Scribd Logo
Upload

Welcome to Scribd!

  • 4 +Recreate+Masking+Policy+and+Unset

    Uploaded by

    vr.sf99
    4 views1 page

    Original Title

    4.+Recreate+Masking+Policy+and+Unset

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    4 views1 page

    4 +Recreate+Masking+Policy+and+Unset

    Uploaded by

    vr.sf99

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    -- DESCRIBE MASKING POLICY

    USE ROLE ACCOUNTADMIN;


    DESC MASKING POLICY sensitive_info_masking_strings;
    DESC MASKING POLICY sensitive_info_masking_numbers;

    -- DO THE OPPOSITE, MENTION ROLES WHICH SHOULD SEE MASKED DATA


    create or replace masking policy sensitive_info_masking_numbers as (val NUMBER)
    returns number ->
    case
    when current_role() not in ('ANALYST') then val
    else '99999999999999999999'
    end;

    create or replace masking policy sensitive_info_masking_strings as (val STRING)


    returns STRING ->
    case
    when current_role() not in ('ANALYST') then val
    else '**********'
    end;

    -- UNSET MASKING POLICIES


    ALTER TABLE IF EXISTS EMPLOYEE_INFO MODIFY COLUMN salary UNSET MASKING POLICY;
    ALTER TABLE IF EXISTS EMPLOYEE_INFO MODIFY COLUMN dept UNSET MASKING POLICY;

    -- APPLY MASKING POLICY TO A TABLE's NUMBER COLUMN


    ALTER TABLE IF EXISTS EMPLOYEE_INFO MODIFY COLUMN salary SET MASKING POLICY
    sensitive_info_masking_numbers;

    -- APPLY THE MASKING POLICY TO A TABLE's STRING COLUMN


    ALTER TABLE IF EXISTS EMPLOYEE_INFO MODIFY COLUMN dept SET MASKING POLICY
    sensitive_info_masking_strings;

    -- SEE MASKING IN ACTION


    USE ROLE ANALYST_REAL;
    SELECT * FROM EMPLOYEE_INFO;

    USE ROLE ANALYST;


    SELECT * FROM EMPLOYEE_INFO;

    You might also like