# Manage Identification Frameworks {% hint style="info" %} In previous documentation, rule is referred to as classifier or identifier and framework is referred to as template. {% endhint %} ## Prerequisite [Sensitive data discovery must be enabled](/2024.2/discover-your-data/data-discovery/how-to-guides/enable-sdd.md). ## Command overview: `immuta sdd template` This command allows you to manage identification frameworks, which are a collection of rules and settings used to drive the configuration of SDD runs. The table below illustrates subcommands and arguments. | Subcommands | Aliases | Description | | ----------------------------------------------- | ------------ | ------------------------------------------- | | [`create`](#create-an-identification-framework) | `save` | Create an identification framework. | | [`delete`](#delete-an-identification-framework) | None | Delete the passed identification framework. | | [`get`](#get-an-identification-framework) | None | Get an identification framework. | | [`global`](#get-the-global-framework) | None | Get the global framework. | | [`search`](#search-identification-frameworks) | `ls`, `list` | Search all identification frameworks. | | [`update`](#update-an-identification-framework) | None | Update an identification framework. | ### Options Use these options to get more details about the `sdd template` command or any of its subcommands: * `-h` * `--help` ```bash $ immuta sdd template -h Manage Sensitive Data Discovery Templates Usage: immuta sdd template [command] Available Commands: create Create an SDD template delete Delete the passed SDD template get Get an SDD template global Get the SDD global template search Search all templates update Update an SDD template Flags: -h, --help Help for template Global Flags: --config string Config file (default $HOME/.immutacfg.yaml) -p, --profile string Specifies the profile for what instance/api the cli will use (default "default") Use "immuta sdd template [command] --help" for more information about a command. ``` ## Create an identification framework 1. Save your framework to a valid YAML or JSON file using these attributes: | Attribute | Description | Required | | ----------- | ------------------------------------------------------------------------------------ | -------- | | name | `string` Unique, request-friendly framework name. | **Yes** | | displayName | `string` Unique, human-readable framework name. | **Yes** | | description | `string` The framework description. | **Yes** | | classifiers | `array` Includes each rules's `name` and `overrides` for `minConfidence` and `tags`. | **Yes** | An example is provided below. ```json { "name": "ACCOUNT_NUMBERS_FRAMEWORK", "displayName": "Account Numbers Framework", "description": "This framework contains the rule that recognizes account numbers.", "classifiers": [ { "name": "ACCOUNT_NUMBER_RULE" } ] } ``` 2. Run `immuta sdd template create [flags]`, referencing the file you just created. The options you can specify include * `-h` or `--help`: Get more information about the command. * `-o` or `--output json | yaml`: Specify the output format. * `--outputTemplate string`: Format the response using a Go template. ### Example ```bash $ immuta sdd template create ./account-template.json -o json { "name": "ACCOUNT_NUMBERS_FRAMEWORK", "displayName": "Account Numbers Framework", "description": "This framework contains the rule that recognizes account numbers.", "createdBy": { "id": 1, "name": "Example User", "email": "user@example.com" }, "id": 2, "createdAt": "2022-03-28T15:48:02.977Z", "updatedAt": "2022-03-28T15:48:02.977Z", "classifiers": [ { "name": "ACCOUNT_NUMBER_RULE", "overrides": {} } ] } ``` ## Get an identification framework Run `immuta sdd template get [flags]`, specifying the name of the framework you would like to get. Options you can specify include * `-h` or `--help`: Get more information about the command. * `-o` or `--output json | yaml`: Specify the output format. * `--outputTemplate string`: Format the response using a Go template. ### Example The example below illustrates a user getting a framework named ACCOUNT\_NUMBERS\_FRAMEWORK. ```bash $ immuta sdd template get ACCOUNT_NUMBERS_FRAMEWORK Getting template ACCOUNT_NUMBERS_FRAMEWORK... { "name": "ACCOUNT_NUMBERS_FRAMEWORK", "displayName": "Account Numbers Framework", "description": "This framework contains the rule that recognizes account numbers.", "createdBy": { "id": 1, "name": "Example User", "email": "user@example.com" }, "id": 2, "createdAt": "2022-03-28T15:48:02.977Z", "updatedAt": "2022-03-28T15:48:02.977Z", "classifiers": [ { "name": "ACCOUNT_NUMBER_RULE", "overrides": {} } ] } ``` ## Get the global framework Run `immuta sdd template global [flags]`, to get the global framework that has been configured for sensitive data discovery. Options you can specify include * `-h` or `--help`: Get more information about the command. * `-o` or `--output json | yaml`: Specify the output format. * `--outputTemplate string`: Format the response using a Go template. ### Example The example below illustrates a user getting the global framework that had been configured in the Immuta UI by an administrator. ```bash $ immuta sdd template global Getting global template... { "name": "ACCOUNT_NUMBERS_FRAMEWORK", "displayName": "Account Numbers Framework", "description": "This framework contains the rule that recognizes account numbers.", "createdBy": { "id": 1, "name": "Example User", "email": "user@example.com" }, "id": 3, "createdAt": "2022-03-28T17:10:48.507Z", "updatedAt": "2022-03-28T17:10:48.507Z", "classifiers": [ { "name": "ACCOUNT_NUMBER_RULE", "overrides": {} } ] } ``` ## Search identification frameworks Run `immuta sdd template search [string] [flags]` to list all identification frameworks or search identification frameworks by name. Options you can specify include * `--classifiers strings`: Limit results to only frameworks that contain the specified rules. * `-h`, `--help`: Help for search. * `--limit int` The search limit for pagination (default 25). * `--offset int`: The search offset for pagination. * `--order asc | desc`: The sort order. * `-o`, `--output json | yaml`: The output format. * `--outputTemplate string`: Format the response using a Go template. * `-s`, `--sort id | name | displayName | type | createdAt | updatedAt`: Field to sort by. ### Example The example below illustrates a user searching all frameworks containing the `ACCOUNT_NUMBER_RULE`. ```bash $ immuta sdd template search --classifiers="ACCOUNT_NUMBER_RULE" Searching all templates... ACCOUNT_NUMBERS_FRAMEWORK This framework contains the rule that recognizes account numbers. Displaying 1 of 1 templates ``` ## Update an identification framework 1. Update your framework in a valid YAML or JSON file using these attributes: | Attribute | Description | Required | | ----------- | ------------------------------------------------------------------------------------ | -------- | | name | `string` Unique, request-friendly framework name. | **Yes** | | displayName | `string` Unique, human-readable framework name. | **Yes** | | description | `string` The framework description. | **Yes** | | classifiers | `array` Includes each rules's `name` and `overrides` for `minConfidence` and `tags`. | **Yes** | 2. Run `immuta sdd template update [flags]`, referencing the file you just updated. The options you can specify include * `-h` or `--help`: Get more information about the command. * `-o` or `--output json | yaml`: Specify the output format. * `--outputTemplate string`: Format the response using a Go template. ### Example The example below illustrates a user updating a framework named ACCOUNT\_NUMBERS\_FRAMEWORK. ```bash $ immuta sdd template update ACCOUNT_NUMBERS_FRAMEWORK ./account-template -o json { "name": "ACCOUNT_NUMBERS_FRAMEWORK", "displayName": "Account Numbers Framework", "description": "This framework contains the rule that recognizes account numbers.", "createdBy": { "id": 1, "name": "Example User", "email": "user@example.com" }, "id": 2, "createdAt": "2022-03-28T15:48:02.977Z", "updatedAt": "2022-03-28T16:15:01.791Z", "classifiers": [ { "name": "ACCOUNT_NUMBER_RULE", "overrides": {} } ] } ``` ## Delete an identification framework Run `immuta sdd template delete [flags]` to delete the framework. The options you can specify include * `-h` or `--help`: Get more information about the command. * `-o` or `--output json | yaml`: Specify the output format. * `--outputTemplate string`: Format the response using a Go template. ### Example ```bash $ immuta sdd template delete ACCOUNT_NUMBERS_FRAMEWORK -o json { "name": "ACCOUNT_NUMBERS_FRAMEWORK", "displayName": "Account Numbers Framework", "description": "This framework contains the rule that recognizes account numbers.", "createdBy": { "id": 1, "name": "Example User", "email": "user@example.com" }, "id": 2, "createdAt": "2022-03-28T15:48:02.977Z", "updatedAt": "2022-03-28T16:15:01.791Z", "classifiers": [ { "name": "ACCOUNT_NUMBER_FRAMEWORK", "overrides": {} } ] } ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://documentation.immuta.com/2024.2/developer-guides/the-immuta-cli/manage-sensitive-data-discovery/templates.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.