White Paper: Just-in-Time Database Access Best Practices for Enterprises

Masking Exemption

Masking precedence: Masking Exemption > Global Masking Rule > Column Masking.

Certain roles can grant masking exemption to the users to access the unmasked data:

  • Built-in roles: Workspace Admin, DBA, Project Owner.
  • Custom roles: bb.policies.create, bb.policies.update, bb.policies.delete.

To grant masking exemption:

  1. Go to the project, click Manage > Masking Exemptions.

  2. Click Grant Exemption. You can grant either Export or Query exemption.

  3. Select the user/groups and the database/table, and click Confirm.

    bb-grant-exemption

Edit this page on GitHub

Subscribe to Newsletter

By subscribing, you agree with Bytebase's Terms of Service and Privacy Policy.