Description
Changes masking policies
Format
The format varies depending on the content to be changed. The format is shown below.
Common format
common_arg: [schema_name := 'schemaName',] table_name := 'tableName', policy_name := 'policyName'
Add a masking target to a masking policy
pgx_alter_confidential_policy( commonArg, [action := 'ADD_COLUMN', ] column_name := 'colName' [, function_type := 'FULL'] | [, function_type := 'PARTIAL', partialOpt] | [, function_type := 'REGEXP', regexpOpt] )
partialOpt: function_parameters := 'maskingFmt'
regexpOpt: regexp_pattern := 'regexpPattern', regexp_replacement := 'regexpReplacementChar', [, regexp_flags := 'regexpFlags']
Delete a masking target from a masking policy
pgx_alter_confidential_policy( commonArg, action := 'DROP_COLUMN', column_name := 'colName' )
Change the masking condition
pgx_alter_confidential_policy( commonArg, action := 'MODIFY_EXPRESSION', expression := 'expr' )
Change the content of a masking policy set for a masking target
pgx_alter_confidential_policy( commonArg, action := 'MODIFY_COLUMN', column_name := 'colName' [, function_type := 'FULL'] | [, function_type := 'PARTIAL', partialOpt] | [, function_type := 'REGEXP', regexpOpt] )
partialOpt: function_parameters := 'maskingFmt'
regexpOpt: regexp_pattern := 'regexpPattern', regexp_replacement := 'regexpReplacementChar', [, regexp_flags := 'regexpFlags']
Change the masking policy description
pgx_alter_confidential_policy( commonArg, action := 'SET_POLICY_DESCRIPTION', policy_description := 'policyDesc' )
Change the masking target description
pgx_alter_confidential_policy( commonArg, action := 'SET_COLUMN_DESCRIPTION', column_name := 'colName', column_description := 'colDesc' )
Argument
The argument varies depending on the content to be changed. Details are as follows.
Common arguments
Masking type for which an argument can be specified | Argument | Data type | Description | Default value |
|---|---|---|---|---|
All | schema_name | varchar(63) | Schema name of table for which a masking policy is applied | 'public' |
table_name | varchar(63) | Name of table for which a masking policy is applied | Mandatory | |
policy_name | varchar(63) | Masking policy name | Mandatory |
Add a masking target to a masking policy
Masking type for which an argument can be specified | Argument | Data type | Description | Default value |
|---|---|---|---|---|
All | action | varchar(63) | 'ADD_COLUMN' | 'ADD_COLUMN' |
column_name | varchar(63) | Masking target name | Mandatory | |
function_type | varchar(63) | Masking type
| 'FULL' | |
Partial masking | function_parameters | varchar(1024) | Masking format for partial masking | Mandatory |
Regular expression masking | regexp_pattern | varchar(1024) | Search pattern for regular expression masking | Mandatory |
regexp_replacement | varchar(1024) | Replacement character/string for regular expression masking | Mandatory | |
regexp_flags | varchar(20) | Regular expression flags | NULL |
Delete a masking target from a masking policy
Masking type for which an argument can be specified | Argument | Data type | Description | Default value |
|---|---|---|---|---|
All | action | varchar(63) | 'DROP_COLUMN' | Mandatory |
column_name | varchar(63) | Masking target name | Mandatory |
Change the masking condition
Masking type for which an argument can be specified | Argument | Data type | Description | Default value |
|---|---|---|---|---|
All | action | varchar(63) | 'MODIFY_EXPRESSION' | Mandatory |
expression | varchar(1024) | Masking condition to be changed | Mandatory |
Change the content of a masking policy set for a masking target
Masking type for which an argument can be specified | Argument | Data type | Description | Default value |
|---|---|---|---|---|
All | action | varchar(63) | 'MODIFY_COLUMN' | Mandatory |
column_name | varchar(63) | Masking target name | Mandatory | |
function_type | varchar(63) | Masking type
| 'FULL' | |
Partial masking | function_parameters | varchar(1024) | Masking format for partial masking | Mandatory |
Regular expression masking | regexp_pattern | varchar(1024) | Search pattern for regular expression masking | Mandatory |
regexp_replacement | varchar(1024) | Replacement character/string for regular expression masking | Mandatory | |
regexp_flags | varchar(20) | Regular expression flags | NULL |
Change the masking policy description
Masking type for which an argument can be specified | Argument | Data type | Description | Default value |
|---|---|---|---|---|
All | action | varchar(63) | 'SET_POLICY_DESCRIPTION' | Mandatory |
policy_description | varchar(1024) | Masking policy description | Mandatory |
Change the masking target description
Masking type for which an argument can be specified | Argument | Data type | Description | Default value |
|---|---|---|---|---|
All | action | varchar(63) | 'SET_COLUMN_DESCRIPTION' | Mandatory |
column_name | varchar(63) | Masking target name | Mandatory | |
column_description | varchar(1024) | Masking target description | Mandatory |
Details about whether arguments can be omitted are as follows.
Argument | Mandatory or optional | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|
ADD_COLUMN | DROP_COLUMN | MODIFY_EXPRESSION | MODIFY_COLUMN | SET_POLICY_DESCRIPTION | SET_COLUMN_DESCRIPTION | |||||
Full masking | Partial masking | Regular expression masking | Full masking | Partial masking | Regular expression masking | |||||
schema_name | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y |
table_name | N | N | N | N | N | N | N | N | N | N |
policy_name | N | N | N | N | N | N | N | N | N | N |
action | Y | Y | Y | N | N | N | N | N | N | N |
column_name | N | N | N | N | - | N | N | N | - | N |
function_type | Y | N | N | - | - | Y | N | N | - | - |
expression | - | - | - | - | N | - | - | - | - | - |
policy_description | - | - | - | - | - | - | - | - | N | - |
column_description | - | - | - | - | - | - | - | - | - | N |
function_parameters | - | N | - | - | - | - | N | - | - | - |
regexp_pattern | - | - | N | - | - | - | - | N | - | - |
regexp_replacement | - | - | N | - | - | - | - | N | - | - |
regexp_flags | - | - | Y | - | - | - | - | Y | - | - |
Y: Can be omitted; N: Cannot be omitted; -: Ignored when specified
Return value
Return value | Description |
|---|---|
TRUE | Ended normally |
FALSE | Ended abnormally |
Execution example 1
Adding masking policy p1 to masking target c2
postgres=# select pgx_alter_confidential_policy(table_name := 't1', policy_name := 'p1', action := 'ADD_COLUMN', column_name := 'c2', function_type := 'PARTIAL', function_parameters := 'VVVFVVVVFVVVV, VVV-VVVV-VVVV, *, 4, 11'); pgx_alter_confidential_policy -------------------------------- t (1 row)
Execution example 2
Deleting masking target c1 from masking policy p1
postgres=# select pgx_alter_confidential_policy(table_name := 't1', policy_name := 'p1', action := 'DROP_COLUMN', column_name := 'c1'); pgx_alter_confidential_policy -------------------------------- t (1 row)
Execution example 3
Changing the masking condition for masking policy p1
postgres=# select pgx_alter_confidential_policy(table_name := 't1', policy_name := 'p1', action := 'MODIFY_EXPRESSION', expression := 'false'); pgx_alter_confidential_policy -------------------------------- t (1 row)
Execution example 4
Changing the content of masking policy p1 set for masking target c2
postgres=# select pgx_alter_confidential_policy(table_name := 't1', policy_name := 'p1', action := 'MODIFY_COLUMN', column_name := 'c2', function_type := 'FULL'); pgx_alter_confidential_policy -------------------------------- t (1 row)
Execution example 5
Changing the description of masking policy p1
postgres=# select pgx_alter_confidential_policy(table_name := 't1', policy_name := 'p1', action := 'SET_POLICY_DESCRIPTION', policy_description := 'this policy is an example.'); pgx_alter_confidential_policy -------------------------------- t (1 row)
Execution example 6
Changing the description of masking target c2
postgres=# select pgx_alter_confidential_policy(table_name := 't1', policy_name := 'p1', action := 'SET_COLUMN_DESCRIPTION', column_name := 'c2', column_description := 'c2 column is FULL.'); pgx_alter_confidential_policy -------------------------------- t (1 row)
Description
The arguments for the pgx_alter_confidential_policy system management function can be specified in any order.
The action parameters below can be specified. When action parameters are omitted, ADD_COLUMN is applied.
Parameter | Description |
|---|---|
ADD_COLUMN | Adds a masking target to a masking policy. |
DROP_COLUMN | Deletes a masking target from a masking policy. |
MODIFY_EXPRESSION | Changes expression. |
MODIFY_COLUMN | Changes the content of a masking policy set for a masking target. |
SET_POLICY_DESCRIPTION | Changes policy_description. |
SET_COLUMN_DESCRIPTION | Changes column_description. |
The function_parameters argument is enabled when the function_type is PARTIAL. If the function_type is other than PARTIAL, it will be ignored.
The arguments below are enabled when the function_type is REGEXP. If the function_type is other than REGEXP, these arguments will be ignored.
regexp_pattern
regexp_replacement
regexp_flags
See
Refer to "String Constants" in the PostgreSQL Documentation for information on the strings to specify for arguments.
Refer to "POSIX Regular Expressions" in the PostgreSQL Documentation and check pattern, replacement, and flags for information on the values that can be specified for regexp_pattern, regexp_replacement, and regexp_flags.
