Skip to content

Create a Native Workspace

Audience: Project Owners and members

Content Summary: This page outlines how to manage project workspaces, which allow users to write data back to Immuta.

After workspaces are configured by a System Administrator, users with the CREATE_PROJECT permission can enable workspaces within their projects. This feature allows project members to write data back to Immuta and share this data with other users as derived data sources.

Prerequisites:

  • project workspaces have been configured by an Application Admin.

Additional Tutorials Contents:

  • Create a Databricks Workspace
  • Disable and Delete Workspaces

Use Case

Compliance Requirement: Users can only WRITE to specified locations in Dev, and these users need to share this data with other Dev users.

After Dev users have analyzed data, they need to write content back to Immuta and share it with other Dev users. To allow them to write data back to Immuta, project owners need to create workspaces for their projects. Then, users can share the data they've written to Immuta with other users as derived data sources. The steps below use this scenario with Snowflake to illustrate creating a native workspace, but Databricks workspace tutorials are included in Additional Tutorials.

1 - Enable a Workspace

Workspaces can be enabled in the New Project modal when creating a new project, but project owners can enable this feature at any point on the project's Policies tab.

  1. Navigate to the Policies tab and enable Project Equalization by clicking the Project Equalization slider to on.
  2. Scroll to the Native Workspace section and click Create.
  3. Select Snowflake from the Workspace Configuration dropdown menu.
  4. Name the Workspace Schema. By default, the schema name is based off of the project name, but you can change it here. Your project workspace will exist within this schema under Snowflake under the database configured by the Application Admin.

  5. Use the dropdown menu to select the Hostname. Projects can only be configured to use one Snowflake host.

  6. Select one or more Warehouses to be available to project members when they are working in the Snowflake workspace.

  7. Click Create to enable the workspace.

2 - Write Data to the Workspace

Once the workspace is created, project members will see relevant data sources in the Snowflake UI when working under the project context.

  1. Select the Role created by the project workspace. The role created will be a combination of the database name (configured by the Application Admin) and the schema name (set in the previous section by the project owner). In this scenario, the role created was KW_TEST_DEV_MY_PROJECT:

    Role Not Selected

    Because this user has not yet selected the correct role (KW_TEST_DEV_MY_PROJECT), no project data is visible in the Results window.

    Role Selected

    The user has selected the KW_TEST_DEV_MY_PROJECT role, so the project data is now visible.

  2. Create a table in Snowflake.

Now that data has been written to the workspace, users can share this data with others by making it a derived data source in Immuta.

Additional Tutorials

Create a Databricks Workspace

Databricks Cluster Configuration

Before creating a workspace, the cluster must send its configuration to Immuta; to do this, run a simple query on the cluster (i.e., show tables). Otherwise, an error message will occur when you attempt to create a workspace.

  1. Navigate to the Policies tab and enable Project Equalization by clicking the Project Equalization slider to on.
  2. Scroll to the Native Workspace section and click Create.
  3. Select Databricks from the Workspace Configuration dropdown menu.
  4. Opt to edit the sub-directory in the Workspace Directory field; this sub-directory auto-populates as the project name.
  5. Enter the Workspace Database Name.
  6. Click Create to enable the workspace.

Disable and Delete Workspaces

  1. Scroll to the Native Workspace section on the Policies tab and click the toggle to disable the workspace.

  2. Click Delete in the Native Workspace section.

  3. Choose one of the following options in the modal:

    • Purge Generic Workspace Data: permanently delete data, while the data used by derived data sources is preserved. Note: If you created a derived data source that references a view on top of a table in Snowflake that isn't a derived data source, that table will be deleted and break the derived data source.
    • Purge Everything & Delete Derived Data Sources: permanently delete data and purge all derived data sources.
  4. Click Delete.