When looking at the run details of both Full Load and CDC Loads into the Data Warehouse via Compose, any user who has at least viewer access to Compose can see the actual data that is loaded to the target tables. Our environment contains sensitive data which includes Personally Identifiable information (PII). Under GDPR requirements this data needs to be managed and controlled under the least privilege principle and therefore the data in the target Database and tables must be secured by Database roles and an auditable access process. The ability for any Compose user to be able to access this data in Compose bypasses our role based access and exposes a security and regulatory risk.
We would like to be able to select which users / groups have access to drill down in the run details window to see the table data.