Record-based security allows for the restriction of access to specific records within an entity. Administrators can define criteria and rules to determine which records a user can view or modify based on data attributes.
Following are some screen shots of the security role setting in Dynamics 365. For example tenancy manager role can be granular:
