Lnav Column-Level Access

Lnav Column-Level Access controls that exposure. It enforces rules at the most precise level possible — the individual column — without adding complex middleware. By defining permissions for each column, you prevent leaks of sensitive data such as PII, internal metrics, or financial numbers while still allowing full access to non-sensitive fields.

With column-level access in Lnav, policies live close to the data. They are simple to audit and easy to maintain. Instead of creating multiple views or temporary tables, you define a single policy that decides which columns are visible to which roles. Lnav evaluates these rules during query execution, ensuring no unauthorized column leaves the database.

Common use cases include:

• Restricting salary or SSN columns only to HR roles
• Hiding internal debug data from customer-facing dashboards
• Allowing analysts to query large datasets while removing high-risk attributes

To configure, you assign access rules in Lnav’s schema config. Each table column can have an allowlist of roles. Queries that request restricted columns return only authorized data. Everything else is dropped automatically before results are sent.

Compared to application-level filtering, column-level access in Lnav reduces attack surfaces. It standardizes control in one place rather than scattering logic across multiple services. This makes security reviews faster and compliance audits cleaner.

For teams handling regulated data or running multi-tenant systems, Lnav’s column-level access is a direct way to meet least-privilege requirements without overengineering. Keep the schema structure intact, serve diverse user needs, and block sensitive data from ever leaving storage unless the user is explicitly cleared.

See how Lnav column-level access works in minutes — deploy instantly at hoop.dev and watch it secure your data at the source.