ALTER REDACTION POLICY

Function

ALTER REDACTION POLICY modifies a data redaction policy applied to a specified table.

Precautions

Only the owner of the table to which the redaction policy is applied has the permission to modify the redaction policy.

Syntax

• Modify the expression used for a redaction policy to take effect.

  ALTER REDACTION POLICY policy_name ON table_name WHEN (new_when_expression);
  

• Enable or disable a redaction policy.

  ALTER REDACTION POLICY policy_name ON table_name ENABLE | DISABLE;
  

• Rename a redaction policy.

  ALTER REDACTION POLICY policy_name ON table_name RENAME TO new_policy_name;
  

• Add, modify, or delete a column on which the redaction policy is used.

  ALTER REDACTION POLICY policy_name ON table_name
      action;
  

  There are several clauses of action:

  ADD COLUMN column_name WITH function_name ( arguments )
    | MODIFY COLUMN column_name WITH function_name ( arguments )
    | DROP COLUMN column_name
  

Parameter Description

• policy_name

  Specifies the name of the redaction policy to be modified.

• table_name

  Specifies the name of the table to which the redaction policy is applied.

• new_when_expression

  Specifies the new expression used for the redaction policy to take effect.

• ENABLE | DISABLE

  Specifies whether to enable or disable the current redaction policy.

  • ENABLE

    Enables the redaction policy that was previously disabled for the table.

  • DISABLE

    Disables the redaction policy currently applied to the table.

• new_policy_name

  Specifies the new name of the redaction policy.

• column_name

  Specifies the name of the table column to which the redaction policy is applied.

  To add a column, use a column name that has not been bound to any redaction functions.

  To modify a column, use the name of an existing column.

  To delete a column, use the name of an existing column.

• function_name

  Specifies the name of a redaction function.

• arguments

  Specifies the list of arguments of the redaction function.

Examples

Modify the expression for the data redaction policy to take effect for all users.

ALTER REDACTION POLICY mask_emp ON emp WHEN (1=1);

Disable the redaction policy.

ALTER REDACTION POLICY mask_emp ON emp DISABLE;

Enable the redaction policy again.

ALTER REDACTION POLICY mask_emp ON emp ENABLE;

Change the redaction policy name to mask_emp_new.

ALTER REDACTION POLICY mask_emp ON emp RENAME TO mask_emp_new;

Add a column with the redaction policy used.

ALTER REDACTION POLICY mask_emp_new ON emp ADD COLUMN name WITH mask_partial(name, '*', 1, length(name));

Modify the redaction policy for the name column. Use the MASK_FULL function to redact all data in the name column.

ALTER REDACTION POLICY mask_emp_new ON emp MODIFY COLUMN name WITH mask_full(name);

Delete an existing column where the redaction policy is used.

ALTER REDACTION POLICY mask_emp_new ON emp DROP COLUMN name;

Helpful Links

CREATE REDACTION POLICY, DROP REDACTION POLICY

last updated: 2024-05-20 03:31