SVV_RLS_APPLIED_POLICY - Amazon Redshift
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

SVV_RLS_APPLIED_POLICY

Use SVV_RLS_APPLIED_POLICY to trace the application of RLS policies on queries that reference RLS-protected relations.

SVV_RLS_APPLIED_POLICY is visible to the following users:

  • Superusers

  • Users with the sys:operator role

  • Users with the ACCESS SYSTEM TABLE permission

Note that sys:secadmin isn't granted this system permission.

Table columns

Column name Data type Description
username text The name of the user that ran the query.
query integer The ID of the query.
xid long The context of the transaction.
pid integer The leader process running the query.
recordtime time The time when the query was recorded.
command char(1) The command for which the RLS policy was applied. Possible values are k for unknown, s for select, u for update, i for insert, y for utility, and d for delete.
datname text The name of the database of the relation to which the row-level security policy is attached.
relschema text The name of the schema of the relation to which the row-level security policy is attached.
relname text The name of the relation to which the row-level security policy is attached.
polname text The name of the row-level security policy that is attached to the relation.
poldefault char(1) The default setting of the row-level security policy that is attached to the relation. Possible vaules are f for false if the default false policy has been applied and t for true if the default true policy has been applied.

Sample query

The following example displays the result of the SVV_RLS_APPLIED_POLICY. To query the SVV_RLS_APPLIED_POLICY, you must have the ACCESS SYSTEM TABLE permission.

-- Check what RLS policies were applied to the run query. SELECT username, command, datname, relschema, relname, polname, poldefault FROM svv_rls_applied_policy WHERE datname = CURRENT_DATABASE() AND query = PG_LAST_QUERY_ID(); username | command | datname | relschema | relname | polname | poldefault ----------+---------+-----------+-----------+--------------------------+-----------------+------------ molly | s | tickit_db | public | tickit_category_redshift | policy_concerts |