Skip to content

You are viewing documentation for Immuta version 2023.2.

For the latest version, view our documentation for Immuta SaaS or the latest self-hosted version.

Domains

Private preview

This feature is in preview and available to select accounts. Reach out to your Immuta representative for details.

Domains are containers of data sources that group data into user-defined sets, where specific users can be assigned a domain-specific permission to manage policies on only the data sources in those domains. Domains eliminate the problem of giving users too much governance over all data sources in an organization. Instead, you can control how much power governance users have over data sources by granting them privileges within domains (and only those domains) in Immuta.

Domains allow you to grant more users authority to manage policies, making Immuta easier to use and more secure.

Permissions

The table below outlines the global Immuta permissions and domain permissions necessary to manage domains.

Permission User actions Domains actions Data source actions Policy actions
USER_ADMIN (global) Manage user permissions, including domain-specific permissions on ALL domains None None None
GOVERNANCE (global) None
  • Create domains
  • Manage domain description and name
  • Delete any empty domain
  • Add existing data sources to any domain
  • Remove data sources from any domain without adding it to another domain
Create global policies that apply to ANY data sources (inside or outside domains)
Manage Policies (domain) None None None Create policies that apply to the domain(s) they are granted to manage policies in

Domain data sources

Data sources can be assigned to domains to restrict the users who can manage policies on those data sources. Data sources could be assigned to domains based on business units in your organization or any other method that suits your business goals and policy management strategy. However, data sources can belong to only one domain.

Once a data source is assigned to a domain, only users with the global GOVERNANCE or domain-specific Manage Policies permission can create policies that will apply to that data source, allowing you to control who can manage data access.

When data sources are added to a domain, users do not have to be added to the domain to access data. Instead, they must meet the restrictions outlined in the policies on the data sources.

Managing domain data sources

Only users with the GOVERNANCE permission can change the domain that a data source belongs to or remove a data source from a domain. When a data source is removed from a domain, Immuta recomputes the policies. Any policies associated with a domain that were applied to the data source will be removed when the data source is removed from the domain.

Domain policies

When authorized users assign policies to a domain, those policies only apply to the data sources in that domain. Domains restrict who can write policies for data sources assigned to that domain, while Immuta policies are enforced as usual: users who meet the restrictions outlined in the policy of a data source may subscribe to that data source.

When data sources are added to or removed from a domain, Immuta recomputes the data source policies. Then, policies associated with the domain will be applied to the data source.

Managing domain policies

Users with the Manage Policies permission in a domain can set a global policy to apply to only the domains for which they have the Manage Policies permission. For example, if a user has Manage Policies on one domain, all global policies they write will be assigned to just that domain, and data sources within that domain will have those policies enforced on them. If users have the Manage Policies permission on a subset of domains in their organization, they can choose from all of the permutations of the domains for which they have the Manage Policies permission to assign policies to.

If users have the Manage Policies permission on all domains in an organization or the GOVERNANCE permission, they can set a global policy to apply to all data sources.

Deleting a domain

Users with the GOVERNANCE permission can delete any domain that has zero data sources assigned to it.

Migrating to domains

Existing data sources can be assigned to a domain by a user with the GOVERNANCE permission. Once added to a domain, domain policies will be enforced on the data sources.