Hello,
I'm working on new implementation of PowerBI Service within the company. I would like to ask your advice on how to structure workspaces / datasets for best future extendability having in mind data security.
Company is split into a few departments and each is split into teams.
Projects are assigned to a department level.
Each project has one or more project managers.
There is one workspace where I ingress data from API and transform it.
I created another workspace where I plan to keep some generic datasets.
I created a dataset of employees declarations (work time). The requirement is that top management and some other people should be able to see entire dataset, heads of departments should see only declarations related to department's projects and project manager to see only declarations related to his project. Here is the data model:
Initialy I wanted to have one workspace per department and find a way to create subset of data for each department only. But, I did not find an easy way to filter data into smaller chunks without creating separate data models for each department:
Dataflows -> Generic data model -> Filtered dataset for each department.
Is Row Level Security a way to go here? I plan to create a "security table" with project ids and ids of people with permit to see declarations assigned to a given project. How would that scale if I would like to re-use this dataset for other reports in other workspaces?
@JanKral I would say that RLS is the way to go here and enable datasets to be used cross workspaces. The other route to go would be to create a composite model for each department that leveraged DirectQuery for Power BI Datasets and filtered thing down to the department. But, that wouldn't be true security because they could change the filter and get around it.
@ me in replies or I'll lose your thread!!!
Instead of a Kudo, please vote for this idea
Become an expert!: Enterprise DNA
External Tools: MSHGQM
YouTube Channel!: Microsoft Hates Greg
Latest book!: The Definitive Guide to Power Query (M)
DAX is easy, CALCULATE makes DAX hard...
@JanKral I would say that RLS is the way to go here and enable datasets to be used cross workspaces. The other route to go would be to create a composite model for each department that leveraged DirectQuery for Power BI Datasets and filtered thing down to the department. But, that wouldn't be true security because they could change the filter and get around it.
@ me in replies or I'll lose your thread!!!
Instead of a Kudo, please vote for this idea
Become an expert!: Enterprise DNA
External Tools: MSHGQM
YouTube Channel!: Microsoft Hates Greg
Latest book!: The Definitive Guide to Power Query (M)
DAX is easy, CALCULATE makes DAX hard...
Helpful resources
Fabric Community Update - April 2024
Find out what's new and trending in the Fabric Community.
