AcademyCustomer Portal

Data Access Audit

Overview

The Data Access Audit tab provides a detailed log of all actions performed within the Data Access Management module for Redshift. It captures every change related to users, roles, groups, permissions, and metadata objects, ensuring clear visibility into access-related activities.

Each audit entry logs who performed the action, what was modified, when the change occurred, and the origin of the update. This supports traceability for compliance, governance, and operational accountability.

Audit data is available across multiple levels, including users, roles, groups, and metadata entities such as databases, schemas, tables, and columns.

Instance-Level Audit

  • Date: Timestamp of the action

  • Audit User: The User who performed the action

  • Action: Performed action (e.g., Add, Edit, Delete)

  • Description: Summary of the change

Connector-Level Audit

  • Date: Timestamp of the action

  • Audit User: The User who performed the action

  • Connection Name: Name of the connector involved

  • Action: Performed action

  • Description: Summary of the change

Roles-Level Audit

  • Date: Displays when the role-related action occurred.

  • Role: Shows the name of the role impacted.

  • Audit User: Identifies the user who performed the action.

  • Action: Indicates the type of change made to the role.

  • Source: Specifies the origin system where the change occurred.

  • Description: Provides additional details about the role change.

Groups-Level Audit

  • Date: Indicates when the group-related action was performed.

  • Group: Displays the name of the Redshift group affected by the change.

  • Audit User: Identifies the user who executed the action on the group.

  • Action: Describes the operation performed, such as group creation, update, or deletion.

  • Source: Specifies the origin system where the change occurred.

  • Description: Provides context or additional information about the group-related change.

Users-Level Audit

  • Date: Displays the timestamp when the user-related action occurred.

  • User ID: Shows the unique identifier or username of the Redshift user involved in the change.

  • Audit User: Identifies the user who performed the action on the Redshift user account.

  • Action: Describes the type of change made.

  • Source: Specifies the origin system or connector where the user action was recorded.

  • Description: Provides additional details or context about the user-related change.

Database Permissions-Level Audit

  • Date: Indicates the date and time when the database-level permission change was recorded.

  • Connector: Shows the Redshift connector through which the permission update was performed or detected.

  • Database: Displays the name of the Redshift database where the permission change occurred.

  • Roles/Groups/Users: Lists the roles, groups, or users affected by the database permission update.

  • Privileges: Specifies the privileges (e.g., CONNECT, TEMP) that were granted or revoked on the database.

  • Audit User: Identifies the user who carried out the permission change.

  • Action: Describes the nature of the permission change, such as grant or revoke.

  • Source: Refers to the system or connector that initiated or recorded the change.

  • Description: Provides a summary or context for the database-level permission modification.

Schema Permissions-Level Audit

  • Date: Shows the date and time when the schema-level permission change was executed.

  • Connector: Indicates the Redshift connector through which the schema permission update was captured.

  • Schema: Displays the name of the schema where access permissions were modified.

  • Roles/Groups/Users: Lists the roles, groups, or users assigned or revoked access to the schema.

  • Privileges: Specifies the exact privileges (e.g., USAGE, CREATE) granted or removed at the schema level.

  • Audit User: Identifies the user who performed the schema permission change.

  • Action: Describes the action taken, such as grant or revoke.

  • Source: Refers to the origin system responsible for the change.

  • Description: Provides additional details or context regarding the schema-level permission update.

Table Permissions-Level Audit

  • Date: Indicates when the table-level permission change took place.

  • Connector: Specifies the Redshift connector through which the permission update was captured.

  • Schema: Displays the schema that contains the affected table.

  • Table: Shows the name of the table whose permissions were modified.

  • Roles/Groups/Users: Lists the roles, groups, or users associated with the table permissions.

  • Privileges: Details the specific access rights (e.g., SELECT, INSERT) granted or revoked on the table.

  • Audit User: Identifies the user who made the table permission changes.

  • Action: Describes the nature of the change, such as permission grant or removal.

  • Source: Indicates the system from which the permission change originated.

  • Description: Provides additional context or summary about the table-level permission modification.

Table Column Permissions-Level Audit

  • Date: Indicates the date and time when the column-level permission change occurred.

  • Connector: Shows the Redshift connector involved in the permission update.

  • Schema: Displays the schema that contains the affected table column.

  • Table: Identifies the name of the table that includes the specified column.

  • Column: Specifies the name of the column for which permissions were granted or revoked.

  • Roles/Groups/Users: Lists the roles, groups, or users to whom the column permissions apply.

  • Privileges: Details the specific access rights assigned to the column.

  • Audit User: Identifies the user who performed the permission change.

  • Action: Describes the type of operation performed, such as grant or revoke.

  • Source: Specifies the origin system where the change was made.

  • Description: Offers a summary or context of the column-level permission change.

Masking Policies-Level Audit

  • Date: Shows the date and time when the masking policy was created, modified, or applied.

  • Connector: Indicates the Redshift connector from which the masking policy was sourced or updated.

  • Database: Displays the database in Redshift where the masking policy is defined or enforced.

  • Policy Name: Identifies the name of the masking policy used to control data obfuscation.

  • Policy SQL: Contains the SQL expression or logic used to implement the data masking rule.

  • Audit User: Specifies the user who made changes to the masking policy.

  • Action: Describes the operation performed, such as create, update, or delete.

  • Source: Refers to the origin system or application responsible for the change.

  • Description: Provides additional context or explanation about the masking policy update or association.

Row Access Policies-Level Audit

  • Date: Displays the timestamp when the row access policy was created, updated, or associated.

  • Connector: Indicates the specific Redshift connector from which the row access policy was sourced or modified.

  • Database: Shows the name of the Redshift database where the row access policy is defined or applied.

  • Policy Name: Identifies the name assigned to the row access policy within Redshift.

  • Policy SQL: Contains the SQL logic that defines the conditions for row-level data access.

  • Audit User: Specifies the user who performed the action involving the row access policy.

  • Action: Describes the type of change made, such as creation, modification, or deletion of the policy.

  • Source: Indicates the origin system or application responsible for the policy update.

  • Description: Provides additional context or explanation about the row access policy change.

Masking Policies Associations-Level Audit

The Masking Policies Associations tab displays a record of masking policy associations and updates applied within Redshift. It helps track policy enforcement across metadata objects and supports auditing and governance efforts.

  • Date: Shows when the masking policy was associated or last updated.

  • Connector: Shows the connector used for the policy association.

  • Database: Indicates the database to which the object is affected by the masking policy.

  • Object Type: Specifies the type of metadata object linked to the policy.

  • Object: Displays the name of the object with the applied masking policy.

  • Policy Name: Shows the name of the masking policy associated with the object.

  • Audit User: Identifies the user who performed the action.

  • Action: Indicates the nature of the change.

  • Source: Specifies the origin system where the change occurred.

  • Description: Provides details about the masking policy association.

Row Access Policies Associations-Level Audit

  • Date: Displays the date of the row access policy association or change.

  • Connector: Indicates the connector involved in the change.

  • Database: Shows the database where the table resides.

  • Table: Displays the name of the table associated with the row access policy.

  • Row Access Policy: Shows the name of the associated row access policy.

  • Audit User: Identifies the user who performed the action.

  • Action: Describes the operation performed.

  • Source: Specifies the origin of the change.

  • Description: Provides additional context about the row access policy association.

Copyright © 2025, OvalEdge LLC, Peachtree Corners GA USA

PreviousData Access ManagementNextData Access Reports

Last updated

Was this helpful?