A Projection Policy is a Snowflake data governance feature that controls whether a specific column of a table can be projected (output) in a SELECT list at all. While a Masking Policy transforms the data value and returns it, a Projection Policy allows or forbids the output of the column itself. Trying to SELECT a forbidden column causes the query to fail with an error, so you can completely remove even the existence of a sensitive column from query results. It is available in Enterprise Edition or higher.
| Comparison | Masking Policy | Projection Policy |
|---|---|---|
| What it controls | Transforms (masks) the column value before returning | Allows or forbids projection (output) of the column itself |
| Behavior with SELECT * | Returns the masked value | Query fails with an error |
| Use in WHERE clauses | Can filter using the pre-mask value | Filtering on the restricted column is forbidden |
| Use in JOIN conditions | Can join using the pre-mask value | Joining on the restricted column is forbidden |
| Use in aggregate functions | Can aggregate using the pre-mask value | Aggregation on the restricted column is forbidden |
| Return type | Same data type as the input | PROJECTION_CONSTRAINT (ALLOW/BLOCK) |
| Coexistence on the same column | Cannot be used together with a Projection Policy | Cannot be used together with a Masking Policy |
| Use case | When you want to partially reveal the value | When you want to hide the column entirely |
-- Create a Projection Policy
CREATE OR REPLACE PROJECTION POLICY pp_hide_ssn
AS () RETURNS PROJECTION_CONSTRAINT ->
CASE
WHEN IS_ROLE_IN_SESSION('HR_ADMIN')
THEN PROJECTION_CONSTRAINT(ALLOW => TRUE)
ELSE PROJECTION_CONSTRAINT(ALLOW => FALSE)
END;
-- Attach to a table column
ALTER TABLE hr.employees
ALTER COLUMN ssn
SET PROJECTION POLICY pp_hide_ssn;
-- Detach the policy
ALTER TABLE hr.employees
ALTER COLUMN ssn
UNSET PROJECTION POLICY;-- Access with the HR_ADMIN role (projection allowed)
USE ROLE HR_ADMIN;
SELECT employee_id, name, ssn FROM hr.employees;
-- Result: employee_id, name, ssn are all returned
-- Access with the ANALYST role (projection forbidden)
USE ROLE ANALYST;
SELECT employee_id, name, ssn FROM hr.employees;
-- ERROR: Projection policy violation
-- Excluding the SSN column makes the query succeed
SELECT employee_id, name FROM hr.employees;
-- Result: employee_id, name are returned
-- SELECT * also fails because it includes the SSN column
SELECT * FROM hr.employees;
-- ERROR: Projection policy violation
-- Referencing the SSN column in a WHERE clause also fails
SELECT employee_id, name FROM hr.employees
WHERE ssn = '123-45-6789';
-- ERROR: Projection policy violationHistorically, hiding columns was typically done with a Secure View. With a Projection Policy you can control access directly at the table level without creating separate views.
-- Traditional Secure View approach: column exclusion depends on the view definition
CREATE OR REPLACE SECURE VIEW hr.employees_analyst AS
SELECT employee_id, name, department, hire_date
FROM hr.employees;
-- The SSN column is excluded from the view definition → ANALYST uses this view
-- Projection Policy approach: apply control directly to the table
-- No view needed; the column is controlled even when the table is queried directly
ALTER TABLE hr.employees
ALTER COLUMN ssn
SET PROJECTION POLICY pp_hide_ssn;
ALTER TABLE hr.employees
ALTER COLUMN salary
SET PROJECTION POLICY pp_hide_salary;
-- ANALYST can query the table directly; only the restricted columns are off-limits| Comparison | Secure View Approach | Projection Policy Approach |
|---|---|---|
| Column control granularity | Pick columns in the view definition | Attach a policy per column |
| Objects to manage | May need a view per role | Just the table plus the policies |
| Hiding the view definition | Secure View can hide the definition | Only the policy OWNER can inspect the logic |
| Performance | Secure Views have optimization restrictions | Direct table access lets the optimizer do its job |
| Impact on existing queries | Need to rewrite queries to go through the view | Only queries that include the restricted column start to fail |
-- Privilege to create Projection Policies
GRANT CREATE PROJECTION POLICY ON SCHEMA security
TO ROLE policy_admin;
-- Privilege to attach Projection Policies
GRANT APPLY PROJECTION POLICY ON ACCOUNT
TO ROLE policy_admin;
-- List policies
SHOW PROJECTION POLICIES IN SCHEMA security;
-- Inspect policy details
DESCRIBE PROJECTION POLICY pp_hide_ssn;Combined with Object Tagging, a Projection Policy can be applied automatically to any column carrying a specific tag. Tagging a new column is enough to apply the policy, which streamlines governance management at scale.
-- Create a tag
CREATE TAG governance.pii_level
ALLOWED_VALUES 'HIGH', 'MEDIUM', 'LOW';
-- Bind a Projection Policy to the tag
ALTER TAG governance.pii_level
SET PROJECTION POLICY pp_hide_ssn;
-- Set the tag on a column (the Projection Policy is applied automatically)
ALTER TABLE hr.employees
ALTER COLUMN ssn
SET TAG governance.pii_level = 'HIGH';Security & Governance
問題 1
A Projection Policy is applied to the ssn column of the hr.employees table, and projection is forbidden for ANALYST_ROLE. Which is the result when a user with ANALYST_ROLE runs the following query? SELECT employee_id, name FROM hr.employees WHERE ssn IS NOT NULL;
正解: B
A Projection Policy forbids not only projection of the column but any reference to it, including in WHERE clauses, JOIN conditions, and aggregate functions. Even though the ssn column is not in the SELECT list, WHERE ssn IS NOT NULL references it, so the query fails with a policy violation. This is a key difference from a Masking Policy, which allows references in WHERE clauses.
What happens when you run SELECT * on a table with a Projection Policy attached?
If you try to fetch a column restricted by a Projection Policy via SELECT *, the query itself fails with an error. A Masking Policy would return masked values instead, but a Projection Policy forbids projection of the column itself, so any query that includes the restricted column either explicitly or implicitly (via SELECT *) cannot run. Users must exclude the restricted column and specify the SELECT list explicitly.
Can a Projection Policy and a Masking Policy be applied to the same column simultaneously?
You cannot apply both a Projection Policy and a Masking Policy to the same column. A Projection Policy controls whether the column can be projected at all, while a Masking Policy controls the transformation of column values, so their roles are fundamentally different. Choose a Projection Policy when you want to hide a column entirely, and a Masking Policy when you want to return a masked value.
Is Projection Policy available in all Snowflake editions?
Projection Policy is available in Enterprise Edition or higher. It is not available in Standard Edition. As with Secure Views and Masking Policies, data governance features are positioned at Enterprise Edition and above.
Practice with certification-focused question sets
無料で問題を解いてみるNicheeLab Editorial Team
NicheeLab editorial team focused on data engineering and cloud certification learning. Content is structured around practical study needs and official exam domains.
Snowflake Certifications: All 11 Exams Explained (2026)
Every SnowPro certification — Associate, Core, Specialty, Ad...
Snowflake Exam Difficulty Ranking: All 11 Certs Compared (2026)
All 11 SnowPro exams ranked by difficulty with study-time es...
Snowflake Study Guide: Fastest Pass Route by Exam (2026)
How to pass SnowPro certifications efficiently — official ma...
SnowPro Core (COF-C03): Complete Exam Guide (2026)
Pass the SnowPro Core exam — six domains, scope, sample ques...
SnowPro Associate Platform (SOL-C01): Complete Guide (2026)
The entry-level SnowPro Associate exam — scope, weighting, s...