LogoLogo
  • Welcome to e6data
  • Introduction to e6data
    • Concepts
    • Architecture
      • e6data in VPC Deployment Model
      • Connect to e6data serverless compute
  • Get Started
  • Sign Up
  • Setup
    • AWS Setup
      • In VPC Deployment (AWS)
        • Prerequisite Infrastructure
        • Infrastructure & Permissions for e6data
        • Setup Kubernetes Components
        • Setup using Terraform in AWS
          • Update a AWS Terraform for your Workspace
        • AWS PrivateLink and e6data
        • VPC Peering | e6data on AWS
      • Connect to e6data serverless compute (AWS)
        • Workspace Creation
        • Catalog Creation
          • Glue Metastore
          • Hive Metastore
          • Unity Catalog
        • Cluster Creation
    • GCP Setup
      • In VPC Deployment (GCP)
        • Prerequisite Infrastructure
        • Infrastructure & Permissions for e6data
        • Setup Kubernetes Components
        • Setup using Terraform in GCP
        • Update a GCP Terraform for your Workspace
      • Connect to e6data serverless compute (GCP)
    • Azure Setup
      • Prerequisite Infrastructure
      • Infrastructure & Permissions for e6data
      • Setup Kubernetes Components
      • Setup using Terraform in AZURE
        • Update a AZURE Terraform for your Workspace
  • Workspaces
    • Create Workspaces
    • Enable/Disable Workspaces
    • Update a Workspace
    • Delete a Workspace
  • Catalogs
    • Create Catalogs
      • Hive Metastore
        • Connect to a Hive Metastore
        • Edit a Hive Metastore Connection
        • Delete a Hive Metastore Connection
      • Glue Metastore
        • Connect to a Glue Metastore
        • Edit a Glue Metastore Connection
        • Delete a Glue Metastore Connection
      • Unity Catalog
        • Connect to Unity Catalog
        • Edit Unity Catalog
        • Delete Unity Catalog
      • Cross-account Catalog Access
        • Configure Cross-account Catalog to Access AWS Hive Metastore
        • Configure Cross-account Catalog to Access Unity Catalog
        • Configure Cross-account Catalog to Access AWS Glue
        • Configure Cross-account Catalog to Access GCP Hive Metastore
    • Manage Catalogs
    • Privileges
      • Access Control
      • Column Masking
      • Row Filter
  • Clusters
    • Edit & Delete Clusters
    • Suspend & Resume Clusters
    • Cluster Size
    • Load Based Sizing
    • Auto Suspension
    • Query Timeout
    • Monitoring
    • Connection Info
  • Pools
    • Delete Pools
  • Query Editor
    • Editor Pane
    • Results Pane
    • Schema Explorer
    • Data Preview
  • Notebook
    • Editor Pane
    • Results Pane
    • Schema Explorer
    • Data Preview
  • Query History
    • Query Count API
  • Connectivity
    • IP Sets
    • Endpoints
    • Cloud Resources
    • Network Firewall
  • Access Control
    • Users
    • Groups
    • Roles
      • Permissions
      • Policies
    • Single Sign-On (SSO)
      • AWS SSO
      • Okta
      • Microsoft My Apps-SSO
      • Icons for IdP
    • Service Accounts
    • Multi-Factor Authentication (Beta)
  • Usage and Cost Management
  • Audit Log
  • User Settings
    • Profile
    • Personal Access Tokens (PAT)
  • Advanced Features
    • Cross-Catalog & Cross-Schema Querying
  • Supported Data Types
  • SQL Command Reference
    • Query Syntax
      • General functions
    • Aggregate Functions
    • Mathematical Functions & Operators
      • Arithematic Operators
      • Rounding and Truncation Functions
      • Exponential and Root Functions
      • Trigonometric Functions
      • Logarithmic Functions
    • String Functions
    • Date-Time Functions
      • Constant Functions
      • Conversion Functions
      • Date Truncate Function
      • Addition and Subtraction Functions
      • Extraction Functions
      • Format Functions
      • Timezone Functions
    • Conditional Expressions
    • Conversion Functions
    • Window Functions
    • Comparison Operators & Functions
    • Logical Operators
    • Statistical Functions
    • Bitwise Functions
    • Array Functions
    • Regular Expression Functions
    • Generate Functions
    • Cardinality Estimation Functions
    • JSON Functions
    • Checksum Functions
    • Unload Function (Copy into)
    • Struct Functions
  • Equivalent Functions & Operators
  • Connectors & Drivers
    • DBeaver
    • DbVisualiser
    • Apache Superset
    • Jupyter Notebook
    • Tableau Cloud
    • Tableau Desktop
    • Power BI
    • Metabase
    • Zeppelin
    • Python Connector
      • Code Samples
    • JDBC Driver
      • Code Samples
      • API Support
    • Configure Cluster Ingress
      • ALB Ingress in Kubernetes
      • GCE Ingress in Kubernetes
      • Ingress-Nginx in Kubernetes
  • Security & Trust
    • Best Practices
      • AWS Best Practices
    • Features & Responsibilities Matrix
    • Data Protection Addendum(DPA)
  • Tutorials and Best Practices
    • How to configure HIVE metastore if you don't have one?
    • How-To Videos
  • Known Limitations
    • SQL Limitations
    • Other Limitations
    • Restart Triggers
    • Cloud Provider Limitations
  • Error Codes
    • General Errors
    • User Account Errors
    • Workspace Errors
    • Catalog Errors
    • Cluster Errors
    • Data Governance Errors
    • Query History Errors
    • Query Editor Errors
    • Pool Errors
    • Connectivity Errors
  • Terms & Condition
  • Privacy Policy
    • Cookie Policy
  • FAQs
    • Workspace Setup
    • Security
    • Catalog Privileges
  • Services Utilised for e6data Deployment
    • AWS supported regions
    • GCP supported regions
    • AZURE supported regions
  • Release Notes & Updates
    • 6th Sept 2024
    • 6th June 2024
    • 18th April 2024
    • 9th April 2024
    • 30th March 2024
    • 16th March 2024
    • 14th March 2024
    • 12th March 2024
    • 2nd March 2024
    • 10th February 2024
    • 3rd February 2024
    • 17th January 2024
    • 9th January 2024
    • 3rd January 2024
    • 18th December 2023
    • 12th December 2023
    • 9th December 2023
    • 4th December 2023
    • 27th November 2023
    • 8th September 2023
    • 4th September 2023
    • 26th August 2023
    • 21st August 2023
    • 19th July 2023
    • 23rd May 2023
    • 5th May 2023
    • 28th April 2023
    • 19th April 2023
    • 15th April 2023
    • 10th April 2023
    • 30th March 2023
Powered by GitBook
On this page
  • Create Row Filter Privileges
  • Table-Specific Row Filtering Example
  • User-Specific Row Filtering Example
  • Limitations
  • Update Row Filter Privilege
  • Delete Row Filter Privilege
  1. Catalogs
  2. Privileges

Row Filter

PreviousColumn MaskingNextClusters

Last updated 1 year ago

Row filtering is a mechanism used to control access to data by limiting the rows that users can view based on specific criteria. It is typically employed in scenarios where different users or groups require access to the same dataset but with varying levels of permission based on their roles or responsibilities. Row filtering ensures that users only see the data that is relevant to them, enhancing data privacy, security, and compliance. For instance, sales reps can access only their assigned customer data, enhancing security and compliance.

Create Row Filter Privileges

To create a privilege, follow these steps:

  1. Navigate to catalogs, and click on the desired catalog.

  2. Select the Privilege(Beta) tab.

  3. Click on Create Privileges to create a new privilege.

  4. Provide a name to privilege.

  5. Enter a description of the privilege (optional).

  6. Select the row filter from the type of privilege.

  7. Select the databases.

  8. Select the table and enter the expression.

  9. Select the user(s)/group(s) to whom you wish to provide access to the selected schema.

  10. Click on "Create."

  11. The privilege will be created and can be viewed in the privileges tab list.

Table-Specific Row Filtering Example

If the user selects a specific table, the row filter privilege will only be applied to that table. For example:

  • table: call_center

  • database: tpcds_1000_delta

  • row filter condition: cc_employees=6879074

  • User - George

Row filter privilege applied only on table - call_center for user - george

Row filter privilege not applied for table - customer for user - George

User-Specific Row Filtering Example

If the user has been assigned the row filter privilege, the row filter will only be applied to them. For example:

  • table selected: call_center

  • database selected: tpcds_1000_delta

  • row filter condition: cc_employees=6879074

This row filter policy applies exclusively to the selected users. For instance, when running the query "SELECT * FROM call_center," only the assigned user will view the filtered data.

For another user, no row filter condition will be applicable.

Limitations

  • Subqueries with row filter conditions are not yet supported.

  • Row filter conditions with aggregate functions are not yet supported as aggregations are in the HAVING clause

  • For multiple-row filters in the same table, only the first-row filter will be applied in a query with a combination of these row filters.

Update Row Filter Privilege

To edit a privilege, follow these steps:

  1. Click on the three dots next to the privilege you want to edit.

  2. Select "Edit" from the dropdown menu.

  3. The privilege form will now be available for modification.

  4. If you want to change the description, update it accordingly.

  5. Choose the databases.

  6. Select the table and edit the expression (if you want to)

  7. You can more row filter expressions by clicking on add more filters

  8. Select the users and groups you wish to grant access to for the selected schema.

  9. Finally, click on "Update" to save your changes.

Delete Row Filter Privilege

To delete a privilege, follow these steps:

  1. Click on the three dots next to the privilege you want to delete.

  2. Select "Delete" from the dropdown menu.

  3. Confirm the deletion by typing "Delete" in the alert box.

Create Row Filter Privilege
Row filter privilege applied for user - George
No row filter privilege applied for user - Pranav
Update Row Filter Privilege