Chapter 4 - Connecting Data
Audience: Data Owners and Data Governors
Content Summary: This page sets the context for managing data sources in Immuta and includes an outline of best practices, a use case scenario, and links to specific tutorials for creating and managing Data Sources.
Now that you have your access patterns installed, users set up, and Global Policies created, you are ready to start creating data sources.
A data source is how Data Owners expose their data across their organization to other Immuta users. Throughout this process, the data is not copied. Instead, Immuta uses metadata from the data source to determine how to expose the data. Simply put, a data source is a virtual representation of data that exists in a remote data storage technology.
When a data source is exposed, policies (written by Data Owners and Data Governors) are dynamically enforced on the data, appropriately redacting and masking information depending on the attributes or groups of the user accessing the data. Once the data source is exposed and subscribed to, the data can be accessed in a consistent manner across analytics and visualization tools, allowing reproducibility and collaboration.
Immuta Best Practices: Connecting Data
Best Practices: Connecting Data
The best practices outlined below will also appear in callouts within relevant tutorials.
- The two-way SSL configuration is highly recommended as it is the most secure configuration for a custom blob store handler endpoint.
- Although not required, it is recommended that all connections use SSL. Additional connection string arguments may also be provided.
- It is recommended that path not be used in the resource restrictions. Additionally, single-bucket source data is
the only tested configuration. Athena databases with source data in multiple buckets may work, but would
require that additional resources be specified in the below policy anywhere
Chapter 4 Use Case Scenario
The use case described below will be presented throughout this chapter in this call-out to illustrate a specific Local Policy. However, the solutions presented can be adjusted to meet your specific needs.
A project manager wants access to her data sources to be more restrictive than the organization's compliance requirements suggest. Because these further restrictions do not need to be made globally, she should add Local Policies directly to her data sources.
In this chapter, you will complete tutorials that demonstrate how to
- add data sources to your Immuta instance.
- properly manage your data sources.
- apply local policies to your data sources.
Concept Overviews: Each of these pages explains a concept and how it connects to other features in Immuta.
Tutorials: Each of these pages provides step-by-step instructions for using a feature in Immuta.
- Create a Query-backed Data Source
- Create an Object-backed Data Source
- Manage Data Sources
- Write a Local Policy
- Write an Advanced Policy
- Custom-Policy Handler
Policy as Code: API Reference Guides: These pages detail how to access Immuta through the API, including information about the various endpoints, their parameters, and their responses.