Sure. In my situation, each user has direct access to the data via SSMS.
Here is my function, I have replaced our actual domain, with the word 'domain' below, but all the rest is as is:
CREATE FUNCTION RLS.clientAccessPredicate (@ClientId INT)
RETURN SELECT 1 AS accessResult
WHERE IS_MEMBER('domain\Users_' + RIGHT('00000'+ CAST(@ClientId AS VARCHAR(5)),5)) = 1
OR IS_MEMBER('domain\DEV_ADMIN') = 1;
It is working as intended, but I have been testing performance since I posted this question and I am finding that on the larger tables 1 million + records, that rls is very slow. And aggregation is close to impossible. I am trying to follow all the best practice advise, but still not great results.