Up until now my SSAS tabular OLAP cube is used directly by a select group of people, others connect with through Power BI with a service account. This way I can manage what my large user group is able to see through the designs of the Power BI reports.
Now I would like to personalize the data shown by using dynamic row level security. For this to work I cannot use the service account to connect to the OLAP cube because it would be missing the right credentials for the dynamic row level security implementation. Thus I have to authorize my users directly to the tabular roles.
However, I don't want these users to be able to browse through the cube themselves. On a relational database I am able to tweak security so users can for example only execute stored procedures with RLS active, without access to the tables directly. In tabular I don't know of any way to accomplish this. Any suggestions?
