[MDEV-19646] Allow Data Masking to be applied/exempted by DB Role Created: 2019-05-30 Updated: 2020-12-04 |
|
| Status: | Open |
| Project: | MariaDB Server |
| Component/s: | None |
| Fix Version/s: | None |
| Type: | Task | Priority: | Major |
| Reporter: | Robert Meunier | Assignee: | Unassigned |
| Resolution: | Unresolved | Votes: | 2 |
| Labels: | None | ||
| Description |
|
Allow the "applies_to" and "exempted" options in the Data Masking rules to allow DB Roles in addition to specific users. Alternately create new options that allow the use of DB Roles. When managing 100's or 1,000's of users it is impractical to have to go in and change the Data Masking rules when adding/altering relationships to these rules. Most data access is handled through DB Roles when dealing with large numbers of users and the Data Masking should follow this pattern. We heavily leverage the Data Masking feature in a competing product and it will be a hard sell to endorse moving to MariaDB without a comparable feature. |
| Comments |
| Comment by Qunfei Wu [ 2020-12-04 ] |
|
In some big company use case, data masking is the key features which we can't ignore it. currently, we are using Oracle extra features which can mask with these key policy by Role like,
But we still need to build extra tools to sync these policies from the external version control system into oracle. From technology, the implement can be not so complicated by the view of original tables. Are any updates or interesting to discuss? we can give the real biggest insurance business case in European to you. And we consider moving out of Oracle now. |