0 0
Read Time:2 Minute, 15 Second

During the last post we have seen the Masking Policies remains intact while Cloning and Sharing to the same account (Cloning) or different account (Sharing to Reader Account). In this final part of series we will see how the  Masking Policy works when we replicate the entire Database to the Same Region but with different Account or replication to the new Region.

We will consider the same Employee table where masking is define on SSN and Phone Number and will replicate the entire Database i.e. DEMO_DB. Moreover, We will use the ORGADMIN role to enable Replication feature in Snowflake.

LOGIN to the Primary Account and Enable the Replication:

grant role ORGADMIN to user sachinsnowpro

use role ORGADMIN ;

Replication to Same region:

Create new Account inside the Same region:

CREATE ACCOUNT target_Accnt

ADMIN_NAME = sachinreplicate

ADMIN_PASSWORD = ‘xxxxxx’

EMAIL = ‘sachin.mittal04@gmail.com’

EDITION = ENTERPRISE

Replication in Same Region

alter database DEMO_DB enable replication to accounts aws_us_east_1.XCA53150;

LOGIN to the Replicated Account:

Firstly, Create the Replicated database available inside the Primary Account and refresh the DB.

Replicated Same Region

Secondly and most importantly ,Query on the Employee table in New Account and still data is mask and we can not see the Original value.

Replicated Account Query

Replication to New region:

Replication to New region:

Create new Account inside the new region:

Replicated New Region

alter database DEMO_DB enable replication to accounts AWS_US_WEST_2.VOA25795;

LOGIN to the Replicated Account:

Verify the Region Name: We can clearly see we are into the new Region.

New Region Account

Create the Replicated database available inside the Primary Account and refresh the DB.

New Region Replicated DB

Above all, Even the database is replicated to the new Region ,Masking policies remain SET to the table and we can not see the Original value in table.

In conclusion: Masking policies are replicated to the secondary or shared database.

However, replication operation is blocked if either of the following use cases is true:

  • The primary database is in an Enterprise (or higher) account and contains a policy but one or more of the accounts approved for replication are on lower editions.
  • A policy contained in the primary database has a reference to a policy in another database.

We will discuss the technical implementation of Replication in great details in another post.

About Post Author

Sachin Mittal

sachin.mittal04@gmail.com
https://cloudyard.in
Happy
0 %
Sad
0 %
Excited
0 %
Sleepy
0 %
Angry
0 %
Surprise
0 %

Related articles

Aggregation Policy in Snowflake
Snowflake Admin

Aggregation Policy in Snowflake

By Sachin Mittal
SHARE Restrictions in Snowflake
Snowflake Admin

SHARE Restrictions in Snowflake

By Sachin Mittal
Data Sharing with Listing in snowflake
Snowflake Admin

Data Sharing with Listing in snowflake

By Sachin Mittal
Execute Immediate From Stage
Snowflake Admin

Execute Immediate From Stage

By Sachin Mittal
Schema Evolution with CSV
Snowflake Admin

Schema Evolution with CSV

By Sachin Mittal

Average Rating

5 Star
0%
4 Star
0%
3 Star
0%
2 Star
0%
1 Star
0%
(Add your review)

Leave a Reply

Your email address will not be published. Required fields are marked *

Search
Social profiles

Aggregation Policy in Snowflake

Dynamic Merge in Snowflake

Credit Consumption Notification by Role

Identifying Table Types Within a Session

Customer Segmentation with Snowpark

Keeping an Eye on Your Snowflake Warehouse: Automated Monitoring and Email Alerts

Exploring Books with Snowpark and Streamlit

Automating Dynamic Table Creation with Event Logging