Files
Rodrigo db3d68af10
Some checks failed
Repo Quality / structure (push) Has been cancelled
Terraform Validate / validate (push) Has been cancelled
Improve Deep Data Security lab scenarios
2026-05-13 16:13:04 -03:00

9 lines
601 B
Markdown
Executable File

# Expected Results
- Before DDS enforcement, `alice` can run the broad high-risk customer query through the intentionally overprivileged legacy role.
- Before DDS enforcement, sensitive columns such as `tax_id` and `annual_revenue` may be exposed to Alice.
- After DDS enforcement, `alice` sees only LATAM customer fields authorized for the sales role.
- After DDS enforcement, `bruno` sees LATAM customers and `tax_id` as `NULL`.
- After DDS enforcement, `carla` sees global rows and sensitive columns.
- The same broad SQL returns different results after database-enforced data grants are applied.