Open emelsimsek opened 1 month ago
Extension anon use case requires [SECURITY LABEL ... ON COLUMN](https://postgresql-anonymizer.readthedocs.io/en/stable/#:~:text=%3D%23%20SECURITY%20LABEL%20FOR%20anon%20ON%20COLUMN%20people.lastname%0A%2D%23%20IS%20%27MASKED%20WITH%20FUNCTION%20anon.fake_last_name()%27%3B%0A%0A%3D%23%20SECURITY%20LABEL%20FOR%20anon%20ON%20COLUMN%20people.phone%0A%2D%23%20IS%20%27MASKED%20WITH%20FUNCTION%20anon.partial(phone%2C2%2C%24%24******%24%24%2C2)%27%3B) statements.
anon
Citus only propagates SECURITY LABEL ... ON ROLE commands.
To enable anon extension use cases, we need to propagate ON COLUMN security labels as well.
Workaround could be to run SECURITY LABEL ... ON COLUMN on all nodes manually.
Extension
anonuse case requires [SECURITY LABEL ... ON COLUMN](https://postgresql-anonymizer.readthedocs.io/en/stable/#:~:text=%3D%23%20SECURITY%20LABEL%20FOR%20anon%20ON%20COLUMN%20people.lastname%0A%2D%23%20IS%20%27MASKED%20WITH%20FUNCTION%20anon.fake_last_name()%27%3B%0A%0A%3D%23%20SECURITY%20LABEL%20FOR%20anon%20ON%20COLUMN%20people.phone%0A%2D%23%20IS%20%27MASKED%20WITH%20FUNCTION%20anon.partial(phone%2C2%2C%24%24******%24%24%2C2)%27%3B) statements.Citus only propagates SECURITY LABEL ... ON ROLE commands.
To enable
anonextension use cases, we need to propagate ON COLUMN security labels as well.Workaround could be to run SECURITY LABEL ... ON COLUMN on all nodes manually.