In Part I of ‘Secure and Share’, I talked about Personalized views in Power BI, today we will see how Object level security can be implemented. From Power BI Desktop to Tabular editor and Power BI service, we will explore the process of implementing security regulations, so employees can have access to their own data only, and Data Governance and confidentiality can be maintained.
Row level security and object level security are two options provided by Power BI to set up report in such a way that users can access the data which they are concerned about.
Although Row level security is mostly used, there is also an option of Object level security as well in Power BI. Object level security is the security to have access to limited number of columns in a particular table or a complete table needs to be hidden. In addition to that, selected measures can also be kept as 'hidden' with Object level security.
Now, lets see how object level security (OLS) can be implemented practically.
OBJECT LEVEL SECURITY:
Here, I will be demonstrating OLS options with the help of an external tool Tabular Editor and by creating different perspectives to implement security.
I am using the below Customer Churn dataset.
I am creating just one perspective Viewer perspective for demo purpose, but we can create multiple perspectives according to the needs. From the tables in the data model, we can either choose to allow the complete table to the end user or only few columns. Here we can choose different columns from different tables and add those in one perspective.
After the perspective is created, we have to add on the columns to allow the user to have access to those columns. Here I have added Gender, dependents, Phone service and Internet service in Viewer perspective.
In the demo data model, we have only one table. If a dataset has more than one table, different columns from different tables can also be added in one perspective.
Save the Tabular Editor file, come back to Power BI and refresh. now you will be able to see the perspective which you have created in Tabular Editor.
Now save the report with the perspectives and publish it to server.
Here is the view of the report published on the server side. When I will click to personalize the visual, on which permission was given (in Part I of Secure and Share series https://www.numpyninja.com/post/secure-and-share-part-i-understanding-personalized-views-in-power-bi-using-tabular-editor) only the columns which were added in the perspective will be shown. I can't change other columns which were not added to the perspective.
This is what is called as Object level security.
In the next part of 'Secure and Share' series, I will be explaining how Row level security can be implemented.
Thanks for reading!
Comments