Prev Next

Database / Snowflake Interview Questions

What is column-level security in Snowflake (Dynamic Data Masking and Column-level Security policies)?

Column-level security in Snowflake is implemented through Dynamic Data Masking (DDM) policies. A masking policy defines a SQL expression — typically a CASE statement on CURRENT_ROLE() or IS_ROLE_IN_SESSION() — that returns either the real column value or a masked substitute depending on who is querying. The masking is applied at query runtime; the original data is always stored unmasked in storage.

Key properties: the same policy can be applied to many columns; the policy can be changed or replaced without touching the table DDL; a privileged role always sees the real value; less-privileged roles see a masked version (e.g., ****, NULL, a truncated value, or a hash). Policy application is transparent to the user — their SQL is unchanged, they simply receive different output.

A Conditional Masking Policy can additionally inspect other column values in the same row when deciding how to mask (e.g., only mask the SSN column if the is_pii flag is true). This makes the policies context-sensitive.

-- Create a masking policy that hides emails from non-privileged roles
CREATE MASKING POLICY email_mask AS (val STRING) RETURNS STRING ->
  CASE
    WHEN IS_ROLE_IN_SESSION('PII_VIEWER') THEN val
    ELSE REGEXP_REPLACE(val, '.+@', '****@')
  END;

-- Apply the policy to the email column
ALTER TABLE customers
  MODIFY COLUMN email
  SET MASKING POLICY email_mask;

-- Analyst (no PII_VIEWER role) sees: ****@example.com
-- PII_VIEWER role sees: alice@example.com
At what point does Snowflake's Dynamic Data Masking apply the masking expression to column data?
Which SQL command attaches an existing masking policy to a specific table column?

Invest now in Acorns!!! 🚀 Join Acorns and get your $5 bonus!

Invest now in Acorns!!! 🚀
Join Acorns and get your $5 bonus!

Earn passively and while sleeping

Acorns is a micro-investing app that automatically invests your "spare change" from daily purchases into diversified, expert-built portfolios of ETFs. It is designed for beginners, allowing you to start investing with as little as $5. The service automates saving and investing. Disclosure: I may receive a referral bonus.

Invest now!!! Get Free equity stock (US, UK only)!

Use Robinhood app to invest in stocks. It is safe and secure. Use the Referral link to claim your free stock when you sign up!.

The Robinhood app makes it easy to trade stocks, crypto and more.

Webull! Receive free stock by signing up using the link: Webull signup.

More Related questions...

What is Snowflake and how does its multi-cluster, shared-data architecture differ from traditional data warehouses? What are the three layers of Snowflake's architecture (Storage, Compute, Cloud Services) and what does each do? What is a Virtual Warehouse in Snowflake and how does it scale independently of storage? What is the difference between Snowflake's columnar storage and row-based storage in traditional RDBMS? What is the Snowflake Cloud Services layer and what components does it manage? What are micro-partitions in Snowflake and how do they enable automatic data clustering? What is data clustering in Snowflake and when should you define a clustering key? What is the difference between Snowflake Standard, Enterprise, Business Critical, and Virtual Private Snowflake edition? How does Snowflake handle multi-cloud deployment and cross-cloud replication? What is Snowflake's separation of compute from storage and what billing advantages does it provide? What are the stages in Snowflake (internal vs external) and how do you use them for data loading? How does the COPY INTO command work and what file formats does it support? What is Snowpipe and how does it enable continuous / serverless data ingestion? What is the difference between bulk loading with COPY INTO and micro-batch loading with Snowpipe? How does Snowflake handle semi-structured data (JSON, Avro, Parquet, ORC) with the VARIANT type? What are Snowflake Dynamic Tables and how do they differ from regular tables and views? What is Time Travel in Snowflake and how does it work (retention period, UNDROP, AT/BEFORE)? What is Fail-safe in Snowflake and how does it differ from Time Travel? What is the Snowflake Query Profile and how do you use it to diagnose slow queries? What is result caching in Snowflake and under what conditions does it apply? What is the metadata cache (Cloud Services layer cache) and how does it speed up queries? What is a clustering key and how does it reduce partition pruning cost for large tables? What are Snowflake Materialized Views and when should you use them over regular views? What is the difference between a Snowflake View, Materialized View, and Dynamic Table? How do you optimize query performance in Snowflake (warehouse sizing, clustering, pruning, result cache)? What are Snowflake Streams and how do they implement Change Data Capture (CDC)? What are Snowflake Tasks and how do you schedule SQL transformations with them? How does Snowflake implement Role-Based Access Control (RBAC) and what are the system-defined roles? What is column-level security in Snowflake (Dynamic Data Masking and Column-level Security policies)? What is Row Access Policy in Snowflake and how does it implement row-level security? How does Snowflake encrypt data at rest and in transit? What is Snowflake's Tri-Secret Secure model and when is it used? What are Snowflake Object Tags and Data Classification and how do they support governance? What is the Snowflake Access History feature and how does it support audit and compliance? What is Snowflake Secure Data Sharing and how does it work without copying data? What is the Snowflake Data Marketplace and what types of data products are available? What are Snowflake Data Clean Rooms and what privacy problems do they solve? What is Snowpark and how does it allow Python/Java/Scala code to run inside Snowflake? What are Snowflake Native Apps and how does the Native App Framework work? What are Snowflake External Tables and when would you use them over internal tables? What is Snowflake's multi-cluster warehouse and how does it handle concurrency auto-scaling? What is Resource Monitor in Snowflake and how do you use it to control credit consumption? How does Snowflake support ELT patterns and how does it compare to ETL? What are common Snowflake anti-patterns and performance pitfalls to avoid? How does Snowflake compare to BigQuery and Redshift in architecture and pricing model?
Show more question and Answers...

CouchDB Interview Questions

Comments & Discussions

Interviews Questions

About Javapedia.net

Javapedia.net is for Java and J2EE developers, technologist and college students who prepare of interview. Also this site includes many practical examples.

This site is developed using J2EE technologies by Steve Antony, a senior Developer/lead at one of the logistics based company.

contact: javatutorials2016[at]gmail[dot]com

Kindly consider donating for maintaining this website. Thanks.

Copyright © 2026, javapedia.net, all rights reserved. privacy policy.

DMCA.com Protection Status