Reply
New Contributor
Posts: 3
Registered: ‎02-15-2018

Dynamic Role Based Data Masking

I need to show/hide/mask data based on user role.  Is it possible to setup a role and associate with a policy where column level data will be masked based on the effective_user's role?  So if userA is a member of roleX he can view the sensitive data, but userB is not a member of roleX so he sees the masked data.  Same select statement from two different users returns different results based solely on role.  

Highlighted
New Contributor
Posts: 3
Registered: ‎02-15-2018

Re: Dynamic Role Based Data Masking

I see that others have solved this with a combination of Impala UDF + View by grabbing the effective_user() and then looking up roles when a query is executed.  Any other options to solve ths?

Announcements