Files
Rodrigo db3d68af10
Some checks failed
Repo Quality / structure (push) Has been cancelled
Terraform Validate / validate (push) Has been cancelled
Improve Deep Data Security lab scenarios
2026-05-13 16:13:04 -03:00

601 B
Executable File

Expected Results

  • Before DDS enforcement, alice can run the broad high-risk customer query through the intentionally overprivileged legacy role.
  • Before DDS enforcement, sensitive columns such as tax_id and annual_revenue may be exposed to Alice.
  • After DDS enforcement, alice sees only LATAM customer fields authorized for the sales role.
  • After DDS enforcement, bruno sees LATAM customers and tax_id as NULL.
  • After DDS enforcement, carla sees global rows and sensitive columns.
  • The same broad SQL returns different results after database-enforced data grants are applied.