RLS on PowerPilot
Last updated
Last updated
To restrict access to certain report data based on user credentials, Power Pilot now also supports Row Level Security (RLS).
With this feature, if your dataset is configured with the DAX CUSTOMDATA() function and users have access to Power Pilot, security filters will be applied, ensuring that each user sees only the information relevant to them, which enhances data security.
Unlike standard RLS, which uses the USERNAME() or USERPRINCIPALNAME() functions, Power Pilot uses the CUSTOMDATA() function. This function is easy to configure and allows effective control over the data visible to each user.
In Power BI Desktop, two RLS configurations are required:
Rule: Use the USERNAME() or USERPRINCIPALNAME() functions to create filters based on a user table. This configuration is essential for dynamic RLS.
Rule:Use the same table to filter, but now pass the CUSTOMDATA() function to apply the filter.
Dynamic RLS configuration is a prerequisite for CUSTOMDATA() configuration. Static RLS is not compatible with this scenario.
Dynamic RLS Configuration: Configure dynamic RLS by passing USERNAME() or USERPRINCIPALNAME() as the function.
Power Pilot RLS Configuration: Use the CUSTOMDATA() function
Once the RLS is created, simply publish the report to the Power BI service.
To configure Power Pilot RLS, go to the admin portal, Artifacts > Datasets > Reload.
After reloading the dataset, search for the dataset that had RLS configured, click on Actions > Security. To configure the rule, follow two steps:
1° Step: In the Dynamic Security menu, select the configured function.
In the Power Pilot Security menu, select the CUSTOMDATA() function.
After these configurations, Power Pilot will have RLS properly configured, and each user will see only the information relevant to them.
