Adding row-level filtering policy
Row-level filtering allows users to access a subset of rows in a table.
Before you begin
Ensure you have the following details:
- IBM watsonx.data instance.
- Apache Ranger is provisioned.
- Enable the Apache Ranger policy in watsonx.data. For more information, see Enabling Apache Ranger policy for resources. .
Procedure
Complete the following steps.
-
Log in to Apache Ranger by using the username and password.
a. Go to Service Manager >
service_namepolicies page to add a row level filter policy.b. In the Policy Details section, provide the policy details like name, description.
c. In the Resources section, select the catalog, schema, and table for which the policy is applicable.
d. In the Row Filter Conditions section, select the user (example, User1), set the Permissions to Select and enter the Row Level Filter (example, c1=1).
e. Click Save.
-
Complete the following steps to verify access control:
a. Log in to watsonx.data instance as User1.
b. From the navigation menu, click Query workspace.
c. Run a simple query to access the table again, now User1 can only see rows with column c1 equal to 1 in the result.