Power BI AI Lockdown Modes
Let teams use AI for Power BI
without giving AI unrestricted model access
SemanticOps lockdown modes define what assistants and users can inspect, query, modify, or block across Power BI semantic models by environment, team, and risk level.
The problem
AI access is not binary
AI tools typically operate with the permissions of the user running them. In enterprise environments, that is too broad.
A developer may have edit rights. An AI assistant may have tool access. A production semantic model may have no contextual safeguards. Different environments, teams, and models need different permission levels — and those levels should be centrally enforceable, not left to each user to configure.
Available modes
Seven lockdown modes for different risk levels
Match the mode to the environment — local development, shared staging, or a locked production model.
Full access
Local development and experimentation
All model operations available. Intended for isolated developer environments where speed matters more than restriction.
Guarded access
Shared development with policy checks
Full operations with confirmation prompts and policy enforcement. Prevents unsafe changes while preserving developer velocity.
Read-only
AI can inspect and explain, but not modify
AI assistants can browse the model, read metadata, and run non-data queries. All write operations are blocked.
Browse-only
AI can navigate metadata with minimal exposure
The most restricted mode for AI use. Limited to metadata navigation with no query or modification access.
Test-only
AI can run validation but cannot modify
Allows the AI to execute test suites and read results without the ability to change model metadata.
Production lockdown
Writes, deletes, and sensitive operations blocked
Designed for production environments. All destructive and data-exposing operations are blocked regardless of user permissions.
Enterprise enforced
Admin policy cannot be bypassed locally
Policy bundle is loaded from a central path. Individual users cannot override the mode or relax the rules.
Controls
What can be restricted
Lockdown modes control access at the operation level — not just read/write. Teams can restrict data-returning queries without blocking metadata reads, or allow test execution while preventing model changes.
Model browsing
DAX execution
Data-returning queries
Metadata reads
Measure creation
Object rename
Object delete
Relationship changes
RLS / OLS changes
Bulk operations
Service / XMLA connectivity
Audit log exposure
Data masking controls
Policy bundle path
Policy fail mode
Enterprise deployment
Central policy enforcement that users cannot bypass
In enterprise mode, the policy bundle is loaded from an admin-controlled path. Users cannot override the lockdown mode or modify which policies apply. This ensures consistent enforcement across all developers, environments, and AI clients in the organization.
Admin sets the policy bundle path
The admin deploys the bundle; all local installs pick it up automatically.
Mode cannot be overridden locally
Users cannot relax the lockdown level for their own session.
Consistent enforcement across all clients
Claude Code, VS Code, Cursor, and any other MCP client operates under the same rules.
Design an AI access model for Power BI.
Match permissions to environments. Lock down production. Let developers move fast in isolation.