The most efficient and direct method to control who can see a published report (workbook) on Tableau Server is by managing content permissions. The scenario states that user groups for "sales" and "marketing" already exist. By granting the 'View' permission for the report specifically to these two groups and denying it to others, the client achieves the goal. This server-side permissioning is the standard mechanism for controlling access to content itself, as opposed to filtering the data within the content. It is highly efficient because it leverages the existing group structure and requires a simple configuration on the server without altering the workbook.

B: Row-level security (RLS) controls which rows of data a user sees inside a report, not whether they can access the report itself. This is overly complex for the stated goal.

C: Applying user filters to each worksheet is inefficient and controls data visibility, not report access. Users outside the groups could still see the report, albeit with no data.

D: A user filter on the data source is for data-level security. It does not prevent users from other groups from discovering and opening the report on the server.

1. Tableau Help

"Permissions": This document outlines the fundamental concepts of content permissions in Tableau. It states

"Permissions are rules that you set on Tableau Server or Tableau Cloud to control which users or groups can access content... Permissions consist of capabilities—the ability to view

connect

web edit

and so on—allowed or denied for a user or group." This directly supports option A as the correct method for controlling access to the report.

Source: Salesforce

Tableau Help

"Permissions"

Section: "How permissions are evaluated".

2. Tableau Help

"Set Permissions on Individual Content Resources": This guide provides the specific steps for the action described in option A. It details how an administrator or content owner can select a workbook

edit its permissions

and assign capabilities (like 'View') to specific users or groups.

Source: Salesforce

Tableau Help

"Set Permissions on Individual Content Resources"

Section: "Edit permissions for a piece of content".

3. Tableau Help

"Restrict Access at the Data Row Level": This document explains the purpose of row-level security (RLS) and user filters

which are the mechanisms described in options B

C

and D. It clarifies that RLS is used "so that users can view only the data that they have permission to view." This confirms that RLS is for filtering data within a view

contrasting with content permissions that control access to the view.

Source: Salesforce

Tableau Help

"Restrict Access at the Data Row Level"

Introduction.