sql,security: support row level security

[eiDear]

Support more fine-grained security control，such as row-level security. Different users/roles can view different rows of table.
An example is Rows Security Policies about PostgreSQL

MVP

• sql: Add RLS SQL Grammar #136692
• sql: Add RLS feature gate #136693
• sql/schemachanger: Implement CREATE/DROP POLICY in the DSC #136696
• sql: Apply USING expression for up to one RLS policy #136717
• sql: Apply WITH CHECK expression for up to one RLS policy #136704
• sql: Include policy information in explain output #138824
• sql: Verify role applicability for RLS policies #138844
• sql: Support TRUNCATE against a table with a RLS policy #136758
• sql: Block IMPORT statements for RLS tables #136807
• sql: Skip RLS policies when table is access for FK relationship and unique/PK constraints #136747
• sql: Block CDC queries on RLS-enabled tables #139447
• sql: Capture RLS information for support escalations #139329
• sql/schemachanger: Add ALTER TABLE ... ROW LEVEL SECURITY in the DSC #136700
• sql: Add SHOW POLICIES #136757
• workload: Add RLS statements to the schema changer workload #137120
• workload: Add RLS DDL to the DRT cluster #138831
• sql: Remove feature gate and document RLS SQL grammar #137122
• sql: SHOW CREATE TABLE to include the table's RLS policies #136753
• sql: Implement the pg_policy vtable #136702
• sql: Enforce RLS policies for UPSERT / INSERT ... ON CONFLICT #141998
• sql: Allow multiple RLS policies to be applied #136742
• sql/delegate: row level security statements incorrectly stored in crdb_internal.create_statements #141932
• sql: only table owner should be allowed to change RLS attributes of a table #143080
• sql: ensure WITH CHECK expressions in RLS handle NULLs like postgres #143125

Post-MVP

• sql: \d command to include RLS policies #138825
• sql: Add 'IF NOT EXISTS' option to CREATE POLICY DDL #138835
• sql: Additional audit logging for queries when RLS is enabled #139019
• sql: Allow BYPASSRLS|NOBYPASSRLS options to be used with roles #136910
• sql/schemachanger: Add ALTER POLICY .. RENAME in the DSC #136996
• sql/schemachanger: Add ALTER POLICY .. {TO|USING|WITH CHECK} in the DSC #136997
• sql/parser: Support CURRENT_ROLE in RLS statements #137124
• sql: support row_security client connection parameter #138916
• sql: Subexpression support within RLS expressions #138917
• sql: Support security_invoker and security_barrier attributes for VIEWs #138918
• sql: Support CDC queries on RLS-enabled tables #142171

Epic CRDB-11724

Jira issue: CRDB-11657

[blathers-crl]

Hello, I am Blathers. I am here to help you get the issue triaged.

It looks like you have not filled out the issue in the format of any of our templates. To best assist you, we advise you to use one of these templates.

I was unable to automatically find someone to ping.

If we have not gotten back to your issue within a few business days, you can try the following:

• Join our community slack channel and ask on #cockroachdb.
• Try find someone from here if you know they worked closely on the area and CC them.

_{🦉 Hoot! I am a Blathers, a bot for CockroachDB. My owner is otan.}

[rafiss]

Thanks for this request! We hope to get to this in a future release, but don't have a definite timeline right now.

[danthegoodman1]

Any update on timeline?

[clibequilibrium]

Joining the topic as well

[recanman]

Bumping this issue as it is currently inhibiting me from efficiency isolating tenant data without having to create separate schemas. RLS is a very nice feature of Postgres and it would be great if CockroachDB could implement it as well.

[Perusae]

For a system designed around multi-tenant workflows, it is astonishing to see this absence of row-level isolation. Combining it with AI, which assumes PostgreSQL compatibility (wire protocol, but the rest is mix of partially implemented features), only for the end user to hit into wall after wall. The day that PostgreSQL implements proper distribution, is the day that CRDB sales will drop.

[dikshant]

RLS is being actively worked on and we are targeting 25.2 (May) for a release.