How can you implement row-level security on lakehouse data in Fabric?

Row-level security in Fabric lakehouse is implemented by attaching built-in security policies (predicate filters) to lakehouse tables. These policies run at query time and automatically filter the returned rows based on the caller’s identity, roles, and contextual information, so each user only sees data they’re authorized to view. The policy references identity signals from your identity provider (like Azure AD), such as the current user or their group memberships, and can depend on contextual data like project or department. Once you define the policy on a table or view, it consistently enforces access across SQL queries, notebooks, and dashboards without needing to modify individual queries. The other approaches don’t provide this row-level filtering: encrypting data with a single key controls access at the data level rather than filtering per user, column-level security handles only which columns are visible, and RLS is indeed supported in Fabric, so that option is not correct.