Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Get certified in Microsoft Fabric—for free! For a limited time, the Microsoft Fabric Community team will be offering free DP-600 exam vouchers. Prepare now

Reply
Anonymous
Not applicable

Power BI security measures (Row-Level Security, Azure Active Directory, Content Packs) and use cases

‎05-08-2017 08:13 AM

Hi,

I'm looking at implementing secuirty with Power BI. The three areas I'm investigating are Row-Level Security, Azure Active Directory, and Content Packs. Below I provide a brief (very brief) understanding of each area. I would like to ask you guys the use cases for each please.

 

Row-Level Security
You create a role(s) in Desktop, published the report to the Service, and then apply users to the role(s) created in the report.

A use case would be if you had a single report but require many users to view the same report but with each user only being able to see certain data. This would eliminate the need to produce the same report many times with a page filter each time, so to produce a report containing only the information that user is able to see.

All pretty simple to implement. Is there more to Row-Level Security? More uses?

 

Azure Active Directory

A tenant is a sole instance for an organisation within the Azure cloud. Each tenant is associated with its own AAD subscription. Each tenant has its own Domain name. The Domain is controlled inside of AAD. So when the user Mr.T@powerbi.com signs into the organisation's Power BI Service, the Domian name (i.e. powerbi.com) is matched against the tenant name in the AAD. If matched the user (Mr T) is granted permission to the reports associated with that tenant.

Is this correct?

Is there anymore to Azure Active Directory with Power BI?

It doesn't seem like you apply AAD securirty measures in Power BI. It just seems a check is made to see which user is matched to which Power BI Service account.

 

Content Packs

Content Packs are just like zipping up the Power BI files to share with others. If you want to share a Dashboard then the Report and Dataset will be shared too, if you want to share the Report then the Dataset will be shared too, and if you share the Dataset then only the Dataset will be shared.
I'm not sure how security is applied to this Content Packs.

 

Are you able to comment on my above statements and provide user cases for each area?

 

Thanks in advance.

Labels:
Message 1 of 5
1,647 Views
0
4 REPLIES 4
v-shex-msft
Community Support
Community Support

‎05-08-2017 11:11 PM

Hi @Anonymous,

 

>>Row-Level Security

You can refer to below links to know more about RLS and the advanced use function.

Row-level security (RLS) with Power BI

Power BI – Dynamic Row Level Security – Tips to get it working!

 

>>Azure Active Directory

Abou AAD, you can get further support at Azure forum.

 

>>Content Packs

You can't configure the security of content pack, all member has the same permission as the creator, but the users which get data from content pack only has the read permission, if you want do some customize operations, you should make a copy, then operate the copied data.

 

For detailed information, please refer to following links:

Intro to organizational content packs in Power BI

Organizational content packs: Copy, refresh, & get access

 

Regards,

Xiaoxin Sheng

Community Support Team _ Xiaoxin
If this post helps, please consider accept as solution to help other members find it more quickly.
Message 2 of 5
1,629 Views
0
Anonymous
Not applicable
In response to v-shex-msft

‎05-11-2017 02:56 AM

v-shex-msft - thanks for the response.

 

The links you provided I had already covered that info - but thanks anyway. I guess I was asking if anyone had any strong 'use cases' for the different security features in Power BI.

 

Actually, in picking this up again I see now the use of 'Apps' are to replace Content Packs. I see this is a new feature for this month.

 

 

Message 3 of 5
1,613 Views
0
perpor
Helper V
Helper V
In response to Anonymous

‎05-11-2017 03:27 AM


About security I am exploring what measures should be taken in case I send to someone the .pbix file (suppose pro version in both cases).

I have some direct query with 'select ....'. Assuming I am the user who received the .pbix file, I tried to replace 'select ..' with 'delete ...', and the query worked, obviously you will say ... Thank you for any suggestions about it

Message 4 of 5
1,607 Views
0
Anonymous
Not applicable
In response to perpor

‎05-15-2017 03:16 AM

I have just tried this too.

Amending the SELECT statement to a DELETE statement in a Direct Query, and it does delete the data. Now looking to try this from a workbook held in OneDrive.

Message 5 of 5
1,584 Views
0

Helpful resources

Announcements
OCT PBI Update Carousel

Power BI Monthly Update - October 2024

Check out the October 2024 Power BI update to learn about new features.

September Hackathon Carousel

Microsoft Fabric & AI Learning Hackathon

Learn from experts, get hands-on experience, and win awesome prizes.

October NL Carousel

Fabric Community Update - October 2024

Find out what's new and trending in the Fabric Community.

View All
Top Solution Authors
View All
Top Kudoed Authors
View All
Users online (2,392)