Row-level security (RLS) — roles, filters & member assignments

List every RLS role in every model, the DAX filters behind them, and the people / groups assigned to each — across your whole tenant.

Feature facts

Available in

—Free✓Enterprise✓Automation

Where in the app

Row Level Security tab in Tenant Analysis (or any analysis mode), after a scan — see UI reference

Prerequisites

Desktop path — Measure Killer desktop app with a paid Enterprise license, or request a free trial
Automation path — an MK Automation subscription, run via the Notebook sample we provide on setup

Permissions required

Either: Fabric Administrator (or Power Platform Administrator) — RLS visibility across every model in the tenant
Or: Workspace Contributor — RLS limited to the models in workspaces you have access to (runs in Limited Tenant Analysis mode)

Limited tenant analysis

Supported

Free trial

Available (with restrictions)RLS view is fully visible during the trial. Exports (Excel, JSON) and automatic kill via XMLA are disabled until a paid licence is applied.

What you get

TODO: 2–3 sentences — every role, its DAX filter expression, the principals (users, security groups, service principals) mapped to it.

Run the analysis

TODO: step-by-step — run a scan, open the security view, filter by role / model / principal.

Common workflows

TODO: 2–3 workflows — e.g. “Audit who is in the ‘Finance’ role across every model”, “Find models without RLS that probably need it”, “Spot inconsistent role definitions across models”.

TODO: same caveat as access-and-permissions — Measure Killer sees the group, not the individuals. Link to /docs/how-tos/access-and-permissions.

What to do with the findings

TODO: exports, sharing with the access-review owner.

TODO: link to /docs/how-tos/access-and-permissions, /docs/how-tos/tenant-summary.

What you get

Run the analysis

Common workflows

A known blind spot — group membership

What to do with the findings

Related