Setting up Column Level Security
To set up column-level security (CLS), perform the following steps.
From the Toolbox, click Semantic Models.
Select the semantic model name from the list and click the Process tab if needed.
From Properties, scroll down to Data Security and choose one of the following as an endpoint source:
Kyvos Internal
CustomRLS: Displayed only if the corresponding JAR files are uploaded through Custom Data Security Configurations on the Kyvos Manager.
Select an endpoint.
Click the Define Rule and Mapping link and select Groups or Users and select the groups or users you want to use or use Search to find them.
For Rules, click Allow All Columns, Allow All Rows, or click the Plus sign next to Rules to add a custom rule.
On the Add Rule dialog, provide Rule Name and Description.
From the Column Level area, select any of the following from Restrict and select the field on which you want to apply the restriction.
Data: Type of column level security in which only data of the column will be restricted. Any queries involving the restricted columns while browsing the semantic models are failed.
Data and Metadata: Type of column-level security in which both data and metadata (visibility) of the column will be restricted. If this option is selected, the restricted columns will not be visible while browsing the semantic model on any of the BI tools.
Note
Metadata-level security is not applicable to the default measure.
You can select multiple fields for column-level security, such as restrict data and restrict data with metadata, to apply the same level of restriction on multiple fields without creating multiple rows for each field.