Access Control with AWS

Say, I have connected to Dremio from AWS S3. Please find my questions below related to Access control:

  1. I have an huge file stored in S3 which will have n number of parameters with its values in it stored as json/parquet.
    I wanted to restrict users to access only few subset of parameter information/data from my file. Example, if my file has 1000 parameters, one group should see only 100 parameter information related to a particular attribute and other group should see only other set of 100 parameters from the same file in S3. How do I do that in Dremio - only way is to create virtual datasets for each group and grant access to VDS accordingly?

  2. (Followed by question 1)How do I do parameter level of access control in Dremio?

  3. I read that, Dremio supports n no. of inbuilt API’s to provide it to the endusers. If I wanted to expose the data to endusers through API provided by Dremio, how does the access control work? Do we fully rely on access control with Dremio only? Or does the access control go via API Proxy? Please explain in context with data from AWS S3 -through Dremio -through API - where the parameter level access control takes place?

  4. If I connect Dremio with any BI tool using ODBC/JDBC connectors - how the access control works?

  5. What are the possible ways for endusers to access the data from Dremio apart from above said options?

  6. Pay per use offering in AWS - limitations with respect to capabilities.

Many thanks in advance!