Thursday, March 25, 2021

High Level - Power BI Deployment

 o   User can publish content from your Power BI desktop into Power BI workspaces, which is a collection
      of dashboards, reports, workbooks, datasets, and dataflows.

o   Admin can then add security groups, distribution lists, or individuals to the workspaces

o   Admin can assign users to their roles and privileges as below:

§  viewer,

§  contributor 

§  member

§  admin  


Power BI - Row Level Security(RLS) Model

⦁ With Row-level security (RLS), We get the ability to publish a single report to multiple users but expose the data differently to each person. So instead of creating multiple copies of the same report in order to limit the data, you can just create one report that will only show the data the logged in user is allowed to see.                                                 

⦁ This is done with filters, which restrict data access at the row level, and you define filters within roles. 

    i. For example, creating a role called “USA Users” that filters the data in a table where the Region =              “United States”. 

    ii. You then add members (user, security group, or distribution list) who can only see data for the United     States to the “USA Users”.

    iii. User will be able to see data for United States only.    

                                                                Fig. shows Row Level Security(RLS)

Tuesday, March 23, 2021

Power BI Security Model

Web Front End - Power BI uses Azure Active Directory (AAD) to authenticate users who sign in to the Power BI service.

Back End authentication will be used to authenticate access to data source from where report will pull the data.























When user access to app.powerbi.com, it will redirect to Azure Traffic Manager 

Azure Traffic Manager (ATM) finds the nearest datacenter for the user

This will redirect user to a Web Front End(WFE)  server which is running ASP.NET in the nearest
    data center.

The Web Front then call the Microsoft login page and prompt for the login

This will redirect the login to Azure Active Directory and WFE will be able to identify the user.

Next Web Front End (WFE) will look into Azure table storage to find where is User’s Tenant
   located

This information will be passed to browser and browser will start to load common content e.g.
   CSS, Java script, Images etc from Azure Content Delivery Network(ACDN) which are generic
   items used by everyone

Now User will redirect to Backed Service, this is where reports/Dashboard will rendered using the
  data.

High Level Architecture - Power BI

Data Source : Power BI supports vast range of data sources. For Web Application, Data source  can be be SQL Server, Oracle, file data sources e.g flat file, Excel & CSV etc.

Power BI Desktop : Power BI Desktop is a client-side report development and authoring tool. All the Dashboards will be created & published by using Power BI Desktop. Application.




Power BI Service : The Microsoft Power BI service (app.powerbi.com), sometimes referred to as Power BI online, is the SaaS (Software as a Service) part of Power BI built on Azure Cloud platform. It is business analytics and data visualization service that enables anyone to visualize and analyze data with greater speed, efficiency, and understanding.

Power BI Report Server : The Power BI Report Server is similar to the Power BI Service. The only difference between these two is that Power BI Report Server is an on-premise platform. It is used by organizations who do not want to publish their reports on the cloud and are concerned about the security of their data. Power BI Report Server enables you to create dashboards and share your reports with other users following proper security protocols. To use this service, you need to have a Power BI Premium license

Power BI Gateway : Power BI gateway is act as an interface between On premise & Cloud environment. It is used to connect and access on-premise data via secured channel. Power BI Gateways are generally used in organizations where data is kept in security and watch. Gateways help to extract out such data through secure channels to Power BI platforms for analysis and reporting.