pgx_get_attribute_of_objects(confidential_matrix_name varchar)

setof record

Returns a table of attributes defined in the confidentiality matrix and attributes actually set in the database for all confidentiality objects registered in the specified confidentiality matrix. Refer to "Tables returned by pgx_get_attribute_of_objects" for the table format.

Only confidentiality management role for the specified confidentiality matrix can execute this function.

pgx_get_attribute_of_roles(confidential_matrix_name varchar)

setof record

Returns a table of attributes defined in the confidentiality matrix and attributes actually set in the system catalog for all roles registered in the specified confidentiality matrix. Refer to "Table returned by pgx_get_attribute_of_roles" for the format of the table.

Only confidentiality management role for the specified confidentiality matrix can execute this function.

pgx_get_privileges_on_level_and_group(confidential_matrix_name varchar, confidential_level_name varchar, confidential_group_name varchar)

setof record

Returns a table that allows you to compare the following for combinations of confidentiality objects registered in the specified confidentiality level and roles registered in the specified confidentiality group.
Refer to "Table returned by pgx_get_privileges_on_level_and_group" for the format of the table.

• Privileges specified by the confidentiality privilege settings that should be granted to the specified role

• Privileges granted in the actual system catalog

Only confidentiality management role for the specified confidentiality matrix can execute this function.

pgx_get_privileges_on_object(confidential_matrix_name varchar, object_name json)

setof record

Returns a table that allows you to compare the following for the specified confidentiality objects. Refer to "Table returned by pgx_get_privileges_on_object" for the format of the table.

• Privileges dictated by confidentiality privilege settings that should be granted to all roles

• Privileges granted in the actual system catalog

Only confidentiality management role for the specified confidentiality matrix can execute this function.

pgx_get_privileges_on_role(confidential_matrix_name varchar, role_name json)

setof record

Returns a table that allows you to compare the following for the all confidentiality objects. Refer to "Table returned by pgx_get_privileges_on_role" for the format of the table.

• Privileges specified by the confidentiality privilege settings that should be granted to the specified role

• Privileges granted in the actual system catalog

Only confidentiality management role for the specified confidentiality matrix can execute this function.

pgx_get_privileges_on_matrix(confidential_matrix_name varchar)

setof record

Returns a table that allows you to compare the following for the all confidentiality objects in the specified confidentiality matrix. Refer to "Table returned by pgx_get_privileges_on_matrix" for the format of the table.

• Privileges defined by confidentiality privilege settings that should be granted to all roles registered in the confidentiality matrix.

• Privileges granted in the actual system catalog

Only confidentiality management role for the specified confidentiality matrix can execute this function.

matrix_name

varchar(63)

Confidentiality matrix name

confidential_level_name

varchar(63)

Confidentiality level name

object_type

text

Confidentiality object type

object_schema

name

Confidentiality object schema name

object_table

name

Confidentiality object table name

object_name

text

Confidentiality object name

rowset_expression

json

Conditional expression when the confidentiality object is a row

encrypt_on_matrix

text

Encryption method and strength specified in the confidentiality matrix

encrypt_on_object

text

Actual encryption method and strength of confidentiality objects

matrix_name

varchar(63)

Confidentiality matrix name

confidential_group_name

varchar(63)

Confidentiality group name

role_name

name

Role name

confidential_group_role

bool

Indicates whether it is a confidentiality group role or not. true if it is a confidentiality group role

superuser_on_matrix

bool

SUPERUSER attribute specified in the confidentiality matrix

superuser_on_role

bool

Actual SUPERUSER attribute of the role

createdb_on_matrix

bool

CREATEDB attribute specified in the confidentiality matrix

createdb_on_role

bool

Actual CREATEDB attribute of the role

createrole_on_matrix

bool

CREATEROLE attribute specified in the confidentia matrix

createrole_on_role

bool

Actual CREATEROLE attribute of the role

replication_on_matrix

bool

REPLICATION attribute specified in the confidentia matrix

replication_on_role

bool

Actual REPLICATION attribute of the role

bypassrls_on_matrix

bool

BYPASSRLS attribute specified in the confidentia matrix

bypassrls_on_role

bool

Actual BYPASSRLS attribute of the role

matrix_name

varchar(63)

Confidentiality matrix name

confidential_level_name

varchar(63)

Confidentiality level name

confidential_group_name

varchar(63)

Confidentiality group name

object_type

text

Confidentiality object type

object_scheme

name

Confidentiality object schema name

object_table

name

Confidentiality object table name

object_name

text

Confidentiality object name

role_name

name

Role name

privilege_list_on_matrix

text[]

Privileges specified by the confidentiality matrix settings. Output is separated by commas

privilege_list_on_object

text[]

Privileges specified by the confidentiality matrix settings. Output is separated by commas

policy_name

name

NULL if the confidentiality object is not of type rowset

In the case of rowset type, rowset name (*1)

policy_setting_on_matrix

jsonb

NULL if the confidentiality object is not of type rowset

In the case of rowset type, the rowset policy information set in the confidentiality matrix (*1)

policy_setting_on_policy

jsonb

NULL if the confidentiality object is not of type rowset

In case of rowset type, row policy information set in the actual policy (*1)