Skip to content

Commit aa4d6db

Browse files
VanMSFTVanMSFT
authored
Apply suggestions from code review
1 parent 90b9da7 commit aa4d6db

1 file changed

Lines changed: 6 additions & 4 deletions

File tree

docs/relational-databases/security/dynamic-data-masking.md

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -140,11 +140,13 @@ It's important to properly manage the permissions on the database, and to always
140140

141141
Starting with [!INCLUDE [sssql22-md](../../includes/sssql22-md.md)], you can prevent unauthorized access to sensitive data and gain control by masking it to an unauthorized user at different levels of the database. You can grant or revoke **UNMASK** permission at the database-level, schema-level, table-level or at the column-level to a user, database role, Microsoft Entra identity, or Microsoft Entra group. This enhancement provides a more granular way to control and limit unauthorized access to data stored in the database and improve data security management.
142142

143-
## Dynamic Data Masking in Fabric SQL Database
143+
## Dynamic data masking in Fabric SQL database
144144

145-
Dynamic Data Masking (DDM) is supported in SQL Database in Microsoft Fabric. The Dynamic Data Masking functionality in Fabric SQL Database is consistent with SQL Database.
146-
When validating Dynamic Data Masking in Fabric SQL Database, the EXECUTE AS USER clause is not supported. To test masking behavior, connect as a different user who does not have the UNMASK permission and verify that the masked data is returned as expected.
147-
Dynamic Data Masking configuration in Fabric SQL Database is supported only through T‑SQL. Masking functions must be defined explicitly on table columns using T‑SQL statements.
145+
Dynamic data masking is supported in SQL database in Microsoft Fabric. DDM functionality in Fabric SQL database is consistent with Azure SQL Database.
146+
147+
The `EXECUTE AS USER` clause isn't supported in Fabric SQL database. To test masking behavior, connect as a different user who doesn't have the **UNMASK** permission, and verify that the masked data returns as expected.
148+
149+
You can only configure dynamic data masking in Fabric SQL database through [!INCLUDE [tsql](../../includes/tsql-md.md)]. Define masking functions explicitly on table columns using [!INCLUDE [tsql](../../includes/tsql-md.md)] statements.
148150

149151
## Examples
150152

0 commit comments

Comments
 (0)