topic Re: Row-Level Security Not Working in Published Databricks AI/BI Dashboard in Warehousing & Analytics

Row-Level Security Not Working in Published Databricks AI/BI Dashboard

Akshay_Petkar — Tue, 04 Mar 2025 05:18:36 GMT

I have applied row-level security (RLS) on the department column in the table so that users can only see data related to their own department. The security policy works perfectly when I query the table in Databricks SQL.

Now, I have built a Databricks AI BI dashboard using this table and published it. However, when I provide access to users from a specific department, they are able to see all department data instead of just their own.

Interestingly, when I check the dashboard in draft mode, the RLS is applied correctly, and users only see their department’s data. But when the dashboard is published,it seems that the row-level security is not being enforced because users are able to see all departments in the dashboard. Has anyone faced a similar issue? Any insights or suggestions would be highly appreciated!

Re: Row-Level Security Not Working in Published Databricks AI/BI Dashboard

koji_kawamura — Wed, 05 Mar 2025 03:55:41 GMT

Hi @Akshay_Petkar , which credential mode did you use to publish the dashboard?

In order to make access control work based on the viewer's credential, "Don't embed credentials" mode should be used. If you published the dashboard with "Embed credentials", then all viewers will access underlying tables behind the dashboard using the embedded credential, which may have access privileges more than you expected.

Please check this documentation page for details. https://docs.databricks.com/aws/en/dashboards/#publish-a-dashboard

Re: Row-Level Security Not Working in Published Databricks AI/BI Dashboard

koji_kawamura — Wed, 05 Mar 2025 05:16:34 GMT

Forgot to attach a screenshot. You can select whether to embed a credential when you publish a dashboard like this.