โ10-19-2022 06:38 AM
I cannot able to run following queries
ALTER TABLE iot_events ADD ATTRIBUTE pii ON email
ALTER TABLE users ADD ATTRIBUTE pii ON phone
GRANT SELECT ON DATABASE iot_data
HAVING ATTRIBUTE NOT IN (pii)
TO product_managers
and
GRANT SELECT ON iot_events TO engineers
GRANT SELECT(date, country) ON iot_events TO marketing
Anything i am missing?
โ10-19-2022 06:53 AM
@Rahul Mishraโ I have tried above and did not work for me, but you can create view and try below queries to mask your columns or row Create views | Databricks on AWS
โ10-19-2022 07:09 AM
View part also worked for me but i want to control the grant part and don't wanna create view
โ10-19-2022 07:10 AM
Thing is create view is not a unique feature of unity catalog but this grant part is actually is so i wanna implement that
โ10-19-2022 07:20 AM
@Kaniz Fatmaโ can anyone from data Bircks help on why attribute-based access control function is not working in unity catalog @Rahul Mishraโ
below commands
ALTER TABLE iot_events ADD ATTRIBUTE pii ON email
ALTER TABLE users ADD ATTRIBUTE pii ON phone
GRANT SELECT ON DATABASE iot_data
HAVING ATTRIBUTE NOT IN (pii)
TO product_managers
โ10-20-2022 03:47 AM
@Kaniz Fatmaโ even the support page is not working it's redirecting me again and again to the same page
โ05-11-2023 11:52 AM
Hi @Kaniz Fatmaโ, I am getting below error while creating ATTRIBUTE-
%sql
CREATE ATTRIBUTE pii;
Output:
ParseException:
[PARSE_SYNTAX_ERROR] Syntax error at or near 'ATTRIBUTE'(line 1, pos 7)
== SQL ==
CREATE ATTRIBUTE pii
-------^^^
โ05-12-2023 07:28 AM
Hi @Kaniz Fatmaโ , Thank you for your response.
Are you saying that "attribute" is nothing but a column name in a table?
I was under impression that attribute is like a tag which we should create before using it against a table's column(s). Sharing my reference below -
https://blog.cellenza.com/en/data/row-and-column-level-security-with-databricks/
In either way, I am confused. I have tried to execute below command as per above databricks documentation, hoping it will create attribute, but its failing. Can you pls give an example how can we create a PII tag/attribute on a set of columns in databricks table?
[In below c_phone is a column containing sensitive data in customers table]
SQL> ALTER TABLE customers ADD ATTRIBUTE pii ON c_phone
Output:
ParseException:
[PARSE_SYNTAX_ERROR] Syntax error at or near 'ATTRIBUTE'(line 1, pos 48)
== SQL ==
ALTER TABLE iotsamples.tpch.customer_events ADD ATTRIBUTE pii ON c_phone
------------------------------------------------^^^
Join a Regional User Group to connect with local Databricks users. Events will be happening in your city, and you wonโt want to miss the chance to attend and share knowledge.
If there isnโt a group near you, start one and help create a community that brings people together.
Request a New Group