Skip to main content
NOW AVAILABLE

Row Level Security now generally available for Azure Data Explorer

Published date: October 12, 2020

The Row Level Security (RLS) policy is now generally available for Azure Data Explorer (Kusto)It provides more granular control over who can access data inside your tables. You can now prevent specific users from viewing certain rows in a table, and you can also mask the data they see. For example, you can set an RLS policy that masks personally identifiable information (PII), enabling developers to query production environments for troubleshooting purposes without violating compliance regulations.

Example:

.create-or-alter function with () TrimCreditCardNumbers() {
    let UserCanSeeFullNumbers = current_principal_is_member_of('aadgroup=super_group@domain.com');
    let AllData = Customers | where UserCanSeeFullNumbers;
    let PartialData = Customers | where not(UserCanSeeFullNumbers) | extend CreditCardNumber = "****";
    union AllData, PartialData
}

.alter table Customers policy row_level_security enable "TrimCreditCardNumbers"

 

Please find more details on the documentation page.

  • Azure Data Explorer
  • Features
  • Security

Related Products