5 Replies Latest reply on May 1, 2017 11:28 AM by mortenbodaugaard.jrgensen Branched to a new discussion.

    Tableau Row Level Security Reference

    Mark Wu

      Data security has been one of the top concerns for Tableau enterprise adoption. Tableau handles data security by permission and row level security. Permission controls what workbooks/views an user can see. Row level security controls what data sets this user can see. For example APAC users see APAC sales, EMEA users see EMEA sales only while both APAC and EMEA users have the same permission to the same workbook.

      There are many options to implement row level security:

      1. ISMEMBEROF as data source filter or workbook filter
      2. USERNAME() x-db join with user entitlement table outside main data source (v10 feature) - can be either data source filter or workbook filter
      3. USERNAME() data source blending with user entitlement table outside main data source  - can be either data source filter or workbook filter
      4. USERNAME() x-db filter with user entitlement table outside main data source (v10 feature)
      5. Query banding for TeraData DB that has both user entitlement and main data source
      6. Initial SQL for Vertica, Oracle, SQL Server, Sybase ASE, Redshift etc where DB has both user entitlement and main data source

       

      More details:

      • Blog  @ http://enterprisetableau.com/datasecurity/
      • Row level security March 24, 2017 webinar  PPT slides 
      • Zoom webinar recording @ here.
      • USERNAME() sample workbooks (v10.2) used in the PPT and Zoom webinar. Pls note that you need to have the attached User Entitlement.xlsx and Tableau superstore sample database to make those sample workbook work.
      • ISMEMBEROF sample workbooks (v10.2) used in the PPT and Zoom webinar. Pls note that you need to setup server groups listed in PPT slides #4 and assign some users to each of those groups in order to view any data when you open those sample workbooks. See, it is row level security....

       

      Feel free to share other alternative approach to implement row level security.