Managing cube-level security
You already learned how to define SSAS instance administrators and how to grant the necessary permission to cube developers. Now, it's time to secure the solution at the cube level so that each user is permitted to see only the data that they require to perform their job functions.
Each database could have multiple cubes. Cube-level data is also secured using roles, and (not surprisingly) cube-level security is defined on the Cubes tab.
How to do it...
Let's get started by performing the following steps:
Open the role that you created in the previous recipe, navigate to the Cubes tab, and note the Access, Local Cube/Drillthrough Access and Process settings.
Cube users could have three levels of access:
None: They cannot read any data from the cubeRead: They can read cube dataRead/Write: They can read cube data and write-back values only if write-back is enabled
The
DRILLTHROUGHpermission allows role members to execute drillthrough actions and theDRILLTHROUGHMDX...
