are getting errors because they don't have any access to the dataset. So if you want them to access some data related to them, try implementing RLS then apply the RLS role to the dataset. Let me know if you have any question or if I am thinking it the wrong way.
Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City
Check out the April 2024 Power BI update to learn about new features.