Column-level Access Control is Beta.
A challenge in managing database access is the complexity of data types and users accessing data in the same database. Treasure Data addresses this challenge with column-level access control, allowing administrators and database owners to tag column data, define policies, and then assign those policies to users.
You must enable the column-level access control feature to access these security protections.
In the previous diagram, you can see that one database contains numerous tables that need to be accessed by different users:
Granular access control provides the capability to grant different access levels to a particular resource to particular users. Column-level access control allows administrators to create customized column tags and then create policies that provide user access. The following image represents a high-level overview of the steps to implement column-level access control.
For a detailed workflow, review Implementing Column-Level Access Control.
Treasure Data actively ensures that all features that might interact with each other protect your data from unauthorized access.
Treasure Data automatically ensures security consistency when column-level access control is enabled:
Administrators can achieve security consistency through the following measures: