- Newest
- Most votes
- Most comments
You can use a policy to redact a single column.
Example:
Create a test table
SQL> create table test (name varchar(50), salary number);
Table created.
Insert some data
SQL> insert into test values ('a',1000);
1 row created.
SQL> insert into test values ('b',3000);
1 row created.
SQL> insert into test values ('c',9000);
1 row created.
SQL> commit;
Commit complete.
SQL> select * from test;
NAME | SALARY |
---|---|
a | 1000 |
b | 3000 |
c | 9000 |
Create a policy to redact the Salary column
begin
dbms_redact.add_policy(
object_schema => 'ADMIN',
object_name => 'TEST',
column_name => 'SALARY',
policy_name => 'redact_emp_pol',
function_type => DBMS_REDACT.FULL,
expression => '1=1');
end;
/
Login with another user that has access to the table and test the redaction policy. In this case all the values of the salary column is replaced by a zero.
SQL> create user user1 identified by xxxxx;
User created.
SQL> grant create session to user1;
Grant succeeded.
SQL> grant select on test to user1;
Grant succeeded.
Connect with user1
SQL> show user USER is "USER1"
SQL> select * from admin.test;
NAME | SALARY |
---|---|
a | 0 |
b | 0 |
c | 0 |
You can also refer to these links for some examples: Oracle Documentation: https://docs.oracle.com/en/database/oracle/oracle-database/19/asoag/oracle-data-redaction-use-with-oracle-database-features.html#GUID-D0C97997-0F35-42B7-98B1-1DA4197001F0 External link: https://oracle-base.com/articles/12c/data-redaction-12cr1
**Note: redaction requires the Oracle Advanced Security license option ** https://docs.oracle.com/en/database/oracle/oracle-database/19/dblic/Licensing-Information.html#GUID-AB354617-6614-487E-A022-7FC9A5A08472
Relevant content
- asked a year ago
- asked 2 years ago
- asked 8 months ago
- asked a month ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated 2 years ago