Dynamic Role Based Data Masking

nullbyte · ‎02-15-2018

I need to show/hide/mask data based on user role. Is it possible to setup a role and associate with a policy where column level data will be masked based on the effective_user's role? So if userA is a member of roleX he can view the sensitive data, but userB is not a member of roleX so he sees the masked data. Same select statement from two different users returns different results based solely on role.

nullbyte · ‎02-16-2018

I see that others have solved this with a combination of Impala UDF + View by grabbing the effective_user() and then looking up roles when a query is executed. Any other options to solve ths?

PrasannaSK · ‎03-22-2019

Any update on this? Did you solve this by any means? I am looking at exact functionality in 2019, but, don't see any option other than sensitive data redaction option (don't think it's user/role based though).

Dynamic Role Based Data Masking

Dynamic Role Based Data Masking

Re: Dynamic Role Based Data Masking

Re: Dynamic Role Based Data Masking