You can translate the question and the replies:

datamasking

we have snowflake db and we have table masked and unmaksed data based on the role. can we use denodo to display the data depending on the snowflake role's
user
21-04-2022 19:19:43 -0400
code

1 Answer

Hi, Usually, the session to the Snowflake database will be created based on the role assigned to the user whose credentials are provided in the “Connection tab” of the data source. If you wish to specify a default role to use in the Snowflake session initiated by the driver, then you can add the driver property “role” with a appropriate value for it. It can be either added directly in the [Database URI](https://community.denodo.com/docs/html/browse/8.0/en/vdp/administration/creating_data_sources_and_base_views/jdbc_sources/jdbc_sources#jdbc-data-source-credentials-from-password-vault-using-single-secret) or can be specified in the [Driver properties](https://community.denodo.com/docs/html/browse/8.0/en/vdp/administration/creating_data_sources_and_base_views/jdbc_sources/jdbc_sources#jdbc-data-source-credentials-from-password-vault-using-one-secret-per-field) of the data source. Here, it is neccesary that the specified role should be an existing role and the specified user should have that role. To know more about the driver parameter ‘role’, you can refer to the Snowflake [documentation](https://docs.snowflake.com/en/user-guide/jdbc-parameters.html#role). You can create users or roles in the Denodo Platform and assign [restrictions to mask the fields](https://community.denodo.com/docs/html/browse/latest/en/vdp/administration/databases_users_and_access_rights_in_virtual_dataport/fine_grain_view_privileges/fine_grain_view_privileges#row-restrictions). Besides, starting from the Denodo latest update(20220126), a new feature [Global Security Policies](https://community.denodo.com/docs/html/browse/8.0/en/vdp/administration/global_security_policies/global_security_policies) is introduced. This Global Security Policy is a set of restrictions(like masking) that apply to all/some users over all/several views that verify certain conditions. For more detailed steps, refer to [Global Security Policies and Tags](https://community.denodo.com/tutorials/browse/securitypolicy/index). Hope this helps!
Denodo Team
22-04-2022 09:23:03 -0400
code
You must sign in to add an answer. If you do not have an account, you can register here