Row Level Security (RLS) can be based on foreign key relationship. This allows you to keep the
data model unchanged.

Why you should not use SQL logins, but integrated security instead:
Passwords of SQL logins can be "recovered" - a guide on how to do it with VM in Azure.

What is the performance impact?
It is not different to the RLS solution with views joining on table valued function(s).
But the use of is_member can cause trouble. I will present a solution that caches AD-role membership information.
This includes a tiny PowerShell script and some advanced settings in job.

I will show you how to take care of implicit knowledge. Knowledge which could be extracted.
In addition, i will demonstrate how to write tests to check that TVF's are working correctly.
(no tags)
The video is not available to view online.