Row-Level Security Implementation Process | Teradata Vantage - 17.10 - Row-Level Security Implementation Process - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Advanced SQL Engine
Teradata Database
Release Number
July 2021
English (United States)
Last Update
  1. Create the security classifications that define security labels for users and data rows. See Defining Security Labels for Users and Rows.
  2. Create user-defined functions to define and enforce row level security restrictions. Creating Row Level Security UDFs.
  3. Grant the necessary administrator privileges for working with row level security constraints. See Granting Security Constraint Administrative Privileges.
  4. Create security constraint objects. See Working with Security Constraints.
  5. Assign security constraints and constraint values to database users. See Working with Constraint Assignments.
  6. Create/Alter tables to define security constraint columns. See Working with Security Constraint Columns.
  7. Assign constraint OVERRIDE privileges to users who need to bypass the enforcement of security constraints. See Working with Constraint OVERRIDE Privileges.
  8. Evaluate database objects and processes that interface with RLS tables, and where necessary, rework them to ensure conformance with RLS requirements. See Working with Row-Level Security Effects.
  9. Learn how the system derives the session constraint values under various conditions, and how to set alternate values. See Determining the Session Constraint Values.
  10. Enable logging of user attempts to access RLS tables, views, and administrative functions. Using Access Logging with Row Level Security.
  11. Access system tables and views that contain security constraint information. See Constraint-Related System Tables and Views.