vantage-rbac-rls-non-negotiable-v1-gate
Strict RBAC with row-level security enforced at query-execution layer is the single v1 must-have for Runwal Vantage. Finance, sales, and project data across 9 functions cannot leak across roles/departments. This is enforced at Snowflake query execution (not application layer), making it the hard gate for any MVP declaration. Missing this == v1 failure regardless of any other capability.
Related
- rls-at-query-execution-layer-enterprise-bi-non-negotiable
- rbac-rls-at-query-execution-layer-is-non-negotiable-enterpri
- snowflake
- salesforce
- oracle
- cube-js-chosen-as-semantic-layer-between-snowflake-and-query
- r-dash-rbac-rls-non-negotiable-v1-feature
- alembic-ini-db-url-blocks-commit-use-env-var
- r-same-auth-constant-time-generic-errors-required
- rbac-rls-must-enforce-at-query-execution-not-ui
- fernet-encryption-for-data-source-credentials
- cube-query-uses-5min-hs256-jwt-with-security-context
- column-masks-reapplied-on-cached-results-defense-in-depth
- column-mask-reapply-on-cached-results
- widget-data-source-invariant-enforced-at-three-layers