Security & Roles
manage_security manages:
- Roles (RLS + OLS-style metadata permissions)
- Perspectives (curated “views” of the model for usability)
This is the tool you use when you need to answer: “Who should see what?” inside the semantic model.
You don’t need to know tool parameters-describe the intent (who should see what), ask the assistant to propose a safe implementation, and validate with small aggregate queries.
What to ask the LLM (quick prompts)
“List roles and summarize their RLS filters and hidden tables/columns (if any).” “Create a roleSalesTeam and restrict it to the user’s region. Propose the filter(s) first and explain relationship propagation.”
“Hide sensitive columns for non-admin roles: Customers[Email], Customers[Phone].”
“Create a Finance perspective with only finance tables/measures. Show members before applying.”
Roles: what you can enforce
Row-level security (RLS)
RLS is implemented as table filters-DAX expressions evaluated in the row context of a table. Those filters then propagate through relationships.
Common patterns:
- “Filter Sales to the user’s region”
- “Filter Customers to the user’s sales territory”
- “Filter by USERPRINCIPALNAME mapping table”
Prompts:
“Propose the RLS filters for roleSalesTeam. Explain how they propagate through relationships and any ambiguous paths.”
“Show me the minimal filter set (avoid redundant filters across many tables unless necessary).”
Object-level security (OLS-style metadata permissions)
This tool can also hide tables and columns for a role using metadata permissions:
- “read” (visible)
- “none” (hidden)
Typical uses:
- Hide PII columns from most roles.
- Hide staging/helper tables from business roles.
Prompt:
“For roleSalesTeam, hide Customers[Email] and Customers[Phone]. Confirm the columns exist first.”
Limitations to know:
- The tool focuses on table/column permissions (not every object type has a permission surface here).
- Hiding a column doesn’t change measure logic; measures referencing hidden columns can still compute (so treat OLS as “visibility control”, not a substitute for correct RLS in regulated scenarios).
Perspectives (usability, not security)
Perspectives are curated subsets of the model to make it easier to browse (especially in large models). They do not enforce access by themselves.
Use perspectives to:
- give Finance a clean, smaller view of the model,
- hide “engineering” objects from casual browsing (without relying on security).
Prompt:
“Create aFinance perspective including tables A/B/C and all measures in display folder Finance. Show me the member list before applying.”
Risk & governance notes (read this once)
Validation (recommended)
Always validate security changes with small queries:
“Test access across rolesSalesTeam vs Finance using an aggregate query (no raw rows). Summarize differences.”
Tips:
- For Desktop connections, role testing is typically done by evaluating queries under specific roles.
- For Service connections, some environments can also test an effective user identity (often a paid/advanced capability). If it’s not supported, fall back to role-based checks.
Locked-down environments (mode behavior)
| Mode | Availability |
|---|---|
| Full mode | AvailableAvailable |
| Read-only mode | Not availableNot available |
| Browse-only mode | Not availableNot available |
Notes: Authoring (writes); validate with aggregate queries; perspectives are usability, not security.
If edits are blocked, ask:
“Give me a security change plan and the exact validation queries to run after I apply it manually.”Recommended workflow (safe security changes)
Copy/paste prompt:
“Create roleSalesTeam. First list existing roles/patterns. Then propose filters and hidden columns. Wait for confirmation before applying. Finally validate with an aggregate query.”
Troubleshooting
Ask the assistant to test the role with a simple aggregate query and iterate on the filter expression. Also ask it to check relationship directions/ambiguities that affect filter propagation.
Ask: “Confirm the object permissions set for this role and whether the client/tooling respects them for the browsing experience we care about.”
You may be in browse-only mode. Ask the assistant to propose validation queries you can run outside MCP, or switch to a mode that allows query execution.