Customize and Manage Sensitive Data Discovery
In previous documentation, identifier is referred to as classifier. The language is being updated to identifier to be more accurate and not conflate meaning with the Immuta data classification and frameworks feature.
This command allows you to customize and run SDD in your instance of Immuta. The table below illustrates subcommands and arguments.
||Manage SDD identifiers.|
||Run SDD on specific data sources or all data sources|
||Manage SDD templates.|
Use these options to get more details about the
sdd command or any of its subcommands:
$ immuta sdd -h Manage Sensitive Data Discovery Usage: immuta sdd [command] Available Commands: classifier Manage Sensitive Data Discovery Classifiers run Run Sensitive Data Discovery with provided options template Manage Sensitive Data Discovery Templates Flags: -h, --help Help for sdd Global Flags: --config string Config file (default $HOME/.immutacfg.yaml) -p, --profile string Specifies the profile for what instance/api the cli will use (default "default") Use "immuta sdd [command] --help" for more information about a command.
Two common workflows for using SDD are outlined below. The first illustrates how to apply a single global template to all data sources, while the second outlines how users can create and apply templates to data sources they own.
The tutorials linked below show how to use the CLI to complete this workflow. For an overview of how sensitive data discovery works, see this overview.
Workflow 1: Apply a global template to all data sources
- Data governor creates a template using one or more built-in or custom identifiers.
- System administrator adds this template to the global settings so that it applies to all data sources.
- Users trigger SDD on data sources.