Rudder AI Security and Compliance in Profiles IDE Beta

Understand Rudder AI’s security model, data access scope, and privacy guarantees when building Profiles projects.

3 minute read

This guide explains Profiles IDE’s security model, access scope, and data privacy guarantees when building Profiles projects.

Overview

Profiles IDE is a web-based IDE hosted by RudderStack that includes an AI-powered chat interface to help you build Profiles projects.

Since Profiles functions as a semantic model builder for customer data, Rudder AI may need to query your data warehouse to provide relevant assistance. These queries may access tables containing personally identifiable information (PII) as stored in your warehouse.

Access control

This section explains Rudder AI’s access control policy while working in Profiles IDE.

Warehouse selection

When entering Profiles IDE, you configure a warehouse destination to be used for the profiles runs. Rudder AI inherits the permissions of the selected warehouse connection.

Tip: Follow the principle of least privilege when configuring warehouse credentials.
Grant read-only access to source data tables and write access only to Profiles output schemas.

What Rudder AI can access

Rudder AI operates within your selected warehouse connection’s permissions. If your warehouse credentials allow access to tables containing PII, Rudder AI can query that data to provide relevant assistance.

Warehouse isolation

Rudder AI can only access the warehouse connection you explicitly select. It cannot access other connections you may have configured, or other parts of the workspace.

Data privacy

This section covers details on the model provider used for Rudder AI and its data retention and PII handling policies.

PII handling

Unlike RudderStack’s AI chatbot in slack (Rudder AI), Rudder AI does not mask PII in the Profiles IDE. When Rudder AI queries your warehouse to answer questions, raw results, including any PII in those tables, are processed to generate responses.

Configure your warehouse connection permissions carefully — your warehouse credentials determine what PII Rudder AI can access.

AI model provider

Rudder AI uses foundation models (for example, Claude Sonnet) hosted on Amazon Bedrock to process your queries and generate responses.

According to AWS Bedrock’s data protection policies:

Your prompts and warehouse query results are not shared with third-party model providers (Anthropic, Meta, etc.)
Amazon Bedrock does not store your data
Data remains in the region where your RudderStack data plane is hosted
All data is encrypted in transit (TLS 1.2+)

What RudderStack collects

RudderStack collects Profiles IDE usage data for product improvement, including chat interactions and warehouse queries executed during sessions.

See more

Guide	Description
Use Profiles IDE with Rudder AI	Use the Profiles IDE powered by Rudder AI to build, run, and debug your RudderStack Profiles projects
Profiles IDE Quickstart	Launch your first session in Profiles IDE
Profiles IDE Version Control	Understand how Profiles IDE uses Git to track changes, manage sessions, and enable team collaboration
Understand Rudder AI Context	Understand what context Rudder AI has access to, including warehouse information, project files, and configuration details
Profiles IDE FAQ	Answers to common questions about using Profiles IDE with Rudder AI

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.

Questions? Contact us by Email or on Slack