Getting Started with Domains
Domains are containers of data sources that allow you to assign data ownership and access management to specific business units, subject matter experts, or teams at the nexus of cross-functional groups. Instead of centralizing your data governance and giving users too much governance over all your data, you control how much power they have over data sources by granting them permission within domains in Immuta.
Create a domain
Required Immuta permission: GOVERNANCE
Navigate to the Domains page.
Click + New Domain.
Enter a Name and Description for your domain.
Click Save.
To create a domain using the API, see the Domains API guide. For more information about domains, see the Domains reference guide.
Assign domain permissions
Required Immuta permission: USER_ADMIN
User administrators can assign domain permissions from the domain permissions tab or the people page. See instructions for both methods below.
Domain permissions tab
Click Domains and navigate to the domain.
Got to the Permissions tab and click + Grant Permissions.
Opt to select additional domains to apply the permission assignments to.
Choose how to assign the permission:
Individual selected users: Select this option from the dropdown and then search for individual users to grant the permission to.
Users in group: Select this option from the dropdown and then search for groups to grant the permission to.
Choose the permission to assign:
Manage Policies permission to allow them to create policies that will apply to the data sources within the domain.
Audit Activity permission to allow them to view audit events within the domain.
Review your changes and click Grant Permissions.
To assign permissions using the API, see the Domains API guide. For a list of permissions associated with domains, see the Domains reference guide.
People page
Click People in the left navigation menu and select Users or Groups.
Select your user or group and then click the Settings tab.
Click + Add Domain Permissions.
Select the Domain for which the user or group should have the permission.
Opt to select additional users or groups to grant the permission to within the selected domains.
Choose the permission to assign:
Manage Policies permission to allow them to create policies that will apply to the data sources within the domain.
Audit Activity permission to allow them to view audit events within the domain.
Review your changes and click Grant Permissions.
Assign data sources to a domain
Required Immuta permission: GOVERNANCE
Navigate to the Domains page and select your domain.
Click the Data Sources tab, and then click + Add Data Sources.
Select the checkboxes for the data sources you want to add to your domain.
Click + Add to Domain.
To assign data sources using the API, see the Domains API guide. For more information about domain data sources, see the Domains reference guide.
Author a domain-scoped policy
Required Immuta permission: GOVERNANCE
or Manage Policies
Navigate to the Domains page and select your domain.
Click the Subscription Policies or Data Policies tab.
Click Create Policy and select Subscription Policy or Data Policy.
Write your subscription policy or data policy as outlined in the policies how-to guide.
When building your policy, your domain should automatically be added in the What domain(s) should this policy be restricted to? section. However, you can select more domains that you have the
Manage Policies
permission for here as well. This step will assign the policy to all data sources added to that domain.
For more information about domain policies, see the Domains reference guide.
Audit domain-related activity
Required Immuta permission: Audit Activity
Domain-related activity can be audited from the domain page, the audit page, the people page, or the data sources overview page. To find a specific audit record,
Navigate to the Audit page - records are automatically filtered to your authorized domains only.
Optional: Use filters to narrow down the search for activities.
Click on a record to see details about a specific activity.
Delete a domain
Required Immuta permission: GOVERNANCE
Navigate to the Domains page and select your domain.
Click Remove Domain.
Confirm your changes.
To delete a domain using the API, see the Domains API guide.
Last updated