AWS redshift documentation change
Summary
Replaced detailed setup example with focused RLS policy creation example and added end-to-end guide reference
Security assessment
Enhances documentation for security feature (RLS policies) implementation but does not indicate remediation of a security issue. Focuses on improving security control documentation.
Diff
diff --git a/redshift/latest/dg/r_CREATE_RLS_POLICY.md b/redshift/latest/dg/r_CREATE_RLS_POLICY.md index dd98b4975..f2fdb28e0 100644 --- a//redshift/latest/dg/r_CREATE_RLS_POLICY.md +++ b//redshift/latest/dg/r_CREATE_RLS_POLICY.md @@ -63,23 +63 @@ When working with the CREATE RLS POLICY statement, observe the following: -The following SQL statements create the tables, users, and roles for the CREATE RLS POLICY example. - - - -- Create users and roles reference in the policy statements. - CREATE ROLE analyst; - - CREATE ROLE consumer; - - CREATE USER bob WITH PASSWORD 'Name_is_bob_1'; - - CREATE USER alice WITH PASSWORD 'Name_is_alice_1'; - - CREATE USER joe WITH PASSWORD 'Name_is_joe_1'; - - GRANT ROLE sys:secadmin TO bob; - - GRANT ROLE analyst TO alice; - - GRANT ROLE consumer TO joe; - - GRANT ALL ON TABLE tickit_category_redshift TO PUBLIC; - -The following example creates a policy called policy_concerts. +The following example creates an RLS policy called policy_concerts. This policy applies to a VARCHAR(10) column called catgroup and and sets the USING filter to only return rows where the value of catgroup is `'Concerts'`. @@ -91,0 +70,2 @@ The following example creates a policy called policy_concerts. +For an end-to-end example of using RLS policies, see [Row-level security end-to-end example](./t_rls-example.html). +