We are developing an internal API that allows users to download a VDS stored in Dremio Enterprise (without the user being aware of and connecting to Dremio).
We need to provide row/column level security for a given user who has requested access to a VDS. Currently, there is a service account which has full permissions on the VDS, however, we need to pass in the “query_user()” property to Dremio via ODBC to ensure the data returned respects the row/column level security of the end user.
The query job will still need to be run by the ‘service account’ however the query needs to be able to impersonate a user such as “JohnSmith001” to ensure the data is returned based on JohnSmith001 permissions.
Is this possible? For example:
EXECUTE AS [JohnSmith001]
Select * From [schema].[myVDS]