Note
This view is introduced in V4.3.5 BP3.
Purpose
Displays the definitions and attributes of all sensitive rules in all tenants.
Columns
| Column | Type | Nullable? | Description |
|---|---|---|---|
| TENANT_ID | int(20) | NO | Tenant ID. |
| RULE_NAME | varchar(256) | NO | Name of the sensitive rule. |
| PROTECTION_POLICY | varchar(16) | NO | Protection strategy. Valid values: ENCRYPTION, MASKING, and INVALID. ENCRYPTION indicates encryption protection, MASKING indicates mask protection, and INVALID indicates invalid. |
| METHOD | varchar(4096) | NO | The encryption method. Valid values are described in the following table. |
| ENABLED | varchar(3) | NO | Indicates whether the rule is enabled. Valid values: YES and NO. YES indicates that the rule is enabled, and NO indicates that it is disabled. |
The following table describes the values of METHOD.
| Value (in SQL syntax) | Actual encryption algorithm | Key length | Mode | Description |
|---|---|---|---|---|
| aes-256 | AES-256-ECB | 256 bits | ECB | The default algorithm |
| aes-128 | AES-128-ECB | 128 bits | ECB | Good compatibility |
| aes-192 | AES-192-ECB | 192 bits | ECB | Medium security level |
| aes-128-gcm | AES-128-GCM | 128 bits | GCM | Provides authenticated encryption |
| aes-256-gcm | AES-256-GCM | 256 bits | GCM | High security level, provides authenticated encryption |
| sm4-cbc | SM4-CBC | CBC | High security level | |
| sm4-GCM | SM4-GCM | GCM | High security level |
Sample query
Query the definitions and attributes of all sensitive rules in all tenants.
obclient [oceanbase]> SELECT * FROM oceanbase.CDB_OB_SENSITIVE_RULES;
The query result is as follows:
+-----------+-----------+-------------------+---------+---------+
| TENANT_ID | RULE_NAME | PROTECTION_POLICY | METHOD | ENABLED |
+-----------+-----------+-------------------+---------+---------+
| 1 | r1 | ENCRYPTION | aes-256 | YES |
+-----------+-----------+-------------------+---------+---------+
1 row in set