system.masking_policies
Description
Contains information about all masking policies defined in the system.
Masking policies can only be created and applied in ClickHouse Cloud. In open-source builds the system.masking_policies table is always empty, but it is still present so that introspection queries such as SHOW MASKING POLICIES work and return an empty result instead of throwing.
Columns
name(String) — Name of a masking policy.short_name(String) — Short name of a masking policy. Names of masking policies are compound, for example: mask_email ON mydb.mytable. Here 'mask_email ON mydb.mytable' is the name of the masking policy, and 'mask_email' is its short name.database(String) — Database name.table(String) — Table name.id(UUID) — Masking policy ID.storage(String) — Name of the directory where the masking policy is stored.update_assignments(Nullable(String)) — UPDATE assignments that define how data should be masked, for example: email = 'masked', phone = '--****'. NULL if not set.where_condition(Nullable(String)) — Optional condition selecting the rows the mask is applied to. NULL if not set.priority(Int64) — Priority of the masking policy. Policies with higher priority are applied first.apply_to_all(UInt8) — Shows that the masking policy is set for all roles and/or users.apply_to_list(Array(String)) — List of the roles and/or users to which the masking policy is applied.apply_to_except(Array(String)) — The masking policy is applied to all roles and/or users except the listed ones.