Database
Overview
Visualize and analyze database resources, including tables, views, schemas, and queries. Monitor data access and usage to ensure security and compliance. Track performance metrics, identify vulnerabilities in database structures, and enable efficient data crawling for actionable insights. Automatically detect and categorize PII (Personally Identifiable Information) across tables and columns. Ensure robust backup and recovery processes while maintaining the integrity and security of sensitive data.
Configurations
| Configuration | Description |
|---|---|
| Blueprint Account Name | A human-readable name for your account that will be used to identify this account across the application. |
| Host | The address of your database server (e.g., waleed-test-us-east-2.redshift.amazonaws.com). |
| Port | The port number used to connect to your database (e.g., 5439 for Redshift). |
| User Name | The username used to log in to your database. |
| Password | The password associated with the username. |
| Database Name | The specific name of the database you want to connect to. |
| Dialect | The type of database you are connecting to (e.g., Redshift, PostgreSQL, MySQL, SQLServer, etc.). |
| Data Crawl Frequency | The frequency at which Kscope will crawl the database for new data. |
Permissions
Postgres
pg_databasepg_namespacepg_userrole_table_grantspg_classtablestable_constraintskey_column_usageconstraint_column_usagepg_constraintpg_attributepg_attrdeftriggersviewspg_matviewspg_tablespg_rolescolumns
MSSQL
sys.databasessys.schemassys.tablessys.partitionssys.allocation_unitssys.proceduresINFORMATION_SCHEMA.VIEWSsys.indexessys.dm_db_partition_statssys.columnssys.key_constraintssys.check_constraintssys.default_constraintssys.objectsINFORMATION_SCHEMA.COLUMNSsys.triggerssys.trigger_eventssys.sql_modulessys.index_columnssys.database_principalssys.server_principalssys.database_permissionssys.foreign_keyssys.foreign_key_columnssys.extended_properties
MySQL
information_schema.schematainformation_schema.TABLESinformation_schema.TABLE_CONSTRAINTSinformation_schema.KEY_COLUMN_USAGEinformation_schema.COLUMNSinformation_schema.TRIGGERSinformation_schema.STATISTICSinformation_schema.ROUTINESinformation_schema.VIEWSmysql.usermysql.dbinformation_schema.TABLE_PRIVILEGESinformation_schema.statistics
For more details on the Database permissions, you can refer to the following documentation:
PII Detection and Categorization
The Database blueprint automatically detects and categorizes PII (Personally Identifiable Information) across your database tables and columns.
Supported PII Categories
| Category | Examples |
|---|---|
CREDIT_CARD | 4111-1111-1111-1111 |
PERSON | John Smith |
PHONE_NUMBER | +1-555-0100 |
URL | https://example.com/user/123 |
EMAIL_ADDRESS | john@example.com |
IP_ADDRESS | 192.168.1.1 |
UUID | 550e8400-e29b-41d4-a716-446655440000 |
US_SSN | 123-45-6789 |
CRYPTO | Cryptocurrency wallet addresses |
IBAN_CODE | GB29NWBK60161331926819 |
Severity Levels
Each table with detected PII is assigned a severity level:
| Severity | Categories |
|---|---|
| High | CREDIT_CARD, US_SSN, IBAN_CODE, CRYPTO |
| Medium | EMAIL_ADDRESS, PHONE_NUMBER, PERSON, IP_ADDRESS |
| Low | URL, UUID, or any other detected PII entity type |
PII Detection Insights
The following actionable insights are generated in the PII Detection sightline:
| Insight | Severity | Description |
|---|---|---|
| PII Tables Without Audit Triggers | High | Tables containing PII with no audit triggers configured. Without triggers, changes to sensitive data go untracked, creating compliance gaps. Action: Add INSERT/UPDATE/DELETE audit triggers. |
| Roles Bypassing Row-Level Security | High | Database roles with BypassRowLevelSecurity enabled that can access all PII data unrestricted. Action: Revoke bypass RLS with ALTER ROLE role_name NOBYPASSRLS;. |
| High-Severity PII Detected | Critical | Columns containing credit card numbers, SSNs, bank account numbers, or IBAN codes. Action: Implement column-level encryption, data masking, or tokenization. |
The PII Detection sightline also includes:
- PII Tables stat card — total count of tables with detected PII
- PII Categories Distribution chart — breakdown of PII types (PERSON, EMAIL_ADDRESS, CREDIT_CARD, etc.) across all detections
Schema Model
| Resources | Source Entity | Normalized Entity | Description |
|---|---|---|---|
| Database Table | database.sql.Table | Table | A table within a database. |
| Database Column | database.sql.Column | Column | A column within a database table. |
| User Privilege | database.sql.UserPrivilege | Privilege | A user's privilege in the database. |
| Foreign Key | database.sql.ForeignKey | ForeignKey | A foreign key relationship between columns. |
| Database Schema | database.sql.Schema | Schema | A schema within the database. |
| Database User | database.sql.User | User | A user in the database system. |
| Database Role | database.sql.Role | Role | A role defined in the database system. |
| Database Constraint | database.sql.Constraint | Constraint | A constraint applied to a database table. |
| Database Instance | database.sql.Database | Database | An instance of a database. |
| Database View | database.sql.View | View | A view in the database. |
| Materialized View | database.sql.MaterializedView | MaterializedView | A materialized view in the database. |
| Database Index | database.sql.Index | Index | An index applied to a table for efficiency. |
| Database Trigger | database.sql.Trigger | Trigger | A trigger applied to database tables. |
| PII Detection Result | database.sql.PIIDetectionResult | PIIDetectionResult | PII detection result linked to tables and columns. |
| Database Procedure | database.sql.Procedure | Procedure | A stored procedure in the database. |
| Database Cluster | database.sql.Cluster | Cluster | A cluster of database instances. |
| Schema Access | database.sql.SchemaAccess | Access | Access permissions for a schema. |
| Database Row | database.sql.Row | Row | A row in a database table. |