How to restrict authors from a subset of data

In our business case, we want to give the access of Analysis to our customers. So that they could create and publish their own dashboards. This part we have already figured out. The next part is to give the authors department-wise access.

Our parquet files are stored in a S3 location which is queried through the Athena tables. Quicksight will be connected with the athena table as data set. Say the table has three columns as following

| id. | department | Name

|. 1. | Sales. | A
|. 2. | Marketing. | B
| 3. | Developer. | C
| 4. | Sales. | D
| 5. | Sales. | E

Now we want any author from a department should only get the access to the same department on the Analysis page to create his/her dashboard. Say if Author A is opening the Analysis page he/she should get row 1,4 and 5.
Initially we thought that the row-level security security could be our answer. But from the documentation we found that row level security is more for the readers directly on the published dashboard. Can anyone please help how exactly we can incorporate same row level security kind of use case for our authors also?

Hi @KaushikR, Row Level Security (RLS) should help achieve what you are looking for. You will define the rules for QuickSight users using UserARN and apply this on top of your dataset that you source from Athena/S3. Since RLS is applied at dataset level any user (Author or Reader) accessing the data via analysis or dashboard will only be able to see what they are entitled to.
Please refer to our workshop link below that has detailed steps on how to implement RLS.

Also please point us to the documentation where you found row level security is more for the readers and applicable only on the published dashboard


Thanks @Karthik_Tharmarajan for sharing the workshop studio link. Now this is much clear to me. I was reading this documentation, where the most of the places it is mentioned as ‘reader’ which I thought that it is talking about the ‘reader access’. Looks like I misunderstood that.: Using row-level security (RLS) with user-based rules to restrict access to a dataset - Amazon QuickSight

Thanks again for your kind help.