HomePower BIPower BI Security

Comments

Power BI Security — 8 Comments

  1. Nice post! A question on the following sentence:

    “You can delineate access privileges to these apps: a Recipient only views the reports, Report Consumers are able to interact with but not edit the data, and the App Author can make edits.”

    Where can I read more about this?

  2. Hi

    I have two questions:-
    1) Is it possible show different users different fields n the downloaded data (so PII could be shown to one person but not another)?
    2) Can you grab the PowerBI audit log and push it into an SQL database/table?

    For Q2, we do this for our reports (for auditing purposes) but, know I know it exists in PowerBI, we’d need to do the same for that as well.

    TIA

    Richard

    • Hi Richard,

      1) You can use Dynamic Data Masking that is available in SQL Server/database to obfuscate PII data for certain people
      2) You can download the activities by using a REST API or PowerShell cmdlet and import them into SQL Server

  3. Pingback:Row Level Security & Beyond in Business Intelligence Applications: A Practical Overview – Olivier Travers

  4. If a “service account” is involved how can RLS hierarchies be implemented with PBI in the service and Azure SQL Server and Azure Active Directory in the mix?

    Second question can Azure SQL Server security be used for RLS hierarchies in any scenario with PBI in the service?

    Third question with PBI in the Service, Azure SQL Server, Azure Active Directory and a “Service Account” in the mix, what is the best way to implement RLS hierarchies, either in PBI or directly in SQL Server?

    Thank your very much for any advice!!

  5. Hi James,
    Nice write up.

    I am facing some challenges which i cannot have any answers.

    I have a tabular model which hold properties and claims details.
    I have added RLS on the contracts which limit individuals from seeing all data.
    Using power bi to connect to the tabular cube and published to PBI services. I have given access to guest users outside my organization tenant, however they still see all data.

    Any help on this as i cannot find any proper solution online. there is no way i can create users table and link it to the two tables i have in the model.

    RLS works for internal users but not for external users.

Leave a Reply

Your email address will not be published. Required fields are marked *

HTML tags allowed in your comment: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>