Chapter 5 - Collaborating, Writing, and Sharing
Audience: Data Owners, Data Governors, and Data Users
Projects combine users and data sources under a common purpose, which can then be used to restrict access to data and streamline collaboration. When Project Equalization is enabled, for example, users working under the same project will see the same data, regardless of their varying levels of access. Additionally, project workspaces allow users to write data back to Immuta and share their analysis with other users.
Immuta Best Practices: Using Projects
Best Practices: Using Immuta Projects
Tutorials contain call-outs with best practices throughout the chapter; however, here is an outline of the best practices when using projects.
- Use a naming convention for projects that reflects the naming convention for databases. (e.g., If the project in Dev is called: “my_project” name the project “dev_my_project.") The data will end up in the project database prefix, so you can trace the source and make edits upstream in that project as necessary.
- Use Project Equalization so that all project members see the same data, and re-equalize projects if new members or data sources are added to the project.
- Use Immuta's recommended Equalized Entitlements to protect your data in projects.
- Use project workspaces to allow users to write data back to Immuta.
- Consider purposes as attributes. Attributes identify a user, and purposes identify why that user should have access.
Chapter 5 Use Case Scenario
The use case described below will be presented throughout this chapter in this call-out to illustrate specific project features. However, the solutions presented can be adjusted to meet your specific needs.
This organization is now managing access to multiple environments (Dev, Test, and Prod) and redacting PII for all users through Global Subscription Policies and Global Data Policies, but they have additional requirements to fulfill: they need users to only WRITE to specified locations in Dev (and this written data should be sharable with other users in Dev), and the code executed in Test and Prod should only WRITE to certain locations. To fulfill these requirements, Data Owners will need to collaborate with administrators to complete the Chapter Objectives outlined below.
In this chapter, you will complete tutorials that demonstrate how to
- create a project and manage the project subscription policy.
- enable Project Equalization.
- write data to a project workspace.
- create a derived data source.
Concept Overviews: Each of these pages explains a concept and how it connects to other features in Immuta.
- Projects and Purposes
- Schema Projects
- Immuta Native Workspaces
- Derived Data Sources
- Policy Adjustments and HIPAA Expert Determination (Public Preview)
Tutorials: Each of these pages provides step-by-step instructions for using a feature in Immuta.
- Create a Project
- Create an Immuta Native Workspace
- Create a Derived Data Source
- Adjust a Policy (Public Preview)
Policy as Code: API Reference Guides: This page details how to access Immuta through the API, including information about the various endpoints, their parameters, and their responses.