2024.3
Search powered by AI

Manage Write Policies

Write policies API endpoint reference guide

The policies resource allows you to manage and apply policies to your data sources. The endpoints and examples provided in this guide are specific to creating global write policies.

Endpoints

POST /dataSource/{dataSourceId}/access

Manually grants write access to a user.

curl -X 'POST' \
    'https://www.organization.immuta.com/dataSource/6/access' \
    -H 'accept: application/json' \
    -H 'Content-Type: application/json' \
    -H 'Authorization: 846e9e43c86a4ct1be14290d95127d13f' \
    -d '{
    "profileId": 3,
    "state": "subscribed",
    "accessGrant": "WRITE"
    }'

Request parameter

Body parameters

The request accepts a JSON or YAML payload. See the write access manual grant payload description for parameter details.

Response

The response returns the following JSON object. See the payload reference guide for details about the response schema.

{
  "isSubscriptionOverride": true,
  "id": 23,
  "modelId": "6",
  "modelType": "datasource",
  "state": "subscribed",
  "metadata": {},
  "admin": 2,
  "denialReasoning": null,
  "profile": 3,
  "group": null,
  "policy": false,
  "expiration": null,
  "acknowledgeRequired": false,
  "createdAt": "2023-10-11T14:43:00.726Z",
  "updatedAt": "2023-10-11T14:43:00.726Z",
  "accessGrant": "WRITE",
  "approved": true
}

POST /policy/global

Creates a global policy.

The example below grants write access to users with the attribute has.write and applies the global policy to all data sources.

curl -X 'POST' \
    'https://www.organization.immuta.com/policy/global' \
    -H 'accept: application/json' \
    -H 'Content-Type: application/json' \
    -H 'Authorization: 846e9e43c86a4ct1be14290d95127d13f' \
    -d '{
    "type": "subscription",
    "name": "Allow users with specific entitlements to have write access",
    "actions": [{
      "type": "subscription",
      "subscriptionType": "policy",
      "accessGrant": "WRITE",
      "exceptions": {
        "operator": "and",
        "conditions": [{
          "type": "authorizations",
          "authorization": {
            "auth": "has",
            "value": "write"
          }
      }]
    },
    }],
    "staged": false
    }'

Body parameters

The request accepts a JSON or YAML payload. See the global policy payload description for parameter details.

Response

The response returns the global policy configuration. See the payload reference guide for details about the response schema.

{
  "policyKey": "Manual global write policy",
  "name": "Manual global write policy",
  "type": "subscription",
  "template": true,
  "staged": false,
  "systemGenerated": false,
  "deleted": false,
  "certification": null,
  "actions": [
    {
      "type": "subscription",
      "accessGrant": "WRITE",
      "description": null,
      "allowDiscovery": false,
      "subscriptionType": "manual",
      "shareResponsibility": false,
      "automaticSubscription": false
    }
  ],
  "circumstances": null,
  "metadata": null,
  "clonedFrom": null,
  "createdBy": 2,
  "id": 4,
  "createdAt": "2023-10-10T13:18:37.270Z",
  "updatedAt": "2023-10-10T13:18:37.270Z",
  "createdByName": "Taylor",
  "ownerRestrictions": null
}

DELETE /policy/global/{policyId}

Deletes the specified policy.

curl -X 'DELETE' \
    'https://www.organization.immuta.com/policy/global/4' \
    -H 'accept: application/json' \
    -H 'Content-Type: application/json' \
    -H 'Authorization: 846e9e43c86a4ct1be14290d95127d13f'

Request parameter

Response

The response returns the deleted global policy configuration. See the payload reference guide for details about the response schema.

GET /policy/global/{policyId}

Gets the specified policy.

curl -X 'GET' \
    'https://www.organization.immuta.com/policy/global/4' \
    -H 'accept: application/json' \
    -H 'Content-Type: application/json' \
    -H 'Authorization: 846e9e43c86a4ct1be14290d95127d13f'

Request parameter

Response

The response returns the global policy configuration. See the payload reference guide for details about the response schema.

PUT /policy/global/{policyId}

Updates the specified policy.

curl -X 'PUT' \
    'https://www.organization.immuta.com/policy/global/4' \
    -H 'accept: application/json' \
    -H 'Content-Type: application/json' \
    -H 'Authorization: 846e9e43c86a4ct1be14290d95127d13f' \
    -d '{
    "type": "subscription",
    "name": "Manual global write policy",
    "template": true,
    "actions": [{
      "type": "subscription",
      "subscriptionType": "manual",
      "description": "This updated policy only applies to data sources tagged Discovered.Healthcare NPI.",
      "accessGrant": "WRITE"
    }],
    "staged": false,
    "circumstances": [{
      "operator": "or",
      "type": "columnTags",
      "columnTag": {
        "name": "Discovered.Healthcare NPI",
        "displayName": "Discovered . Healthcare NPI",
        "hasLeafNodes": false
      }
    }]
    }

Body parameters

The request accepts a JSON or YAML payload. See the global policy payload description for parameter details.

Response

The response returns the updated global policy configuration. See the payload reference guide for details about the response schema.

PreviousManage DomainsNextWrite Policies Payloads and Response Schema Reference Guide

Last updated

Other versions

SaaS2024.22024.12023.4

Copyright © 2014-2024 Immuta Inc. All rights reserved.