amychen1776
commented
2 weeks ago Hello @greenantim2 thank you for opening this feature request! We will not be able to support this in the short term but is something I'm happy to examine for the future. I'm going to leave this issue open for others to chime in on if they are also interested (please 👍 the OG post)
It might be interesting for you in the short term to take a look at how this package is handling data masking https://hub.getdbt.com/entechlog/dbt_snow_mask/latest/ for inspiration on how you could implement it in the short term
Is this your first time submitting a feature request?
Describe the feature
I would like to be able to specify a row access policy to apply to a table or view when it is created. For example add a config option such as row_access_policy where you would specify the policy name and the column that it applies to.
{{ config( row_access_policy='test_db.security.tenant_row_access__policy ON (tenantid)' ) }}
When the table or view is compiled the resulting code would look like
CREATE TABLE test_db.published.SalesData WITH ROW ACCESS POLICY test_db.security.tenant_row_access__policy ON (tenantid) AS ( ...
Describe alternatives you've considered
I've considered using a post hook to apply the row access policy after the table has been created. The problem with this approach is that there is a slight delay after the table has been created and before the row access policy has been applied where all of the data is exposed to the consumer. This is not a viable option as it exposes sensitive data.
Who will this benefit?
Anyone who uses row access policies in Snowflake.
Are you interested in contributing this feature?
I would be willing to test any changes, I'm not sure that I have the ability to make the changes.
Anything else?
No response