Starburst Galaxy

  •  Get started

  •  Working with data

  •  Data engineering

  •  Developer tools

  •  Cluster administration

  •  Security and compliance

  •  Troubleshooting

  • Galaxy status

  •  Reference

  • Creating policies #

    A policy supplies privileges to an entity such as a catalog, schema, table, view, or column, based on the entity’s assigned attributes.

    Use the Roles and privileges pane to view the list of roles and the properties for each role, as well as access to the Policies tab.

    The Policies tab is only visible if a role in the user’s active role set has the account-level privilege MANAGE_SECURITY.

    To create a new policy:

    1. Click Add policy to open the Create policy pane.
    2. In the Create policy pane, give the policy a name and description. Optionally, set an expiration date and time for the policy.
    3. Use the drop-down menus to determine the scopes of the policy. For example, you can set the scope to be all schemas in the catalog sales_data, or a specific table within a specific schema of the catalog sales_data. You can select multiple scopes at a time for each entity.
    4. Select a method to limit the scopes. You can choose to Match everything in scope or to Match using expression. See matching expressions for details and examples of matching expressions.
    5. Set privileges for the policy, if desired. As an example, you can grant ALLOW for the Create schema privilege, and DENY for the Select from table privilege. Click Add privilege to add more privileges.
    6. Click Apply to defined scope to apply one or more column masks to the policy if desired. Use the Scope menu to determine the scope, such as sales_data.*.*. Click Add column mask to add one. In the Column mask menu, select an existing column mask from the list, or select Create new column mask.
    7. Use the Row filter drop-down menu to select an existing row filter to apply to the policy if desired. In the drop-down menu, select Create new row filter to create one. Click Add row filter to add additional filters.
    8. Click Create policy.

    To view, edit, or delete an existing policy, click the more_vert options menu and select View policy, Edit policy, or Delete policy.

    See the Access control policies types page for more information.