Skip to main content

Privacera Documentation

Proposed Solution

On an EXTERNAL TABLE, we supports Row Level Filter and Column Masking to a limited extent.

  • Instead of creating a table, we create a secure view with the _secure postfix added to the schema name (as we cannot create Redshift views inside external schemas).

  • To GRANT access to secure view, we must grant USAGE permission to the Source Schema because the secure view schema will be separated from the EXTERNAL SCHEMA. As a result, permission is granted to the source (actual) table.

  • Only Select Permission to the EXTERNAL TABLE is supported. DataAdmin permission is ineffective because USAGE permission to EXTERNAL SCHEMA allows direct access to EXTERNAL TABLE.