I've got a databases with 100 tables and a sentry role which has GRANT SELECT on * at the database level.
I now need to restrict access to column A within table X.
"REVOKE SELECT(A) ON TABLE X FOR ROLE users" does not work (although it run's sucessfully). This does not work becuase the grant select is done at a higher level (DB level).
The only option I see is removing the select at database level, granting select on 99 tables, then granting select on table X to only given columns. This would also mean any new tables added to the database would need permissions adding each time.