ATTACH RLS POLICY
Attach a row-level security policy on a table to one or more users or roles.
Superusers and users or roles that have the sys:secadmin
role can attach a policy.
Syntax
ATTACH RLS POLICY policy_name ON [TABLE] table_name [, ...] TO { user_name | ROLE role_name | PUBLIC } [, ...]
Parameters
- policy_name
-
The name of the policy.
- ON [TABLE] table_name [, ...]
-
The relation that the row-level security policy is attached to.
- TO { user_name | ROLE role_name | PUBLIC} [, ...]
-
Specifies whether the policy is attached to one or more specified users or roles.
Usage notes
When working with the ATTACH RLS POLICY statement, observe the following:
The table being attached should have all the columns listed in the WITH clause of the policy creation statement.
-
Amazon Redshift RLS doesn't support attaching RLS policies to the following objects:
Catalog tables
Cross-database relations
External tables
Temporary tables
Lookup tables
You can't attach a RLS policy to superusers or to users with the
sys:secadmin
permission.
Examples
The following example attaches a policy on a table to a role.
ATTACH RLS POLICY policy_concerts ON tickit_category_redshift TO ROLE analyst, ROLE dbadmin;