Which command should be used to implement a masking policy that was already created in Snowflake?
Which command should be used to implement a masking policy that was already created in Snowflake?
To implement a masking policy that has already been created in Snowflake, the correct command is 'SET MASKING POLICY'. This command is used to associate an existing masking policy with a column in a table or view to apply the masking criteria defined in the policy.
-- apply masking policy to a table column ALTER TABLE IF EXISTS user_info MODIFY COLUMN email SET MASKING POLICY email_mask; -- apply the masking policy to a view column ALTER VIEW user_info_v MODIFY COLUMN email SET MASKING POLICY email_mask; https://docs.snowflake.com/en/user-guide/security-column-ddm-use
D ALTER TABLE t1 MODIFY COLUMN c1 UNSET MASKING POLICY; ALTER TABLE t1 MODIFY COLUMN c1 SET MASKING POLICY p2; CREATE MASKING POLICY email_mask AS (val string) RETURNS string -> CASE WHEN CURRENT_ROLE() IN ('PAYROLL') THEN val ELSE '******' END; https://docs.snowflake.com/en/user-guide/security-column-intro
D. modify column SET MASKING POLICY. APPLY MASKING is privilege that should grant to role to apply the masking policy
D is the answer. https://docs.snowflake.com/en/user-guide/security-column-intro table ALTER TABLE IF EXISTS user_info MODIFY COLUMN ssn_number SET MASKING POLICY ssn_mask; -- view ALTER VIEW user_info_v MODIFY COLUMN ssn_number SET MASKING POLICY ssn_mask_v;
https://community.snowflake.com/s/article/Privilege-Updates-APPLY-MASKING-POLICY-APPLY-ROW-ACCESS-POLICY-Allow-DESCRIBE-object-Operation-on-Tables-and-Views-Only-2021-07-xx-Pending
D is correct, APPLY is privilege that should to grant to role