Rudder Assist Security and Compliance Beta

Understand Rudder Assist’s security model, data privacy guarantees, and compliance features for protecting your workspace and customer data.

2 minute read

This guide explains Rudder Assist’s security model, access controls, and data privacy policy.

Access control

This section explains Rudder Assist’s access control policy.

Workspace isolation

Rudder Assist can only access workspaces accessible by the provided Personal Access Token (PAT). Its access is limited to the permissions granted to the PAT owner.

Rudder Assist cannot access other workspaces or data outside the PAT’s scope.

All Rudder Assist actions are performed under the Personal Access Token (PAT) owner’s identity, and all write actions are logged to the PAT owner’s workspace Audit Logs.

Write permissions by mode

Rudder Assist’s access levels vary by its operating mode:

Mode	Access permissions
Standard mode	No write access to any workspace components
Advanced mode	Can only create, modify, and delete transformations. Cannot modify sources, destinations, or other configuration

Shared channel access

Anyone in the designated Slack channel can use Rudder Assist — this includes users who may not have direct access to the connected RudderStack workspace.

Note that:

All interactions are visible to everyone in the channel
Rudder Assist responds only in the designated shared channel, not in other channels or direct messages

Revoke access

To immediately disable Rudder Assist access, revoke or regenerate the PAT in your RudderStack workspace. Rudder Assist will immediately lose access and stop responding.

Data privacy

This section covers details on the model provider used for Rudder Assist and its data retention and PII handling policies.

AI model provider

Rudder Assist uses Amazon Bedrock for processing your queries and generating responses.

No data is used to train AI models and the conversations are not stored.

PII handling

PII protection varies depending on Rudder Assist’s operating mode:

Standard mode

Standard mode provides comprehensive PII masking and protection. Rudder Assist has no access to unmasked customer PII.

Tools that access event payload data automatically mask sensitive fields before sending to the AI. Masking preserves data structure for debugging while protecting actual values.

Advanced mode

Advanced mode includes the following PII considerations:

Feature	PII handling
Transformation management	Same PII protection as Standard mode
SQL Agent (coming soon)	Unmasked PII may be visible to the AI provider when querying your warehouse — however, it is not stored or used for training.

When using SQL Agent in Advanced mode, unmasked PII is sent to Amazon Bedrock.
While Amazon Bedrock does not store or use data for training, this represents higher data exposure than Standard mode.

See more

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.

Questions? Contact us by Email or on Slack