Implementing Column-level Access Control uses several Treasure Data features with a primary focus on using tags.
You must have the policy-based Column-level Access Control feature. Contact your Customer Success representative about enabling this feature. After enabling the feature, Treasure Data automatically creates a new permissions policy Columns full and applies it to all existing users. This ensures that all existing users have access to all columns as the initial state. The administrator can then remove users from the "Columns full" policy and assign other column-level access control permissions with new policies.
The following table provides links to documentation to help you complete the implementation of Column-level Access Control in an account.
| Task | User Interface Documentation | API Documentation |
|---|---|---|
| Select a table. | Creating or Viewing Tables | Treasure Data Table APIs |
| Create a column tag. | Creating, Editing, and Deleting Tags | Creating, Editing, and Deleting Tags Using the REST API |
| Verify the column tag. | Searching and Filtering for Databases and Tables with Tags | Listing and Reviewing Tags Using the REST API |
| Attach tag to a table column. | Attaching Tags to Columns | Attaching and Searching for Tags Using the REST API |
| Create a permission-based policy. | Policy-based Column-level Access Control Permissions | Tag-based Access Control Using the REST API |