Merge pull request #2867 from MicrosoftDocs/main639100729765357837sync_temp

For protected branch, push strategy should use PR and merge to target branch method to work around git push error

Author: learn-build-service-prod[bot]

data-explorer/kusto/management/materialized-views/materialized-view-policies.md

@@ -44,6 +44,9 @@ A [row level security](../row-level-security-policy.md) can be applied on a mate
 * The policy is applied to the [materialized part](materialized-view-overview.md#how-materialized-views-work) of the view only.
   * If the same row level security policy isn't defined on the source table of the materialized view, then querying the materialized view may return records that should be hidden by the policy. This happens because [querying the materialized view](materialized-view-overview.md#materialized-views-queries) queries the source table as well.
   * We recommend defining the same row level security policy both on the source table and the materialized view if the view is an [arg_max()](../../query/arg-max-aggregation-function.md) or [arg_min()](../../query/arg-min-aggregation-function.md)/[take_any()](../../query/take-any-aggregation-function.md).
+  * If the source table has a row level security policy and a user isn't included in it, querying the materialized view fails. This happens even if the user is included in the materialized view's own row level security policy. The failure occurs because the [delta part](materialized-view-overview.md#how-materialized-views-work) of the query accesses the source table directly, where the source table's row level security policy is enforced. To resolve this issue, use one of the following options:
+     * Add the user to the source table's row level security policy.
+     * Use the [materialized_view()](../../query/materialized-view-function.md) function to query only the materialized part of the view. This function doesn't require access to the source table.
 * When defining a row level security policy on the source table of an [arg_max()](../../query/arg-max-aggregation-function.md) or [arg_min()](../../query/arg-min-aggregation-function.md)/[take_any()](../../query/take-any-aggregation-function.md) materialized view, the command fails if there's no row level security policy defined on the materialized view itself. The purpose of the failure is to alert the user of a potential data leak, since the materialized view may expose information. To mitigate this error, do one of the following actions:
   * Define the row level security policy over the materialized view.
   * Choose to ignore the error by adding `allowMaterializedViewsWithoutRowLevelSecurity` property to the alter policy command. For example: