workspace-architect 1.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.env.example +1 -0
- package/.gitattributes +1 -0
- package/.github/workflows/manual-publish.yml +36 -0
- package/.github/workflows/sync-and-publish.yml +58 -0
- package/.release-it.json +20 -0
- package/CHANGELOG.md +43 -0
- package/README.md +62 -0
- package/assets/chatmodes/4.1-Beast.chatmode.md +152 -0
- package/assets/chatmodes/Thinking-Beast-Mode.chatmode.md +337 -0
- package/assets/chatmodes/Ultimate-Transparent-Thinking-Beast-Mode.chatmode.md +644 -0
- package/assets/chatmodes/accessibility.chatmode.md +298 -0
- package/assets/chatmodes/address-comments.chatmode.md +59 -0
- package/assets/chatmodes/aem-frontend-specialist.chatmode.md +385 -0
- package/assets/chatmodes/api-architect.chatmode.md +40 -0
- package/assets/chatmodes/atlassian-requirements-to-jira.chatmode.md +444 -0
- package/assets/chatmodes/azure-logic-apps-expert.chatmode.md +100 -0
- package/assets/chatmodes/azure-principal-architect.chatmode.md +58 -0
- package/assets/chatmodes/azure-saas-architect.chatmode.md +118 -0
- package/assets/chatmodes/azure-verified-modules-bicep.chatmode.md +44 -0
- package/assets/chatmodes/azure-verified-modules-terraform.chatmode.md +58 -0
- package/assets/chatmodes/bicep-implement.chatmode.md +40 -0
- package/assets/chatmodes/bicep-plan.chatmode.md +112 -0
- package/assets/chatmodes/blueprint-mode-codex.chatmode.md +110 -0
- package/assets/chatmodes/blueprint-mode.chatmode.md +171 -0
- package/assets/chatmodes/clojure-interactive-programming.chatmode.md +174 -0
- package/assets/chatmodes/code-tour.chatmode.md +205 -0
- package/assets/chatmodes/critical-thinking.chatmode.md +23 -0
- package/assets/chatmodes/csharp-dotnet-janitor.chatmode.md +83 -0
- package/assets/chatmodes/csharp-mcp-expert.chatmode.md +69 -0
- package/assets/chatmodes/debug.chatmode.md +79 -0
- package/assets/chatmodes/declarative-agents-architect.chatmode.md +76 -0
- package/assets/chatmodes/demonstrate-understanding.chatmode.md +60 -0
- package/assets/chatmodes/dotnet-upgrade.chatmode.md +222 -0
- package/assets/chatmodes/drupal-expert.chatmode.md +687 -0
- package/assets/chatmodes/electron-angular-native.chatmode.md +285 -0
- package/assets/chatmodes/expert-cpp-software-engineer.chatmode.md +27 -0
- package/assets/chatmodes/expert-dotnet-software-engineer.chatmode.md +22 -0
- package/assets/chatmodes/expert-nextjs-developer.chatmode.md +477 -0
- package/assets/chatmodes/expert-react-frontend-engineer.chatmode.md +738 -0
- package/assets/chatmodes/gilfoyle.chatmode.md +66 -0
- package/assets/chatmodes/go-mcp-expert.chatmode.md +122 -0
- package/assets/chatmodes/gpt-5-beast-mode.chatmode.md +109 -0
- package/assets/chatmodes/hlbpa.chatmode.md +232 -0
- package/assets/chatmodes/implementation-plan.chatmode.md +159 -0
- package/assets/chatmodes/janitor.chatmode.md +89 -0
- package/assets/chatmodes/java-mcp-expert.chatmode.md +325 -0
- package/assets/chatmodes/kotlin-mcp-expert.chatmode.md +181 -0
- package/assets/chatmodes/kusto-assistant.chatmode.md +143 -0
- package/assets/chatmodes/laravel-expert-agent.chatmode.md +628 -0
- package/assets/chatmodes/mentor.chatmode.md +32 -0
- package/assets/chatmodes/meta-agentic-project-scaffold.chatmode.md +15 -0
- package/assets/chatmodes/microsoft-agent-framework-dotnet.chatmode.md +62 -0
- package/assets/chatmodes/microsoft-agent-framework-python.chatmode.md +62 -0
- package/assets/chatmodes/microsoft-study-mode.chatmode.md +32 -0
- package/assets/chatmodes/microsoft_learn_contributor.chatmode.md +388 -0
- package/assets/chatmodes/ms-sql-dba.chatmode.md +25 -0
- package/assets/chatmodes/php-mcp-expert.chatmode.md +498 -0
- package/assets/chatmodes/pimcore-expert.chatmode.md +869 -0
- package/assets/chatmodes/plan.chatmode.md +114 -0
- package/assets/chatmodes/planner.chatmode.md +14 -0
- package/assets/chatmodes/playwright-tester.chatmode.md +13 -0
- package/assets/chatmodes/postgresql-dba.chatmode.md +17 -0
- package/assets/chatmodes/power-bi-data-modeling-expert.chatmode.md +319 -0
- package/assets/chatmodes/power-bi-dax-expert.chatmode.md +334 -0
- package/assets/chatmodes/power-bi-performance-expert.chatmode.md +533 -0
- package/assets/chatmodes/power-bi-visualization-expert.chatmode.md +549 -0
- package/assets/chatmodes/power-platform-expert.chatmode.md +116 -0
- package/assets/chatmodes/power-platform-mcp-integration-expert.chatmode.md +149 -0
- package/assets/chatmodes/prd.chatmode.md +201 -0
- package/assets/chatmodes/principal-software-engineer.chatmode.md +41 -0
- package/assets/chatmodes/prompt-builder.chatmode.md +352 -0
- package/assets/chatmodes/prompt-engineer.chatmode.md +72 -0
- package/assets/chatmodes/python-mcp-expert.chatmode.md +99 -0
- package/assets/chatmodes/refine-issue.chatmode.md +34 -0
- package/assets/chatmodes/research-technical-spike.chatmode.md +169 -0
- package/assets/chatmodes/ruby-mcp-expert.chatmode.md +346 -0
- package/assets/chatmodes/rust-gpt-4.1-beast-mode.chatmode.md +197 -0
- package/assets/chatmodes/rust-mcp-expert.chatmode.md +465 -0
- package/assets/chatmodes/search-ai-optimization-expert.chatmode.md +227 -0
- package/assets/chatmodes/semantic-kernel-dotnet.chatmode.md +31 -0
- package/assets/chatmodes/semantic-kernel-python.chatmode.md +28 -0
- package/assets/chatmodes/shopify-expert.chatmode.md +681 -0
- package/assets/chatmodes/simple-app-idea-generator.chatmode.md +134 -0
- package/assets/chatmodes/software-engineer-agent-v1.chatmode.md +164 -0
- package/assets/chatmodes/specification.chatmode.md +127 -0
- package/assets/chatmodes/swift-mcp-expert.chatmode.md +240 -0
- package/assets/chatmodes/task-planner.chatmode.md +374 -0
- package/assets/chatmodes/task-researcher.chatmode.md +254 -0
- package/assets/chatmodes/tdd-green.chatmode.md +59 -0
- package/assets/chatmodes/tdd-red.chatmode.md +59 -0
- package/assets/chatmodes/tdd-refactor.chatmode.md +84 -0
- package/assets/chatmodes/tech-debt-remediation-plan.chatmode.md +49 -0
- package/assets/chatmodes/terraform-azure-implement.chatmode.md +104 -0
- package/assets/chatmodes/terraform-azure-planning.chatmode.md +157 -0
- package/assets/chatmodes/typescript-mcp-expert.chatmode.md +91 -0
- package/assets/chatmodes/voidbeast-gpt41enhanced.chatmode.md +230 -0
- package/assets/chatmodes/wg-code-alchemist.chatmode.md +61 -0
- package/assets/chatmodes/wg-code-sentinel.chatmode.md +55 -0
- package/assets/collections/ai-prompt-engineering.json +18 -0
- package/assets/collections/angular-development.json +7 -0
- package/assets/collections/azure-cloud-architect.json +29 -0
- package/assets/collections/cpp-development.json +6 -0
- package/assets/collections/database-administration.json +8 -0
- package/assets/collections/devops-sre.json +11 -0
- package/assets/collections/dotnet-development.json +22 -0
- package/assets/collections/general-productivity.json +9 -0
- package/assets/collections/go-development.json +7 -0
- package/assets/collections/java-spring-developer.json +26 -0
- package/assets/collections/learning-mentoring.json +10 -0
- package/assets/collections/legacy-migration.json +4 -0
- package/assets/collections/mcp-specialist.json +41 -0
- package/assets/collections/mobile-development.json +4 -0
- package/assets/collections/php-cms-development.json +11 -0
- package/assets/collections/power-platform-specialist.json +31 -0
- package/assets/collections/project-management.json +12 -0
- package/assets/collections/python-development.json +13 -0
- package/assets/collections/quality-assurance.json +13 -0
- package/assets/collections/ruby-development.json +9 -0
- package/assets/collections/rust-development.json +10 -0
- package/assets/collections/security-specialist.json +8 -0
- package/assets/collections/software-architect.json +25 -0
- package/assets/collections/technical-writing.json +9 -0
- package/assets/collections/web-frontend-development.json +14 -0
- package/assets/instructions/a11y.instructions.md +369 -0
- package/assets/instructions/ai-prompt-engineering-safety-best-practices.instructions.md +867 -0
- package/assets/instructions/angular.instructions.md +104 -0
- package/assets/instructions/ansible.instructions.md +88 -0
- package/assets/instructions/aspnet-rest-apis.instructions.md +110 -0
- package/assets/instructions/astro.instructions.md +182 -0
- package/assets/instructions/azure-devops-pipelines.instructions.md +185 -0
- package/assets/instructions/azure-functions-typescript.instructions.md +14 -0
- package/assets/instructions/azure-logic-apps-power-automate.instructions.md +1943 -0
- package/assets/instructions/azure-verified-modules-terraform.instructions.md +229 -0
- package/assets/instructions/bicep-code-best-practices.instructions.md +54 -0
- package/assets/instructions/blazor.instructions.md +77 -0
- package/assets/instructions/clojure.instructions.md +349 -0
- package/assets/instructions/cmake-vcpkg.instructions.md +10 -0
- package/assets/instructions/codexer.instructions.md +428 -0
- package/assets/instructions/coldfusion-cfc.instructions.md +30 -0
- package/assets/instructions/coldfusion-cfm.instructions.md +28 -0
- package/assets/instructions/collections.instructions.md +54 -0
- package/assets/instructions/containerization-docker-best-practices.instructions.md +681 -0
- package/assets/instructions/convert-jpa-to-spring-data-cosmos.instructions.md +949 -0
- package/assets/instructions/copilot-thought-logging.instructions.md +62 -0
- package/assets/instructions/csharp-ja.instructions.md +114 -0
- package/assets/instructions/csharp-ko.instructions.md +77 -0
- package/assets/instructions/csharp-mcp-server.instructions.md +95 -0
- package/assets/instructions/csharp.instructions.md +114 -0
- package/assets/instructions/dart-n-flutter.instructions.md +447 -0
- package/assets/instructions/declarative-agents-microsoft365.instructions.md +316 -0
- package/assets/instructions/devbox-image-definition.instructions.md +302 -0
- package/assets/instructions/devops-core-principles.instructions.md +167 -0
- package/assets/instructions/dotnet-architecture-good-practices.instructions.md +279 -0
- package/assets/instructions/dotnet-framework.instructions.md +113 -0
- package/assets/instructions/dotnet-maui-9-to-dotnet-maui-10-upgrade.instructions.md +1922 -0
- package/assets/instructions/dotnet-maui.instructions.md +69 -0
- package/assets/instructions/dotnet-upgrade.instructions.md +287 -0
- package/assets/instructions/dotnet-wpf.instructions.md +79 -0
- package/assets/instructions/genaiscript.instructions.md +21 -0
- package/assets/instructions/generate-modern-terraform-code-for-azure.instructions.md +82 -0
- package/assets/instructions/gilfoyle-code-review.instructions.md +114 -0
- package/assets/instructions/github-actions-ci-cd-best-practices.instructions.md +607 -0
- package/assets/instructions/go-mcp-server.instructions.md +346 -0
- package/assets/instructions/go.instructions.md +373 -0
- package/assets/instructions/instructions.instructions.md +256 -0
- package/assets/instructions/java-11-to-java-17-upgrade.instructions.md +793 -0
- package/assets/instructions/java-17-to-java-21-upgrade.instructions.md +464 -0
- package/assets/instructions/java-21-to-java-25-upgrade.instructions.md +311 -0
- package/assets/instructions/java-mcp-server.instructions.md +553 -0
- package/assets/instructions/java.instructions.md +81 -0
- package/assets/instructions/joyride-user-project.instructions.md +206 -0
- package/assets/instructions/joyride-workspace-automation.instructions.md +46 -0
- package/assets/instructions/kotlin-mcp-server.instructions.md +481 -0
- package/assets/instructions/kubernetes-deployment-best-practices.instructions.md +307 -0
- package/assets/instructions/langchain-python.instructions.md +229 -0
- package/assets/instructions/localization.instructions.md +39 -0
- package/assets/instructions/makefile.instructions.md +410 -0
- package/assets/instructions/markdown.instructions.md +52 -0
- package/assets/instructions/memory-bank.instructions.md +299 -0
- package/assets/instructions/mongo-dba.instructions.md +25 -0
- package/assets/instructions/ms-sql-dba.instructions.md +25 -0
- package/assets/instructions/nestjs.instructions.md +406 -0
- package/assets/instructions/nextjs-tailwind.instructions.md +72 -0
- package/assets/instructions/nextjs.instructions.md +143 -0
- package/assets/instructions/nodejs-javascript-vitest.instructions.md +30 -0
- package/assets/instructions/object-calisthenics.instructions.md +302 -0
- package/assets/instructions/oqtane.instructions.md +86 -0
- package/assets/instructions/performance-optimization.instructions.md +420 -0
- package/assets/instructions/php-mcp-server.instructions.md +809 -0
- package/assets/instructions/playwright-dotnet.instructions.md +101 -0
- package/assets/instructions/playwright-python.instructions.md +62 -0
- package/assets/instructions/playwright-typescript.instructions.md +86 -0
- package/assets/instructions/power-apps-canvas-yaml.instructions.md +827 -0
- package/assets/instructions/power-apps-code-apps.instructions.md +601 -0
- package/assets/instructions/power-bi-custom-visuals-development.instructions.md +810 -0
- package/assets/instructions/power-bi-data-modeling-best-practices.instructions.md +639 -0
- package/assets/instructions/power-bi-dax-best-practices.instructions.md +795 -0
- package/assets/instructions/power-bi-devops-alm-best-practices.instructions.md +623 -0
- package/assets/instructions/power-bi-report-design-best-practices.instructions.md +752 -0
- package/assets/instructions/power-bi-security-rls-best-practices.instructions.md +504 -0
- package/assets/instructions/power-platform-connector.instructions.md +430 -0
- package/assets/instructions/power-platform-mcp-development.instructions.md +88 -0
- package/assets/instructions/powershell-pester-5.instructions.md +197 -0
- package/assets/instructions/powershell.instructions.md +356 -0
- package/assets/instructions/prompt.instructions.md +73 -0
- package/assets/instructions/python-mcp-server.instructions.md +204 -0
- package/assets/instructions/python.instructions.md +56 -0
- package/assets/instructions/quarkus-mcp-server-sse.instructions.md +49 -0
- package/assets/instructions/quarkus.instructions.md +98 -0
- package/assets/instructions/r.instructions.md +116 -0
- package/assets/instructions/reactjs.instructions.md +162 -0
- package/assets/instructions/ruby-mcp-server.instructions.md +629 -0
- package/assets/instructions/ruby-on-rails.instructions.md +124 -0
- package/assets/instructions/rust-mcp-server.instructions.md +715 -0
- package/assets/instructions/rust.instructions.md +135 -0
- package/assets/instructions/security-and-owasp.instructions.md +51 -0
- package/assets/instructions/self-explanatory-code-commenting.instructions.md +162 -0
- package/assets/instructions/shell.instructions.md +132 -0
- package/assets/instructions/spec-driven-workflow-v1.instructions.md +323 -0
- package/assets/instructions/springboot.instructions.md +68 -0
- package/assets/instructions/sql-sp-generation.instructions.md +74 -0
- package/assets/instructions/svelte.instructions.md +161 -0
- package/assets/instructions/swift-mcp-server.instructions.md +498 -0
- package/assets/instructions/taming-copilot.instructions.md +40 -0
- package/assets/instructions/tanstack-start-shadcn-tailwind.instructions.md +212 -0
- package/assets/instructions/task-implementation.instructions.md +190 -0
- package/assets/instructions/tasksync.instructions.md +352 -0
- package/assets/instructions/terraform-azure.instructions.md +254 -0
- package/assets/instructions/terraform-sap-btp.instructions.md +195 -0
- package/assets/instructions/terraform.instructions.md +113 -0
- package/assets/instructions/typescript-5-es2022.instructions.md +114 -0
- package/assets/instructions/typescript-mcp-server.instructions.md +228 -0
- package/assets/instructions/update-code-from-shorthand.instructions.md +130 -0
- package/assets/instructions/vuejs3.instructions.md +153 -0
- package/assets/instructions/wordpress.instructions.md +186 -0
- package/assets/prompts/add-educational-comments.prompt.md +129 -0
- package/assets/prompts/ai-prompt-engineering-safety-review.prompt.md +230 -0
- package/assets/prompts/architecture-blueprint-generator.prompt.md +322 -0
- package/assets/prompts/aspnet-minimal-api-openapi.prompt.md +42 -0
- package/assets/prompts/az-cost-optimize.prompt.md +305 -0
- package/assets/prompts/azure-resource-health-diagnose.prompt.md +290 -0
- package/assets/prompts/boost-prompt.prompt.md +25 -0
- package/assets/prompts/breakdown-epic-arch.prompt.md +66 -0
- package/assets/prompts/breakdown-epic-pm.prompt.md +58 -0
- package/assets/prompts/breakdown-feature-implementation.prompt.md +128 -0
- package/assets/prompts/breakdown-feature-prd.prompt.md +61 -0
- package/assets/prompts/breakdown-plan.prompt.md +509 -0
- package/assets/prompts/breakdown-test.prompt.md +365 -0
- package/assets/prompts/code-exemplars-blueprint-generator.prompt.md +126 -0
- package/assets/prompts/comment-code-generate-a-tutorial.prompt.md +26 -0
- package/assets/prompts/containerize-aspnet-framework.prompt.md +455 -0
- package/assets/prompts/containerize-aspnetcore.prompt.md +393 -0
- package/assets/prompts/conventional-commit.prompt.md +73 -0
- package/assets/prompts/copilot-instructions-blueprint-generator.prompt.md +294 -0
- package/assets/prompts/cosmosdb-datamodeling.prompt.md +1045 -0
- package/assets/prompts/create-agentsmd.prompt.md +249 -0
- package/assets/prompts/create-architectural-decision-record.prompt.md +97 -0
- package/assets/prompts/create-github-action-workflow-specification.prompt.md +276 -0
- package/assets/prompts/create-github-issue-feature-from-specification.prompt.md +28 -0
- package/assets/prompts/create-github-issues-feature-from-implementation-plan.prompt.md +28 -0
- package/assets/prompts/create-github-issues-for-unmet-specification-requirements.prompt.md +35 -0
- package/assets/prompts/create-github-pull-request-from-specification.prompt.md +24 -0
- package/assets/prompts/create-implementation-plan.prompt.md +157 -0
- package/assets/prompts/create-llms.prompt.md +210 -0
- package/assets/prompts/create-oo-component-documentation.prompt.md +193 -0
- package/assets/prompts/create-readme.prompt.md +21 -0
- package/assets/prompts/create-specification.prompt.md +127 -0
- package/assets/prompts/create-spring-boot-java-project.prompt.md +163 -0
- package/assets/prompts/create-spring-boot-kotlin-project.prompt.md +147 -0
- package/assets/prompts/create-technical-spike.prompt.md +231 -0
- package/assets/prompts/csharp-async.prompt.md +50 -0
- package/assets/prompts/csharp-docs.prompt.md +63 -0
- package/assets/prompts/csharp-mcp-server-generator.prompt.md +59 -0
- package/assets/prompts/csharp-mstest.prompt.md +67 -0
- package/assets/prompts/csharp-nunit.prompt.md +72 -0
- package/assets/prompts/csharp-tunit.prompt.md +101 -0
- package/assets/prompts/csharp-xunit.prompt.md +69 -0
- package/assets/prompts/declarative-agents.prompt.md +93 -0
- package/assets/prompts/documentation-writer.prompt.md +46 -0
- package/assets/prompts/dotnet-best-practices.prompt.md +84 -0
- package/assets/prompts/dotnet-design-pattern-review.prompt.md +41 -0
- package/assets/prompts/dotnet-upgrade.prompt.md +116 -0
- package/assets/prompts/editorconfig.prompt.md +64 -0
- package/assets/prompts/ef-core.prompt.md +76 -0
- package/assets/prompts/finalize-agent-prompt.prompt.md +27 -0
- package/assets/prompts/first-ask.prompt.md +29 -0
- package/assets/prompts/folder-structure-blueprint-generator.prompt.md +405 -0
- package/assets/prompts/gen-specs-as-issues.prompt.md +165 -0
- package/assets/prompts/generate-custom-instructions-from-codebase.prompt.md +240 -0
- package/assets/prompts/git-flow-branch-creator.prompt.md +293 -0
- package/assets/prompts/github-copilot-starter.prompt.md +372 -0
- package/assets/prompts/go-mcp-server-generator.prompt.md +334 -0
- package/assets/prompts/java-docs.prompt.md +24 -0
- package/assets/prompts/java-junit.prompt.md +64 -0
- package/assets/prompts/java-mcp-server-generator.prompt.md +756 -0
- package/assets/prompts/java-refactoring-extract-method.prompt.md +105 -0
- package/assets/prompts/java-refactoring-remove-parameter.prompt.md +85 -0
- package/assets/prompts/java-springboot.prompt.md +66 -0
- package/assets/prompts/javascript-typescript-jest.prompt.md +44 -0
- package/assets/prompts/kotlin-mcp-server-generator.prompt.md +449 -0
- package/assets/prompts/kotlin-springboot.prompt.md +71 -0
- package/assets/prompts/mcp-copilot-studio-server-generator.prompt.md +118 -0
- package/assets/prompts/memory-merger.prompt.md +107 -0
- package/assets/prompts/mkdocs-translations.prompt.md +110 -0
- package/assets/prompts/model-recommendation.prompt.md +677 -0
- package/assets/prompts/multi-stage-dockerfile.prompt.md +47 -0
- package/assets/prompts/my-issues.prompt.md +9 -0
- package/assets/prompts/my-pull-requests.prompt.md +15 -0
- package/assets/prompts/next-intl-add-language.prompt.md +20 -0
- package/assets/prompts/php-mcp-server-generator.prompt.md +522 -0
- package/assets/prompts/playwright-automation-fill-in-form.prompt.md +30 -0
- package/assets/prompts/playwright-explore-website.prompt.md +19 -0
- package/assets/prompts/playwright-generate-test.prompt.md +19 -0
- package/assets/prompts/postgresql-code-review.prompt.md +214 -0
- package/assets/prompts/postgresql-optimization.prompt.md +406 -0
- package/assets/prompts/power-apps-code-app-scaffold.prompt.md +150 -0
- package/assets/prompts/power-bi-dax-optimization.prompt.md +175 -0
- package/assets/prompts/power-bi-model-design-review.prompt.md +405 -0
- package/assets/prompts/power-bi-performance-troubleshooting.prompt.md +384 -0
- package/assets/prompts/power-bi-report-design-consultation.prompt.md +353 -0
- package/assets/prompts/power-platform-mcp-connector-suite.prompt.md +156 -0
- package/assets/prompts/project-workflow-analysis-blueprint-generator.prompt.md +294 -0
- package/assets/prompts/prompt-builder.prompt.md +142 -0
- package/assets/prompts/pytest-coverage.prompt.md +28 -0
- package/assets/prompts/python-mcp-server-generator.prompt.md +105 -0
- package/assets/prompts/readme-blueprint-generator.prompt.md +79 -0
- package/assets/prompts/remember-interactive-programming.prompt.md +13 -0
- package/assets/prompts/remember.prompt.md +125 -0
- package/assets/prompts/repo-story-time.prompt.md +156 -0
- package/assets/prompts/review-and-refactor.prompt.md +15 -0
- package/assets/prompts/ruby-mcp-server-generator.prompt.md +660 -0
- package/assets/prompts/rust-mcp-server-generator.prompt.md +578 -0
- package/assets/prompts/shuffle-json-data.prompt.md +151 -0
- package/assets/prompts/sql-code-review.prompt.md +303 -0
- package/assets/prompts/sql-optimization.prompt.md +298 -0
- package/assets/prompts/suggest-awesome-github-copilot-agents.prompt.md +72 -0
- package/assets/prompts/suggest-awesome-github-copilot-chatmodes.prompt.md +71 -0
- package/assets/prompts/suggest-awesome-github-copilot-collections.prompt.md +149 -0
- package/assets/prompts/suggest-awesome-github-copilot-instructions.prompt.md +88 -0
- package/assets/prompts/suggest-awesome-github-copilot-prompts.prompt.md +71 -0
- package/assets/prompts/swift-mcp-server-generator.prompt.md +669 -0
- package/assets/prompts/technology-stack-blueprint-generator.prompt.md +242 -0
- package/assets/prompts/typescript-mcp-server-generator.prompt.md +90 -0
- package/assets/prompts/update-avm-modules-in-bicep.prompt.md +60 -0
- package/assets/prompts/update-implementation-plan.prompt.md +157 -0
- package/assets/prompts/update-llms.prompt.md +216 -0
- package/assets/prompts/update-markdown-file-index.prompt.md +76 -0
- package/assets/prompts/update-oo-component-documentation.prompt.md +162 -0
- package/assets/prompts/update-specification.prompt.md +127 -0
- package/assets/prompts/write-coding-standards-from-file.prompt.md +316 -0
- package/bin/cli.js +200 -0
- package/package.json +53 -0
- package/scripts/sync.js +99 -0
- package/verdaccio/config.yaml +202 -0
|
@@ -0,0 +1,504 @@
|
|
|
1
|
+
---
|
|
2
|
+
description: 'Comprehensive Power BI Row-Level Security (RLS) and advanced security patterns implementation guide with dynamic security, best practices, and governance strategies.'
|
|
3
|
+
applyTo: '**/*.{pbix,dax,md,txt,json,csharp,powershell}'
|
|
4
|
+
---
|
|
5
|
+
|
|
6
|
+
# Power BI Security and Row-Level Security Best Practices
|
|
7
|
+
|
|
8
|
+
## Overview
|
|
9
|
+
This document provides comprehensive instructions for implementing robust security patterns in Power BI, focusing on Row-Level Security (RLS), dynamic security, and governance best practices based on Microsoft's official guidance.
|
|
10
|
+
|
|
11
|
+
## Row-Level Security Fundamentals
|
|
12
|
+
|
|
13
|
+
### 1. Basic RLS Implementation
|
|
14
|
+
```dax
|
|
15
|
+
// Simple user-based filtering
|
|
16
|
+
[EmailAddress] = USERNAME()
|
|
17
|
+
|
|
18
|
+
// Role-based filtering with improved security
|
|
19
|
+
IF(
|
|
20
|
+
USERNAME() = "Worker",
|
|
21
|
+
[Type] = "Internal",
|
|
22
|
+
IF(
|
|
23
|
+
USERNAME() = "Manager",
|
|
24
|
+
TRUE(),
|
|
25
|
+
FALSE() // Deny access to unexpected users
|
|
26
|
+
)
|
|
27
|
+
)
|
|
28
|
+
```
|
|
29
|
+
|
|
30
|
+
### 2. Dynamic RLS with Custom Data
|
|
31
|
+
```dax
|
|
32
|
+
// Using CUSTOMDATA() for dynamic filtering
|
|
33
|
+
VAR UserRole = CUSTOMDATA()
|
|
34
|
+
RETURN
|
|
35
|
+
SWITCH(
|
|
36
|
+
UserRole,
|
|
37
|
+
"SalesPersonA", [SalesTerritory] = "West",
|
|
38
|
+
"SalesPersonB", [SalesTerritory] = "East",
|
|
39
|
+
"Manager", TRUE(),
|
|
40
|
+
FALSE() // Default deny
|
|
41
|
+
)
|
|
42
|
+
```
|
|
43
|
+
|
|
44
|
+
### 3. Advanced Security Patterns
|
|
45
|
+
```dax
|
|
46
|
+
// Hierarchical security with territory lookups
|
|
47
|
+
=DimSalesTerritory[SalesTerritoryKey]=LOOKUPVALUE(
|
|
48
|
+
DimUserSecurity[SalesTerritoryID],
|
|
49
|
+
DimUserSecurity[UserName], USERNAME(),
|
|
50
|
+
DimUserSecurity[SalesTerritoryID], DimSalesTerritory[SalesTerritoryKey]
|
|
51
|
+
)
|
|
52
|
+
|
|
53
|
+
// Multiple condition security
|
|
54
|
+
VAR UserTerritories =
|
|
55
|
+
FILTER(
|
|
56
|
+
UserSecurity,
|
|
57
|
+
UserSecurity[UserName] = USERNAME()
|
|
58
|
+
)
|
|
59
|
+
VAR AllowedTerritories = SELECTCOLUMNS(UserTerritories, "Territory", UserSecurity[Territory])
|
|
60
|
+
RETURN
|
|
61
|
+
[Territory] IN AllowedTerritories
|
|
62
|
+
```
|
|
63
|
+
|
|
64
|
+
## Embedded Analytics Security
|
|
65
|
+
|
|
66
|
+
### 1. Static RLS Implementation
|
|
67
|
+
```csharp
|
|
68
|
+
// Static RLS with fixed roles
|
|
69
|
+
var rlsidentity = new EffectiveIdentity(
|
|
70
|
+
username: "username@contoso.com",
|
|
71
|
+
roles: new List<string>{ "MyRole" },
|
|
72
|
+
datasets: new List<string>{ datasetId.ToString()}
|
|
73
|
+
);
|
|
74
|
+
```
|
|
75
|
+
|
|
76
|
+
### 2. Dynamic RLS with Custom Data
|
|
77
|
+
```csharp
|
|
78
|
+
// Dynamic RLS with custom data
|
|
79
|
+
var rlsidentity = new EffectiveIdentity(
|
|
80
|
+
username: "username@contoso.com",
|
|
81
|
+
roles: new List<string>{ "MyRoleWithCustomData" },
|
|
82
|
+
customData: "SalesPersonA",
|
|
83
|
+
datasets: new List<string>{ datasetId.ToString()}
|
|
84
|
+
);
|
|
85
|
+
```
|
|
86
|
+
|
|
87
|
+
### 3. Multi-Dataset Security
|
|
88
|
+
```json
|
|
89
|
+
{
|
|
90
|
+
"accessLevel": "View",
|
|
91
|
+
"identities": [
|
|
92
|
+
{
|
|
93
|
+
"username": "France",
|
|
94
|
+
"roles": [ "CountryDynamic"],
|
|
95
|
+
"datasets": [ "fe0a1aeb-f6a4-4b27-a2d3-b5df3bb28bdc" ]
|
|
96
|
+
}
|
|
97
|
+
]
|
|
98
|
+
}
|
|
99
|
+
```
|
|
100
|
+
|
|
101
|
+
## Database-Level Security Integration
|
|
102
|
+
|
|
103
|
+
### 1. SQL Server RLS Integration
|
|
104
|
+
```sql
|
|
105
|
+
-- Creating security schema and predicate function
|
|
106
|
+
CREATE SCHEMA Security;
|
|
107
|
+
GO
|
|
108
|
+
|
|
109
|
+
CREATE FUNCTION Security.tvf_securitypredicate(@SalesRep AS nvarchar(50))
|
|
110
|
+
RETURNS TABLE
|
|
111
|
+
WITH SCHEMABINDING
|
|
112
|
+
AS
|
|
113
|
+
RETURN SELECT 1 AS tvf_securitypredicate_result
|
|
114
|
+
WHERE @SalesRep = USER_NAME() OR USER_NAME() = 'Manager';
|
|
115
|
+
GO
|
|
116
|
+
|
|
117
|
+
-- Applying security policy
|
|
118
|
+
CREATE SECURITY POLICY SalesFilter
|
|
119
|
+
ADD FILTER PREDICATE Security.tvf_securitypredicate(SalesRep)
|
|
120
|
+
ON sales.Orders
|
|
121
|
+
WITH (STATE = ON);
|
|
122
|
+
GO
|
|
123
|
+
```
|
|
124
|
+
|
|
125
|
+
### 2. Fabric Warehouse Security
|
|
126
|
+
```sql
|
|
127
|
+
-- Creating schema for Security
|
|
128
|
+
CREATE SCHEMA Security;
|
|
129
|
+
GO
|
|
130
|
+
|
|
131
|
+
-- Creating a function for the SalesRep evaluation
|
|
132
|
+
CREATE FUNCTION Security.tvf_securitypredicate(@UserName AS varchar(50))
|
|
133
|
+
RETURNS TABLE
|
|
134
|
+
WITH SCHEMABINDING
|
|
135
|
+
AS
|
|
136
|
+
RETURN SELECT 1 AS tvf_securitypredicate_result
|
|
137
|
+
WHERE @UserName = USER_NAME()
|
|
138
|
+
OR USER_NAME() = 'BatchProcess@contoso.com';
|
|
139
|
+
GO
|
|
140
|
+
|
|
141
|
+
-- Using the function to create a Security Policy
|
|
142
|
+
CREATE SECURITY POLICY YourSecurityPolicy
|
|
143
|
+
ADD FILTER PREDICATE Security.tvf_securitypredicate(UserName_column)
|
|
144
|
+
ON sampleschema.sampletable
|
|
145
|
+
WITH (STATE = ON);
|
|
146
|
+
GO
|
|
147
|
+
```
|
|
148
|
+
|
|
149
|
+
## Advanced Security Patterns
|
|
150
|
+
|
|
151
|
+
### 1. Paginated Reports Security
|
|
152
|
+
```json
|
|
153
|
+
{
|
|
154
|
+
"format": "PDF",
|
|
155
|
+
"paginatedReportConfiguration":{
|
|
156
|
+
"identities": [
|
|
157
|
+
{"username": "john@contoso.com"}
|
|
158
|
+
]
|
|
159
|
+
}
|
|
160
|
+
}
|
|
161
|
+
```
|
|
162
|
+
|
|
163
|
+
### 2. Power Pages Integration
|
|
164
|
+
```html
|
|
165
|
+
{% powerbi authentication_type:"powerbiembedded" path:"https://app.powerbi.com/groups/00000000-0000-0000-0000-000000000000/reports/00000000-0000-0000-0000-000000000001/ReportSection" roles:"pagesuser" %}
|
|
166
|
+
```
|
|
167
|
+
|
|
168
|
+
### 3. Multi-Tenant Security
|
|
169
|
+
```json
|
|
170
|
+
{
|
|
171
|
+
"datasets": [
|
|
172
|
+
{
|
|
173
|
+
"id": "fff1a505-xxxx-xxxx-xxxx-e69f81e5b974",
|
|
174
|
+
}
|
|
175
|
+
],
|
|
176
|
+
"reports": [
|
|
177
|
+
{
|
|
178
|
+
"allowEdit": false,
|
|
179
|
+
"id": "10ce71df-xxxx-xxxx-xxxx-814a916b700d"
|
|
180
|
+
}
|
|
181
|
+
],
|
|
182
|
+
"identities": [
|
|
183
|
+
{
|
|
184
|
+
"username": "YourUsername",
|
|
185
|
+
"datasets": [
|
|
186
|
+
"fff1a505-xxxx-xxxx-xxxx-e69f81e5b974"
|
|
187
|
+
],
|
|
188
|
+
"roles": [
|
|
189
|
+
"YourRole"
|
|
190
|
+
]
|
|
191
|
+
}
|
|
192
|
+
],
|
|
193
|
+
"datasourceIdentities": [
|
|
194
|
+
{
|
|
195
|
+
"identityBlob": "eyJ…",
|
|
196
|
+
"datasources": [
|
|
197
|
+
{
|
|
198
|
+
"datasourceType": "Sql",
|
|
199
|
+
"connectionDetails": {
|
|
200
|
+
"server": "YourServerName.database.windows.net",
|
|
201
|
+
"database": "YourDataBaseName"
|
|
202
|
+
}
|
|
203
|
+
}
|
|
204
|
+
]
|
|
205
|
+
}
|
|
206
|
+
]
|
|
207
|
+
}
|
|
208
|
+
```
|
|
209
|
+
|
|
210
|
+
## Security Design Patterns
|
|
211
|
+
|
|
212
|
+
### 1. Partial RLS Implementation
|
|
213
|
+
```dax
|
|
214
|
+
// Create summary table for partial RLS
|
|
215
|
+
SalesRevenueSummary =
|
|
216
|
+
SUMMARIZECOLUMNS(
|
|
217
|
+
Sales[OrderDate],
|
|
218
|
+
"RevenueAllRegion", SUM(Sales[Revenue])
|
|
219
|
+
)
|
|
220
|
+
|
|
221
|
+
// Apply RLS only to detail level
|
|
222
|
+
Salesperson Filter = [EmailAddress] = USERNAME()
|
|
223
|
+
```
|
|
224
|
+
|
|
225
|
+
### 2. Hierarchical Security
|
|
226
|
+
```dax
|
|
227
|
+
// Manager can see all, others see their own
|
|
228
|
+
VAR CurrentUser = USERNAME()
|
|
229
|
+
VAR UserRole = LOOKUPVALUE(
|
|
230
|
+
UserRoles[Role],
|
|
231
|
+
UserRoles[Email], CurrentUser
|
|
232
|
+
)
|
|
233
|
+
RETURN
|
|
234
|
+
SWITCH(
|
|
235
|
+
UserRole,
|
|
236
|
+
"Manager", TRUE(),
|
|
237
|
+
"Salesperson", [SalespersonEmail] = CurrentUser,
|
|
238
|
+
"Regional Manager", [Region] IN (
|
|
239
|
+
SELECTCOLUMNS(
|
|
240
|
+
FILTER(UserRegions, UserRegions[Email] = CurrentUser),
|
|
241
|
+
"Region", UserRegions[Region]
|
|
242
|
+
)
|
|
243
|
+
),
|
|
244
|
+
FALSE()
|
|
245
|
+
)
|
|
246
|
+
```
|
|
247
|
+
|
|
248
|
+
### 3. Time-Based Security
|
|
249
|
+
```dax
|
|
250
|
+
// Restrict access to recent data based on role
|
|
251
|
+
VAR UserRole = LOOKUPVALUE(UserRoles[Role], UserRoles[Email], USERNAME())
|
|
252
|
+
VAR CutoffDate =
|
|
253
|
+
SWITCH(
|
|
254
|
+
UserRole,
|
|
255
|
+
"Executive", DATE(1900,1,1), // All historical data
|
|
256
|
+
"Manager", TODAY() - 365, // Last year
|
|
257
|
+
"Analyst", TODAY() - 90, // Last 90 days
|
|
258
|
+
TODAY() // Current day only
|
|
259
|
+
)
|
|
260
|
+
RETURN
|
|
261
|
+
[Date] >= CutoffDate
|
|
262
|
+
```
|
|
263
|
+
|
|
264
|
+
## Security Validation and Testing
|
|
265
|
+
|
|
266
|
+
### 1. Role Validation Patterns
|
|
267
|
+
```dax
|
|
268
|
+
// Security testing measure
|
|
269
|
+
Security Test =
|
|
270
|
+
VAR CurrentUsername = USERNAME()
|
|
271
|
+
VAR ExpectedRole = "TestRole"
|
|
272
|
+
VAR TestResult =
|
|
273
|
+
IF(
|
|
274
|
+
HASONEVALUE(SecurityRoles[Role]) &&
|
|
275
|
+
VALUES(SecurityRoles[Role]) = ExpectedRole,
|
|
276
|
+
"PASS: Role applied correctly",
|
|
277
|
+
"FAIL: Incorrect role or multiple roles"
|
|
278
|
+
)
|
|
279
|
+
RETURN
|
|
280
|
+
"User: " & CurrentUsername & " | " & TestResult
|
|
281
|
+
```
|
|
282
|
+
|
|
283
|
+
### 2. Data Exposure Audit
|
|
284
|
+
```dax
|
|
285
|
+
// Audit measure to track data access
|
|
286
|
+
Data Access Audit =
|
|
287
|
+
VAR AccessibleRows = COUNTROWS(FactTable)
|
|
288
|
+
VAR TotalRows = CALCULATE(COUNTROWS(FactTable), ALL(FactTable))
|
|
289
|
+
VAR AccessPercentage = DIVIDE(AccessibleRows, TotalRows) * 100
|
|
290
|
+
RETURN
|
|
291
|
+
"User: " & USERNAME() &
|
|
292
|
+
" | Accessible: " & FORMAT(AccessibleRows, "#,0") &
|
|
293
|
+
" | Total: " & FORMAT(TotalRows, "#,0") &
|
|
294
|
+
" | Access: " & FORMAT(AccessPercentage, "0.00") & "%"
|
|
295
|
+
```
|
|
296
|
+
|
|
297
|
+
## Governance and Administration
|
|
298
|
+
|
|
299
|
+
### 1. Automated Security Group Management
|
|
300
|
+
```powershell
|
|
301
|
+
# Add security group to Power BI workspace
|
|
302
|
+
# Sign in to Power BI
|
|
303
|
+
Login-PowerBI
|
|
304
|
+
|
|
305
|
+
# Set up the security group object ID
|
|
306
|
+
$SGObjectID = "<security-group-object-ID>"
|
|
307
|
+
|
|
308
|
+
# Get the workspace
|
|
309
|
+
$pbiWorkspace = Get-PowerBIWorkspace -Filter "name eq '<workspace-name>'"
|
|
310
|
+
|
|
311
|
+
# Add the security group to the workspace
|
|
312
|
+
Add-PowerBIWorkspaceUser -Id $($pbiWorkspace.Id) -AccessRight Member -PrincipalType Group -Identifier $($SGObjectID)
|
|
313
|
+
```
|
|
314
|
+
|
|
315
|
+
### 2. Security Monitoring
|
|
316
|
+
```powershell
|
|
317
|
+
# Monitor Power BI access patterns
|
|
318
|
+
$workspaces = Get-PowerBIWorkspace
|
|
319
|
+
foreach ($workspace in $workspaces) {
|
|
320
|
+
$users = Get-PowerBIWorkspaceUser -Id $workspace.Id
|
|
321
|
+
Write-Host "Workspace: $($workspace.Name)"
|
|
322
|
+
foreach ($user in $users) {
|
|
323
|
+
Write-Host " User: $($user.UserPrincipalName) - Access: $($user.AccessRight)"
|
|
324
|
+
}
|
|
325
|
+
}
|
|
326
|
+
```
|
|
327
|
+
|
|
328
|
+
### 3. Compliance Reporting
|
|
329
|
+
```dax
|
|
330
|
+
// Compliance dashboard measures
|
|
331
|
+
Users with Data Access =
|
|
332
|
+
CALCULATE(
|
|
333
|
+
DISTINCTCOUNT(AuditLog[Username]),
|
|
334
|
+
AuditLog[AccessType] = "DataAccess",
|
|
335
|
+
AuditLog[Date] >= TODAY() - 30
|
|
336
|
+
)
|
|
337
|
+
|
|
338
|
+
High Privilege Users =
|
|
339
|
+
CALCULATE(
|
|
340
|
+
DISTINCTCOUNT(UserRoles[Email]),
|
|
341
|
+
UserRoles[Role] IN {"Admin", "Manager", "Executive"}
|
|
342
|
+
)
|
|
343
|
+
|
|
344
|
+
Security Violations =
|
|
345
|
+
CALCULATE(
|
|
346
|
+
COUNTROWS(AuditLog),
|
|
347
|
+
AuditLog[EventType] = "SecurityViolation",
|
|
348
|
+
AuditLog[Date] >= TODAY() - 7
|
|
349
|
+
)
|
|
350
|
+
```
|
|
351
|
+
|
|
352
|
+
## Best Practices and Anti-Patterns
|
|
353
|
+
|
|
354
|
+
### ✅ Security Best Practices
|
|
355
|
+
|
|
356
|
+
#### 1. Principle of Least Privilege
|
|
357
|
+
```dax
|
|
358
|
+
// Always default to restrictive access
|
|
359
|
+
Default Security =
|
|
360
|
+
VAR UserPermissions =
|
|
361
|
+
FILTER(
|
|
362
|
+
UserAccess,
|
|
363
|
+
UserAccess[Email] = USERNAME()
|
|
364
|
+
)
|
|
365
|
+
RETURN
|
|
366
|
+
IF(
|
|
367
|
+
COUNTROWS(UserPermissions) > 0,
|
|
368
|
+
[Territory] IN SELECTCOLUMNS(UserPermissions, "Territory", UserAccess[Territory]),
|
|
369
|
+
FALSE() // No access if not explicitly granted
|
|
370
|
+
)
|
|
371
|
+
```
|
|
372
|
+
|
|
373
|
+
#### 2. Explicit Role Validation
|
|
374
|
+
```dax
|
|
375
|
+
// Validate expected roles explicitly
|
|
376
|
+
Role-Based Filter =
|
|
377
|
+
VAR UserRole = LOOKUPVALUE(UserRoles[Role], UserRoles[Email], USERNAME())
|
|
378
|
+
VAR AllowedRoles = {"Analyst", "Manager", "Executive"}
|
|
379
|
+
RETURN
|
|
380
|
+
IF(
|
|
381
|
+
UserRole IN AllowedRoles,
|
|
382
|
+
SWITCH(
|
|
383
|
+
UserRole,
|
|
384
|
+
"Analyst", [Department] = LOOKUPVALUE(UserDepartments[Department], UserDepartments[Email], USERNAME()),
|
|
385
|
+
"Manager", [Region] = LOOKUPVALUE(UserRegions[Region], UserRegions[Email], USERNAME()),
|
|
386
|
+
"Executive", TRUE()
|
|
387
|
+
),
|
|
388
|
+
FALSE() // Deny access for unexpected roles
|
|
389
|
+
)
|
|
390
|
+
```
|
|
391
|
+
|
|
392
|
+
### ❌ Security Anti-Patterns to Avoid
|
|
393
|
+
|
|
394
|
+
#### 1. Overly Permissive Defaults
|
|
395
|
+
```dax
|
|
396
|
+
// ❌ AVOID: This grants full access to unexpected users
|
|
397
|
+
Bad Security Filter =
|
|
398
|
+
IF(
|
|
399
|
+
USERNAME() = "SpecificUser",
|
|
400
|
+
[Type] = "Internal",
|
|
401
|
+
TRUE() // Dangerous default
|
|
402
|
+
)
|
|
403
|
+
```
|
|
404
|
+
|
|
405
|
+
#### 2. Complex Security Logic
|
|
406
|
+
```dax
|
|
407
|
+
// ❌ AVOID: Overly complex security that's hard to audit
|
|
408
|
+
Overly Complex Security =
|
|
409
|
+
IF(
|
|
410
|
+
OR(
|
|
411
|
+
AND(USERNAME() = "User1", WEEKDAY(TODAY()) <= 5),
|
|
412
|
+
AND(USERNAME() = "User2", HOUR(NOW()) >= 9, HOUR(NOW()) <= 17),
|
|
413
|
+
AND(CONTAINS(VALUES(SpecialUsers[Email]), SpecialUsers[Email], USERNAME()), [Priority] = "High")
|
|
414
|
+
),
|
|
415
|
+
[Type] IN {"Internal", "Confidential"},
|
|
416
|
+
[Type] = "Public"
|
|
417
|
+
)
|
|
418
|
+
```
|
|
419
|
+
|
|
420
|
+
## Security Integration Patterns
|
|
421
|
+
|
|
422
|
+
### 1. Azure AD Integration
|
|
423
|
+
```csharp
|
|
424
|
+
// Generate token with Azure AD user context
|
|
425
|
+
var tokenRequest = new GenerateTokenRequestV2(
|
|
426
|
+
reports: new List<GenerateTokenRequestV2Report>() { new GenerateTokenRequestV2Report(reportId) },
|
|
427
|
+
datasets: datasetIds.Select(datasetId => new GenerateTokenRequestV2Dataset(datasetId.ToString())).ToList(),
|
|
428
|
+
targetWorkspaces: targetWorkspaceId != Guid.Empty ? new List<GenerateTokenRequestV2TargetWorkspace>() { new GenerateTokenRequestV2TargetWorkspace(targetWorkspaceId) } : null,
|
|
429
|
+
identities: new List<EffectiveIdentity> { rlsIdentity }
|
|
430
|
+
);
|
|
431
|
+
|
|
432
|
+
var embedToken = pbiClient.EmbedToken.GenerateToken(tokenRequest);
|
|
433
|
+
```
|
|
434
|
+
|
|
435
|
+
### 2. Service Principal Authentication
|
|
436
|
+
```csharp
|
|
437
|
+
// Service principal with RLS for embedded scenarios
|
|
438
|
+
public EmbedToken GetEmbedToken(Guid reportId, IList<Guid> datasetIds, [Optional] Guid targetWorkspaceId)
|
|
439
|
+
{
|
|
440
|
+
PowerBIClient pbiClient = this.GetPowerBIClient();
|
|
441
|
+
|
|
442
|
+
var rlsidentity = new EffectiveIdentity(
|
|
443
|
+
username: "username@contoso.com",
|
|
444
|
+
roles: new List<string>{ "MyRole" },
|
|
445
|
+
datasets: new List<string>{ datasetId.ToString()}
|
|
446
|
+
);
|
|
447
|
+
|
|
448
|
+
var tokenRequest = new GenerateTokenRequestV2(
|
|
449
|
+
reports: new List<GenerateTokenRequestV2Report>() { new GenerateTokenRequestV2Report(reportId) },
|
|
450
|
+
datasets: datasetIds.Select(datasetId => new GenerateTokenRequestV2Dataset(datasetId.ToString())).ToList(),
|
|
451
|
+
targetWorkspaces: targetWorkspaceId != Guid.Empty ? new List<GenerateTokenRequestV2TargetWorkspace>() { new GenerateTokenRequestV2TargetWorkspace(targetWorkspaceId) } : null,
|
|
452
|
+
identities: new List<EffectiveIdentity> { rlsIdentity }
|
|
453
|
+
);
|
|
454
|
+
|
|
455
|
+
var embedToken = pbiClient.EmbedToken.GenerateToken(tokenRequest);
|
|
456
|
+
|
|
457
|
+
return embedToken;
|
|
458
|
+
}
|
|
459
|
+
```
|
|
460
|
+
|
|
461
|
+
## Security Monitoring and Auditing
|
|
462
|
+
|
|
463
|
+
### 1. Access Pattern Analysis
|
|
464
|
+
```dax
|
|
465
|
+
// Identify unusual access patterns
|
|
466
|
+
Unusual Access Pattern =
|
|
467
|
+
VAR UserAccessCount =
|
|
468
|
+
CALCULATE(
|
|
469
|
+
COUNTROWS(AccessLog),
|
|
470
|
+
AccessLog[Date] >= TODAY() - 7
|
|
471
|
+
)
|
|
472
|
+
VAR AvgUserAccess =
|
|
473
|
+
CALCULATE(
|
|
474
|
+
AVERAGE(AccessLog[AccessCount]),
|
|
475
|
+
ALL(AccessLog[Username]),
|
|
476
|
+
AccessLog[Date] >= TODAY() - 30
|
|
477
|
+
)
|
|
478
|
+
RETURN
|
|
479
|
+
IF(
|
|
480
|
+
UserAccessCount > AvgUserAccess * 3,
|
|
481
|
+
"⚠️ High Activity",
|
|
482
|
+
"Normal"
|
|
483
|
+
)
|
|
484
|
+
```
|
|
485
|
+
|
|
486
|
+
### 2. Data Breach Detection
|
|
487
|
+
```dax
|
|
488
|
+
// Detect potential data exposure
|
|
489
|
+
Potential Data Exposure =
|
|
490
|
+
VAR UnexpectedAccess =
|
|
491
|
+
CALCULATE(
|
|
492
|
+
COUNTROWS(AccessLog),
|
|
493
|
+
AccessLog[AccessResult] = "Denied",
|
|
494
|
+
AccessLog[Date] >= TODAY() - 1
|
|
495
|
+
)
|
|
496
|
+
RETURN
|
|
497
|
+
IF(
|
|
498
|
+
UnexpectedAccess > 10,
|
|
499
|
+
"🚨 Multiple Access Denials - Review Required",
|
|
500
|
+
"Normal"
|
|
501
|
+
)
|
|
502
|
+
```
|
|
503
|
+
|
|
504
|
+
Remember: Security is layered - implement defense in depth with proper authentication, authorization, data encryption, network security, and comprehensive auditing. Regularly review and test security implementations to ensure they meet current requirements and compliance standards.
|