AWS redshift medium security documentation change
Summary
Added note about automatic masking of sensitive metadata columns in query logs
Security assessment
The change explicitly documents data masking of sensitive metadata in logs to prevent exposure, which is a security control. The reference to secure logging confirms this is a security-focused documentation update.
Diff
diff --git a/redshift/latest/dg/cm_chap_system-tables.md b/redshift/latest/dg/cm_chap_system-tables.md index 0545a1c29..cdf98ebed 100644 --- a//redshift/latest/dg/cm_chap_system-tables.md +++ b//redshift/latest/dg/cm_chap_system-tables.md @@ -95,0 +96,4 @@ On the other hand, the following query might well return no rows: +###### Note + +Amazon Redshift automatically masks certain system table columns when logging information about queries made to Data Catalog views to prevent exposure of sensitive metadata. For more information, see [ Secure logging](https://docs.aws.amazon.com/redshift/latest/mgmt/db-auditing-secure-logging.html) in the _Amazon Redshift Management Guide_. +