myVertica  

Security Policies

In addition to creating roles and granting privileges, you can manage user security through access policies. This topic assumes you are familiar with how users, roles, privileges, and grants work in Vertica.

About Access Policies

You create access policies on tables to restrict access to sensitive information to only those users authorized to view it. Vertica lets you create policies at two levels:

  • Column-level
    Restrict access to a specific column or columns
  • Row-level
    Restrict access to a specific row
If you have a table with both a row-level access policy and a column-level access policy, Vertica filters the row-level access policy first. Then Vertica uses the column-level access policy to filter the columns.

To view a list of current access policies, query the ACCESS_POLICY system table in the V_CATALOG schema.

Column-Level Policies

To create an access policy for a specific column or columns in a table, use the CREATE ACCESS POLICY statement with the FOR COLUMNS keywords and an expression that provides further information to limit column access.

Row-Level Policies

To create an access policy for a specific row in a table, use the CREATE ACCESS POLICY statement with the FOR ROWS keywords and an expression that provides further information to limit row access.

Enable, Disable, and Copy Policies

A DBADMIN user can enable and disable individual policies, as well as copy a policy from one table to another using the ALTER ACCESS POLICY statement.

Learn More

Read more about security in the Vertica core documentation or browse our blogs: