ATTACH RLS POLICY

Attach a row-level security policy on a table to one or more users or roles.

Superusers and users or roles that have the sys:secadmin role can attach a policy.

Syntax


ATTACH RLS POLICY policy_name ON [TABLE] table_name [, ...]
TO { user_name | ROLE role_name | PUBLIC } [, ...]

policy_name: The name of the policy.
ON [TABLE] table_name [, ...]: The relation that the row-level security policy is attached to.
TO { user_name | ROLE role_name | PUBLIC} [, ...]: Specifies whether the policy is attached to one or more specified users or roles.

When working with the ATTACH RLS POLICY statement, observe the following:

The table being attached should have all the columns listed in the WITH clause of the policy creation statement.
Amazon Redshift RLS doesn't support attaching RLS policies to the following objects:
- Catalog tables
- Cross-database relations
- External tables
- Materialized views
- Temporary tables
- Lookup tables
You can't attach a RLS policy to superusers or to users with the sys:secadmin permission.

The following example attaches a policy on a table to a role.


ATTACH RLS POLICY policy_concerts ON tickit_category_redshift TO ROLE analyst, ROLE dbadmin;

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

ATTACH MASKING POLICY

BEGIN