AWS redshift documentation change
Summary
Added database qualification syntax and federated permissions documentation
Security assessment
Enables dropping masking policies across federated databases. Documents security feature operation without addressing specific security issues.
Diff
diff --git a/redshift/latest/dg/r_DROP_MASKING_POLICY.md b/redshift/latest/dg/r_DROP_MASKING_POLICY.md index df291adb0..73cf1dbc3 100644 --- a//redshift/latest/dg/r_DROP_MASKING_POLICY.md +++ b//redshift/latest/dg/r_DROP_MASKING_POLICY.md @@ -18 +18 @@ Superusers and users or roles that have the sys:secadmin role can drop a masking - DROP MASKING POLICY _policy_name_ ; + DROP MASKING POLICY { policy_name | database_name.policy_name }; @@ -26,0 +27,7 @@ The name of the masking policy to drop. +database_name + + +The name of the database from where the policy to be dropped. The database can be the connected database or a database that supports Amazon Redshift federated permissions. + +For the usage of DROP MASKING POLICY on Amazon Redshift Federated Permissions Catalog, see [ Managing access control with Amazon Redshift federated permissions](https://docs.aws.amazon.com/redshift/latest/dg/federated-permissions-managing-access.html). +