- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Dynamic RLS and groups
Hi there, in this time, I'm working with dynamic RLS so I have a dim_table_security and I'm implemented RLS in 4 diferents roles, admin, country, state, city, with their user principal name, e.g ted@org = US , tom@org = Kansas ; It's fine. So I'm trsting with roles and username is OK. but in the service It's requiere to apply groups, not user by user. So my question is: Do it need create one group by role or one group for all roles?
🤔
thanks
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, @Peter_23
You can create a new security group in your authentication service, such as Azure Active Directory. Create separate groups for each role (e.g., Admin, Country, State, City). Add the appropriate users to the group of the role they belong to. For example, add admin users to the Administrators group, add country level users to the country group, and so on.
Next, in your data model, configure RLS rules based on the group to which the user belongs. You can use DAX expressions in Power BI to define RLS rules to ensure that only users of a specific group have access to the corresponding data.
Publish the configured data model to the Power BI service. Then test whether different groups of users can only access the data they are authorized to.
How to Get Your Question Answered Quickly
Best Regards
Yongkang Hua
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, @Peter_23
You can create a new security group in your authentication service, such as Azure Active Directory. Create separate groups for each role (e.g., Admin, Country, State, City). Add the appropriate users to the group of the role they belong to. For example, add admin users to the Administrators group, add country level users to the country group, and so on.
Next, in your data model, configure RLS rules based on the group to which the user belongs. You can use DAX expressions in Power BI to define RLS rules to ensure that only users of a specific group have access to the corresponding data.
Publish the configured data model to the Power BI service. Then test whether different groups of users can only access the data they are authorized to.
How to Get Your Question Answered Quickly
Best Regards
Yongkang Hua
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Normally, if you have created one RLS roles then one group for all roles is fine but if you have multiple roles created then create specific group by roles.
Proud to be a Super User! | |

Helpful resources
Subject | Author | Posted | |
---|---|---|---|
05-04-2023 11:37 PM | |||
03-28-2025 12:48 AM | |||
03-02-2025 03:52 PM | |||
07-18-2024 09:14 AM | |||
12-18-2024 05:43 AM |
User | Count |
---|---|
47 | |
47 | |
45 | |
11 | |
10 |