Immuta Audit GraphQL API Reference Documentation
This Immuta Audit GraphQL API reference includes the complete set of GraphQL queries, mutations, types, and their parameters for exporting and storing audit logs and querying audit and export job configurations. For tutorials using this API, see the Audit Log Export guide.
Contact
API Endpoints
# Production:
https://example.immutacloud.com/api/audit/graphql
Queries
getAllExportConfigurations
Description
Get all export configurations.
Response
Returns [ExportConfiguration!]!
Example
Query
query getAllExportConfigurations {
getAllExportConfigurations {
id
interval
enabled
endpointConfiguration {
... on S3EndpointConfiguration {
...S3EndpointConfigurationFragment
}
}
createdBy {
...UserFragment
}
createdAt
updatedBy {
...UserFragment
}
updatedAt
}
}
Response
{
"data": {
"getAllExportConfigurations": [
{
"id": "4",
"interval": "EVERY_2_HOURS",
"enabled": true,
"endpointConfiguration": S3EndpointConfiguration,
"createdBy": User,
"createdAt": "2007-12-03T10:15:30Z",
"updatedBy": User,
"updatedAt": "2007-12-03T10:15:30Z"
}
]
}
}
getAllExportJobTasks
Description
Get all export job tasks by export job ID.
Response
Returns [ExportJobTask!]!
Arguments
| Name | Description |
|---|---|
exportJobId - String!
|
The export job ID. |
Example
Query
query getAllExportJobTasks($exportJobId: String!) {
getAllExportJobTasks(exportJobId: $exportJobId) {
id
startTimestamp
endTimestamp
attempts
offset
limit
status
failureReason
}
}
Variables
{"exportJobId": "xyz789"}
Response
{
"data": {
"getAllExportJobTasks": [
{
"id": "4",
"startTimestamp": "2007-12-03T10:15:30Z",
"endTimestamp": "2007-12-03T10:15:30Z",
"attempts": 123.45,
"offset": 987,
"limit": 987,
"status": "RUNNING",
"failureReason": "xyz789"
}
]
}
}
getAllExportJobs
Description
Get all export jobs.
Response
Returns [ExportJob!]!
Example
Query
query getAllExportJobs {
getAllExportJobs {
id
exportConfiguration {
...ExportConfigurationFragment
}
startTimestamp
endTimestamp
status
tasks {
...ExportJobTaskFragment
}
windowStart
windowEnd
failureReason
}
}
Response
{
"data": {
"getAllExportJobs": [
{
"id": "4",
"exportConfiguration": ExportConfiguration,
"startTimestamp": "2007-12-03T10:15:30Z",
"endTimestamp": "2007-12-03T10:15:30Z",
"status": "RUNNING",
"tasks": [ExportJobTask],
"windowStart": "2007-12-03T10:15:30Z",
"windowEnd": "2007-12-03T10:15:30Z",
"failureReason": "abc123"
}
]
}
}
getAttributeAppliedAuditEvents
Response
Returns [AttributeAppliedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
criteria - AuditEventSearchCriteriaInput
|
The search criteria |
Example
Query
query getAttributeAppliedAuditEvents($criteria: AuditEventSearchCriteriaInput) {
getAttributeAppliedAuditEvents(criteria: $criteria) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...ResourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...AttributeAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"criteria": AuditEventSearchCriteriaInput}
Response
{
"data": {
"getAttributeAppliedAuditEvents": [
{
"id": 4,
"sessionId": "abc123",
"userAgent": "abc123",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Resource],
"relatedResources": [Resource],
"auditPayload": AttributeAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
getAttributeRemovedAuditEvents
Response
Returns [AttributeRemovedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
criteria - AuditEventSearchCriteriaInput
|
The search criteria |
Example
Query
query getAttributeRemovedAuditEvents($criteria: AuditEventSearchCriteriaInput) {
getAttributeRemovedAuditEvents(criteria: $criteria) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...ResourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...AttributeAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"criteria": AuditEventSearchCriteriaInput}
Response
{
"data": {
"getAttributeRemovedAuditEvents": [
{
"id": "4",
"sessionId": "xyz789",
"userAgent": "abc123",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Resource],
"relatedResources": [Resource],
"auditPayload": AttributeAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
getDatabricksQueryAuditEvents
Response
Returns [QueryAuditEvent!]!
Arguments
| Name | Description |
|---|---|
criteria - AuditEventSearchCriteriaInput
|
The search criteria |
Example
Query
query getDatabricksQueryAuditEvents($criteria: AuditEventSearchCriteriaInput) {
getDatabricksQueryAuditEvents(criteria: $criteria) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...DatasourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...QueryAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"criteria": AuditEventSearchCriteriaInput}
Response
{
"data": {
"getDatabricksQueryAuditEvents": [
{
"id": "4",
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Datasource],
"relatedResources": [Resource],
"auditPayload": QueryAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
getDatasourceCatalogSyncedAuditEvents
Response
Arguments
| Name | Description |
|---|---|
criteria - AuditEventSearchCriteriaInput
|
The search criteria |
Example
Query
query getDatasourceCatalogSyncedAuditEvents($criteria: AuditEventSearchCriteriaInput) {
getDatasourceCatalogSyncedAuditEvents(criteria: $criteria) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...DatasourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...DatasourceAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"criteria": AuditEventSearchCriteriaInput}
Response
{
"data": {
"getDatasourceCatalogSyncedAuditEvents": [
{
"id": "4",
"sessionId": "xyz789",
"userAgent": "abc123",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Datasource],
"relatedResources": [Resource],
"auditPayload": DatasourceAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
getDatasourceCreatedAuditEvents
Response
Returns [DatasourceCreatedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
criteria - AuditEventSearchCriteriaInput
|
The search criteria |
Example
Query
query getDatasourceCreatedAuditEvents($criteria: AuditEventSearchCriteriaInput) {
getDatasourceCreatedAuditEvents(criteria: $criteria) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...DatasourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...DatasourceAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"criteria": AuditEventSearchCriteriaInput}
Response
{
"data": {
"getDatasourceCreatedAuditEvents": [
{
"id": "4",
"sessionId": "abc123",
"userAgent": "abc123",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Datasource],
"relatedResources": [Resource],
"auditPayload": DatasourceAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
getDatasourceDeletedAuditEvents
Response
Returns [DatasourceDeletedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
criteria - AuditEventSearchCriteriaInput
|
The search criteria |
Example
Query
query getDatasourceDeletedAuditEvents($criteria: AuditEventSearchCriteriaInput) {
getDatasourceDeletedAuditEvents(criteria: $criteria) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...DatasourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...DatasourceAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"criteria": AuditEventSearchCriteriaInput}
Response
{
"data": {
"getDatasourceDeletedAuditEvents": [
{
"id": "4",
"sessionId": "xyz789",
"userAgent": "abc123",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Datasource],
"relatedResources": [Resource],
"auditPayload": DatasourceAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
getDatasourceDisabledAuditEvents
Response
Returns [DatasourceDisabledAuditEvent!]!
Arguments
| Name | Description |
|---|---|
criteria - AuditEventSearchCriteriaInput
|
The search criteria |
Example
Query
query getDatasourceDisabledAuditEvents($criteria: AuditEventSearchCriteriaInput) {
getDatasourceDisabledAuditEvents(criteria: $criteria) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...DatasourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...DatasourceAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"criteria": AuditEventSearchCriteriaInput}
Response
{
"data": {
"getDatasourceDisabledAuditEvents": [
{
"id": 4,
"sessionId": "xyz789",
"userAgent": "abc123",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Datasource],
"relatedResources": [Resource],
"auditPayload": DatasourceAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
getDatasourceUpdatedAuditEvents
Response
Returns [DatasourceUpdatedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
criteria - AuditEventSearchCriteriaInput
|
The search criteria |
Example
Query
query getDatasourceUpdatedAuditEvents($criteria: AuditEventSearchCriteriaInput) {
getDatasourceUpdatedAuditEvents(criteria: $criteria) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...DatasourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...DatasourceAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"criteria": AuditEventSearchCriteriaInput}
Response
{
"data": {
"getDatasourceUpdatedAuditEvents": [
{
"id": "4",
"sessionId": "abc123",
"userAgent": "abc123",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Datasource],
"relatedResources": [Resource],
"auditPayload": DatasourceAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
getExportConfigurationById
Description
Gets an export configuration by its id
Response
Returns an ExportConfiguration!
Arguments
| Name | Description |
|---|---|
id - String!
|
The ID of the export configuration. |
Example
Query
query getExportConfigurationById($id: String!) {
getExportConfigurationById(id: $id) {
id
interval
enabled
endpointConfiguration {
... on S3EndpointConfiguration {
...S3EndpointConfigurationFragment
}
}
createdBy {
...UserFragment
}
createdAt
updatedBy {
...UserFragment
}
updatedAt
}
}
Variables
{"id": "xyz789"}
Response
{
"data": {
"getExportConfigurationById": {
"id": "4",
"interval": "EVERY_2_HOURS",
"enabled": false,
"endpointConfiguration": S3EndpointConfiguration,
"createdBy": User,
"createdAt": "2007-12-03T10:15:30Z",
"updatedBy": User,
"updatedAt": "2007-12-03T10:15:30Z"
}
}
}
getExportJobById
Description
Get export job by ID.
Response
Returns an ExportJob!
Arguments
| Name | Description |
|---|---|
id - String!
|
The export job ID. |
Example
Query
query getExportJobById($id: String!) {
getExportJobById(id: $id) {
id
exportConfiguration {
...ExportConfigurationFragment
}
startTimestamp
endTimestamp
status
tasks {
...ExportJobTaskFragment
}
windowStart
windowEnd
failureReason
}
}
Variables
{"id": "xyz789"}
Response
{
"data": {
"getExportJobById": {
"id": "4",
"exportConfiguration": ExportConfiguration,
"startTimestamp": "2007-12-03T10:15:30Z",
"endTimestamp": "2007-12-03T10:15:30Z",
"status": "RUNNING",
"tasks": [ExportJobTask],
"windowStart": "2007-12-03T10:15:30Z",
"windowEnd": "2007-12-03T10:15:30Z",
"failureReason": "xyz789"
}
}
}
getExportJobTaskById
Description
Get export job task by ID.
Response
Returns an ExportJobTask!
Arguments
| Name | Description |
|---|---|
id - String!
|
The export job task ID. |
Example
Query
query getExportJobTaskById($id: String!) {
getExportJobTaskById(id: $id) {
id
startTimestamp
endTimestamp
attempts
offset
limit
status
failureReason
}
}
Variables
{"id": "abc123"}
Response
{
"data": {
"getExportJobTaskById": {
"id": "4",
"startTimestamp": "2007-12-03T10:15:30Z",
"endTimestamp": "2007-12-03T10:15:30Z",
"attempts": 123.45,
"offset": 987,
"limit": 123,
"status": "RUNNING",
"failureReason": "abc123"
}
}
}
getLicenseCreatedAuditEvents
Response
Returns [LicenseCreatedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
criteria - AuditEventSearchCriteriaInput
|
The search criteria |
Example
Query
query getLicenseCreatedAuditEvents($criteria: AuditEventSearchCriteriaInput) {
getLicenseCreatedAuditEvents(criteria: $criteria) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...LicenseFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...LicenseAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"criteria": AuditEventSearchCriteriaInput}
Response
{
"data": {
"getLicenseCreatedAuditEvents": [
{
"id": 4,
"sessionId": "abc123",
"userAgent": "xyz789",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [License],
"relatedResources": [Resource],
"auditPayload": LicenseAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
getLicenseDeletedAuditEvents
Response
Returns [LicenseDeletedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
criteria - AuditEventSearchCriteriaInput
|
The search criteria |
Example
Query
query getLicenseDeletedAuditEvents($criteria: AuditEventSearchCriteriaInput) {
getLicenseDeletedAuditEvents(criteria: $criteria) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...LicenseFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...LicenseAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"criteria": AuditEventSearchCriteriaInput}
Response
{
"data": {
"getLicenseDeletedAuditEvents": [
{
"id": 4,
"sessionId": "abc123",
"userAgent": "xyz789",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [License],
"relatedResources": [Resource],
"auditPayload": LicenseAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
getPurposeDeletedAuditEvents
Response
Returns [PurposeDeletedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
criteria - AuditEventSearchCriteriaInput
|
The search criteria |
Example
Query
query getPurposeDeletedAuditEvents($criteria: AuditEventSearchCriteriaInput) {
getPurposeDeletedAuditEvents(criteria: $criteria) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...PurposeFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...PurposeAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"criteria": AuditEventSearchCriteriaInput}
Response
{
"data": {
"getPurposeDeletedAuditEvents": [
{
"id": "4",
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Purpose],
"relatedResources": [Resource],
"auditPayload": PurposeAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
getPurposeUpdatedAuditEvents
Response
Returns [PurposeUpdatedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
criteria - AuditEventSearchCriteriaInput
|
The search criteria |
Example
Query
query getPurposeUpdatedAuditEvents($criteria: AuditEventSearchCriteriaInput) {
getPurposeUpdatedAuditEvents(criteria: $criteria) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...PurposeFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...PurposeAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"criteria": AuditEventSearchCriteriaInput}
Response
{
"data": {
"getPurposeUpdatedAuditEvents": [
{
"id": 4,
"sessionId": "xyz789",
"userAgent": "abc123",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Purpose],
"relatedResources": [Resource],
"auditPayload": PurposeAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
getPurposeUpsertedAuditEvents
Response
Returns [PurposeUpsertedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
criteria - AuditEventSearchCriteriaInput
|
The search criteria |
Example
Query
query getPurposeUpsertedAuditEvents($criteria: AuditEventSearchCriteriaInput) {
getPurposeUpsertedAuditEvents(criteria: $criteria) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...PurposeFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...PurposeAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"criteria": AuditEventSearchCriteriaInput}
Response
{
"data": {
"getPurposeUpsertedAuditEvents": [
{
"id": 4,
"sessionId": "xyz789",
"userAgent": "abc123",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Purpose],
"relatedResources": [Resource],
"auditPayload": PurposeAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
getSnowflakeQueryAuditEvents
Response
Returns [QueryAuditEvent!]!
Arguments
| Name | Description |
|---|---|
criteria - AuditEventSearchCriteriaInput
|
The search criteria |
Example
Query
query getSnowflakeQueryAuditEvents($criteria: AuditEventSearchCriteriaInput) {
getSnowflakeQueryAuditEvents(criteria: $criteria) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...DatasourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...QueryAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"criteria": AuditEventSearchCriteriaInput}
Response
{
"data": {
"getSnowflakeQueryAuditEvents": [
{
"id": 4,
"sessionId": "abc123",
"userAgent": "abc123",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Datasource],
"relatedResources": [Resource],
"auditPayload": QueryAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
getTagAppliedAuditEvents
Response
Returns [TagAppliedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
criteria - AuditEventSearchCriteriaInput
|
The search criteria |
Example
Query
query getTagAppliedAuditEvents($criteria: AuditEventSearchCriteriaInput) {
getTagAppliedAuditEvents(criteria: $criteria) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...ResourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...TagAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"criteria": AuditEventSearchCriteriaInput}
Response
{
"data": {
"getTagAppliedAuditEvents": [
{
"id": "4",
"sessionId": "xyz789",
"userAgent": "abc123",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Resource],
"relatedResources": [Resource],
"auditPayload": TagAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
getTagCreatedAuditEvents
Response
Returns [TagCreatedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
criteria - AuditEventSearchCriteriaInput
|
The search criteria |
Example
Query
query getTagCreatedAuditEvents($criteria: AuditEventSearchCriteriaInput) {
getTagCreatedAuditEvents(criteria: $criteria) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...ResourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...TagAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"criteria": AuditEventSearchCriteriaInput}
Response
{
"data": {
"getTagCreatedAuditEvents": [
{
"id": "4",
"sessionId": "xyz789",
"userAgent": "abc123",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Resource],
"relatedResources": [Resource],
"auditPayload": TagAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
getTagDeletedAuditEvents
Response
Returns [TagDeletedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
criteria - AuditEventSearchCriteriaInput
|
The search criteria |
Example
Query
query getTagDeletedAuditEvents($criteria: AuditEventSearchCriteriaInput) {
getTagDeletedAuditEvents(criteria: $criteria) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...ResourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...TagAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"criteria": AuditEventSearchCriteriaInput}
Response
{
"data": {
"getTagDeletedAuditEvents": [
{
"id": 4,
"sessionId": "xyz789",
"userAgent": "abc123",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Resource],
"relatedResources": [Resource],
"auditPayload": TagAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
getTagRemovedAuditEvents
Response
Returns [TagRemovedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
criteria - AuditEventSearchCriteriaInput
|
The search criteria |
Example
Query
query getTagRemovedAuditEvents($criteria: AuditEventSearchCriteriaInput) {
getTagRemovedAuditEvents(criteria: $criteria) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...ResourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...TagAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"criteria": AuditEventSearchCriteriaInput}
Response
{
"data": {
"getTagRemovedAuditEvents": [
{
"id": "4",
"sessionId": "abc123",
"userAgent": "xyz789",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Resource],
"relatedResources": [Resource],
"auditPayload": TagAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
getTagUpdatedAuditEvents
Response
Returns [TagUpdatedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
criteria - AuditEventSearchCriteriaInput
|
The search criteria |
Example
Query
query getTagUpdatedAuditEvents($criteria: AuditEventSearchCriteriaInput) {
getTagUpdatedAuditEvents(criteria: $criteria) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...ResourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...TagAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"criteria": AuditEventSearchCriteriaInput}
Response
{
"data": {
"getTagUpdatedAuditEvents": [
{
"id": "4",
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Resource],
"relatedResources": [Resource],
"auditPayload": TagAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
getUserAuthenticatedAuditEvents
Response
Returns [UserAuthenticatedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
criteria - AuditEventSearchCriteriaInput
|
The search criteria |
Example
Query
query getUserAuthenticatedAuditEvents($criteria: AuditEventSearchCriteriaInput) {
getUserAuthenticatedAuditEvents(criteria: $criteria) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...UserFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...UserAuthenticatedAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"criteria": AuditEventSearchCriteriaInput}
Response
{
"data": {
"getUserAuthenticatedAuditEvents": [
{
"id": 4,
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [User],
"relatedResources": [Resource],
"auditPayload": UserAuthenticatedAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
getUserUpdatedAuditEvents
Response
Returns [UserUpdatedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
criteria - AuditEventSearchCriteriaInput
|
The search criteria |
Example
Query
query getUserUpdatedAuditEvents($criteria: AuditEventSearchCriteriaInput) {
getUserUpdatedAuditEvents(criteria: $criteria) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...UserFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...UserAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"criteria": AuditEventSearchCriteriaInput}
Response
{
"data": {
"getUserUpdatedAuditEvents": [
{
"id": "4",
"sessionId": "abc123",
"userAgent": "xyz789",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [User],
"relatedResources": [Resource],
"auditPayload": UserAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
getWebhookCreatedAuditEvents
Response
Returns [WebhookCreatedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
criteria - AuditEventSearchCriteriaInput
|
The search criteria |
Example
Query
query getWebhookCreatedAuditEvents($criteria: AuditEventSearchCriteriaInput) {
getWebhookCreatedAuditEvents(criteria: $criteria) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...WebhookFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...WebhookAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"criteria": AuditEventSearchCriteriaInput}
Response
{
"data": {
"getWebhookCreatedAuditEvents": [
{
"id": "4",
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Webhook],
"relatedResources": [Resource],
"auditPayload": WebhookAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
getWebhookDeletedAuditEvents
Response
Returns [WebhookDeletedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
criteria - AuditEventSearchCriteriaInput
|
The search criteria |
Example
Query
query getWebhookDeletedAuditEvents($criteria: AuditEventSearchCriteriaInput) {
getWebhookDeletedAuditEvents(criteria: $criteria) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...WebhookFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...WebhookAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"criteria": AuditEventSearchCriteriaInput}
Response
{
"data": {
"getWebhookDeletedAuditEvents": [
{
"id": "4",
"sessionId": "abc123",
"userAgent": "abc123",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Webhook],
"relatedResources": [Resource],
"auditPayload": WebhookAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
Mutations
addAttributeAppliedAuditEvents
Description
Handles storing attribute applied audit events.
Response
Returns [AttributeAppliedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
data - [AttributeAppliedAuditEventInput!]!
|
Example
Query
mutation addAttributeAppliedAuditEvents($data: [AttributeAppliedAuditEventInput!]!) {
addAttributeAppliedAuditEvents(data: $data) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...ResourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...AttributeAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"data": [AttributeAppliedAuditEventInput]}
Response
{
"data": {
"addAttributeAppliedAuditEvents": [
{
"id": "4",
"sessionId": "abc123",
"userAgent": "abc123",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Resource],
"relatedResources": [Resource],
"auditPayload": AttributeAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
addAttributeRemovedAuditEvents
Description
Handles storing attribute removed audit events.
Response
Returns [AttributeRemovedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
data - [AttributeRemovedAuditEventInput!]!
|
Example
Query
mutation addAttributeRemovedAuditEvents($data: [AttributeRemovedAuditEventInput!]!) {
addAttributeRemovedAuditEvents(data: $data) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...ResourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...AttributeAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"data": [AttributeRemovedAuditEventInput]}
Response
{
"data": {
"addAttributeRemovedAuditEvents": [
{
"id": "4",
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Resource],
"relatedResources": [Resource],
"auditPayload": AttributeAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
addDatabricksQueryAuditEvents
Description
Handles storing query audit events originating from Databricks.
Response
Returns [QueryAuditEvent!]!
Arguments
| Name | Description |
|---|---|
data - [DatabricksQueryAuditEventInput!]!
|
Example
Query
mutation addDatabricksQueryAuditEvents($data: [DatabricksQueryAuditEventInput!]!) {
addDatabricksQueryAuditEvents(data: $data) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...DatasourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...QueryAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"data": [DatabricksQueryAuditEventInput]}
Response
{
"data": {
"addDatabricksQueryAuditEvents": [
{
"id": "4",
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Datasource],
"relatedResources": [Resource],
"auditPayload": QueryAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
addDatasourceCatalogSyncedAuditEvents
Description
Handles storing data source deleted audit events.
Response
Arguments
| Name | Description |
|---|---|
data - [DatasourceCatalogSyncedAuditEventInput!]!
|
Example
Query
mutation addDatasourceCatalogSyncedAuditEvents($data: [DatasourceCatalogSyncedAuditEventInput!]!) {
addDatasourceCatalogSyncedAuditEvents(data: $data) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...DatasourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...DatasourceAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"data": [DatasourceCatalogSyncedAuditEventInput]}
Response
{
"data": {
"addDatasourceCatalogSyncedAuditEvents": [
{
"id": "4",
"sessionId": "abc123",
"userAgent": "abc123",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Datasource],
"relatedResources": [Resource],
"auditPayload": DatasourceAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
addDatasourceCreatedAuditEvents
Description
Handles storing data source created audit events.
Response
Returns [DatasourceCreatedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
data - [DatasourceCreatedAuditEventInput!]!
|
Example
Query
mutation addDatasourceCreatedAuditEvents($data: [DatasourceCreatedAuditEventInput!]!) {
addDatasourceCreatedAuditEvents(data: $data) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...DatasourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...DatasourceAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"data": [DatasourceCreatedAuditEventInput]}
Response
{
"data": {
"addDatasourceCreatedAuditEvents": [
{
"id": "4",
"sessionId": "abc123",
"userAgent": "abc123",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Datasource],
"relatedResources": [Resource],
"auditPayload": DatasourceAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
addDatasourceDeletedAuditEvents
Description
Handles storing data source deleted audit events.
Response
Returns [DatasourceDeletedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
data - [DatasourceDeletedAuditEventInput!]!
|
Example
Query
mutation addDatasourceDeletedAuditEvents($data: [DatasourceDeletedAuditEventInput!]!) {
addDatasourceDeletedAuditEvents(data: $data) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...DatasourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...DatasourceAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"data": [DatasourceDeletedAuditEventInput]}
Response
{
"data": {
"addDatasourceDeletedAuditEvents": [
{
"id": 4,
"sessionId": "xyz789",
"userAgent": "abc123",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Datasource],
"relatedResources": [Resource],
"auditPayload": DatasourceAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
addDatasourceDisabledAuditEvents
Description
Handles storing data source disabled audit events.
Response
Returns [DatasourceDisabledAuditEvent!]!
Arguments
| Name | Description |
|---|---|
data - [DatasourceDisabledAuditEventInput!]!
|
Example
Query
mutation addDatasourceDisabledAuditEvents($data: [DatasourceDisabledAuditEventInput!]!) {
addDatasourceDisabledAuditEvents(data: $data) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...DatasourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...DatasourceAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"data": [DatasourceDisabledAuditEventInput]}
Response
{
"data": {
"addDatasourceDisabledAuditEvents": [
{
"id": 4,
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Datasource],
"relatedResources": [Resource],
"auditPayload": DatasourceAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
addDatasourceUpdatedAuditEvents
Description
Handles storing data source updated audit events.
Response
Returns [DatasourceUpdatedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
data - [DatasourceUpdatedAuditEventInput!]!
|
Example
Query
mutation addDatasourceUpdatedAuditEvents($data: [DatasourceUpdatedAuditEventInput!]!) {
addDatasourceUpdatedAuditEvents(data: $data) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...DatasourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...DatasourceAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"data": [DatasourceUpdatedAuditEventInput]}
Response
{
"data": {
"addDatasourceUpdatedAuditEvents": [
{
"id": "4",
"sessionId": "xyz789",
"userAgent": "abc123",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Datasource],
"relatedResources": [Resource],
"auditPayload": DatasourceAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
addLicenseCreatedAuditEvents
Description
Handles storing license created audit events.
Response
Returns [LicenseCreatedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
data - [LicenseCreatedAuditEventInput!]!
|
Example
Query
mutation addLicenseCreatedAuditEvents($data: [LicenseCreatedAuditEventInput!]!) {
addLicenseCreatedAuditEvents(data: $data) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...LicenseFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...LicenseAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"data": [LicenseCreatedAuditEventInput]}
Response
{
"data": {
"addLicenseCreatedAuditEvents": [
{
"id": 4,
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [License],
"relatedResources": [Resource],
"auditPayload": LicenseAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
addLicenseDeletedAuditEvents
Description
Handles storing license deleted audit events.
Response
Returns [LicenseDeletedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
data - [LicenseDeletedAuditEventInput!]!
|
Example
Query
mutation addLicenseDeletedAuditEvents($data: [LicenseDeletedAuditEventInput!]!) {
addLicenseDeletedAuditEvents(data: $data) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...LicenseFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...LicenseAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"data": [LicenseDeletedAuditEventInput]}
Response
{
"data": {
"addLicenseDeletedAuditEvents": [
{
"id": "4",
"sessionId": "abc123",
"userAgent": "xyz789",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [License],
"relatedResources": [Resource],
"auditPayload": LicenseAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
addPurposeDeletedAuditEvents
Description
Handles storing purpose deleted audit events.
Response
Returns [PurposeDeletedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
data - [PurposeDeletedAuditEventInput!]!
|
Example
Query
mutation addPurposeDeletedAuditEvents($data: [PurposeDeletedAuditEventInput!]!) {
addPurposeDeletedAuditEvents(data: $data) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...PurposeFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...PurposeAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"data": [PurposeDeletedAuditEventInput]}
Response
{
"data": {
"addPurposeDeletedAuditEvents": [
{
"id": 4,
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Purpose],
"relatedResources": [Resource],
"auditPayload": PurposeAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
addPurposeUpdatedAuditEvents
Description
Handles storing purpose updated audit events.
Response
Returns [PurposeUpdatedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
data - [PurposeUpdatedAuditEventInput!]!
|
Example
Query
mutation addPurposeUpdatedAuditEvents($data: [PurposeUpdatedAuditEventInput!]!) {
addPurposeUpdatedAuditEvents(data: $data) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...PurposeFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...PurposeAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"data": [PurposeUpdatedAuditEventInput]}
Response
{
"data": {
"addPurposeUpdatedAuditEvents": [
{
"id": 4,
"sessionId": "abc123",
"userAgent": "abc123",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Purpose],
"relatedResources": [Resource],
"auditPayload": PurposeAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
addPurposeUpsertedAuditEvents
Description
Handles storing purpose upserted audit events.
Response
Returns [PurposeUpsertedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
data - [PurposeUpsertedAuditEventInput!]!
|
Example
Query
mutation addPurposeUpsertedAuditEvents($data: [PurposeUpsertedAuditEventInput!]!) {
addPurposeUpsertedAuditEvents(data: $data) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...PurposeFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...PurposeAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"data": [PurposeUpsertedAuditEventInput]}
Response
{
"data": {
"addPurposeUpsertedAuditEvents": [
{
"id": 4,
"sessionId": "abc123",
"userAgent": "abc123",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Purpose],
"relatedResources": [Resource],
"auditPayload": PurposeAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
addSnowflakeQueryAuditEvents
Description
Handles storing query audit events originating from Snowflake.
Response
Returns [QueryAuditEvent!]!
Arguments
| Name | Description |
|---|---|
data - [SnowflakeQueryAuditEventInput!]!
|
Example
Query
mutation addSnowflakeQueryAuditEvents($data: [SnowflakeQueryAuditEventInput!]!) {
addSnowflakeQueryAuditEvents(data: $data) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...DatasourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...QueryAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"data": [SnowflakeQueryAuditEventInput]}
Response
{
"data": {
"addSnowflakeQueryAuditEvents": [
{
"id": 4,
"sessionId": "abc123",
"userAgent": "abc123",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Datasource],
"relatedResources": [Resource],
"auditPayload": QueryAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
addTagAppliedAuditEvents
Description
Handles storing tag applied audit events.
Response
Returns [TagAppliedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
data - [TagAppliedAuditEventInput!]!
|
Example
Query
mutation addTagAppliedAuditEvents($data: [TagAppliedAuditEventInput!]!) {
addTagAppliedAuditEvents(data: $data) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...ResourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...TagAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"data": [TagAppliedAuditEventInput]}
Response
{
"data": {
"addTagAppliedAuditEvents": [
{
"id": 4,
"sessionId": "abc123",
"userAgent": "abc123",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Resource],
"relatedResources": [Resource],
"auditPayload": TagAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
addTagCreatedAuditEvents
Description
Handles storing tag created audit events.
Response
Returns [TagCreatedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
data - [TagCreatedAuditEventInput!]!
|
Example
Query
mutation addTagCreatedAuditEvents($data: [TagCreatedAuditEventInput!]!) {
addTagCreatedAuditEvents(data: $data) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...ResourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...TagAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"data": [TagCreatedAuditEventInput]}
Response
{
"data": {
"addTagCreatedAuditEvents": [
{
"id": "4",
"sessionId": "abc123",
"userAgent": "abc123",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Resource],
"relatedResources": [Resource],
"auditPayload": TagAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
addTagDeletedAuditEvents
Description
Handles storing tag deleted audit events.
Response
Returns [TagDeletedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
data - [TagDeletedAuditEventInput!]!
|
Example
Query
mutation addTagDeletedAuditEvents($data: [TagDeletedAuditEventInput!]!) {
addTagDeletedAuditEvents(data: $data) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...ResourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...TagAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"data": [TagDeletedAuditEventInput]}
Response
{
"data": {
"addTagDeletedAuditEvents": [
{
"id": 4,
"sessionId": "abc123",
"userAgent": "xyz789",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Resource],
"relatedResources": [Resource],
"auditPayload": TagAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
addTagRemovedAuditEvents
Description
Handles storing tag removed audit events.
Response
Returns [TagRemovedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
data - [TagRemovedAuditEventInput!]!
|
Example
Query
mutation addTagRemovedAuditEvents($data: [TagRemovedAuditEventInput!]!) {
addTagRemovedAuditEvents(data: $data) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...ResourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...TagAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"data": [TagRemovedAuditEventInput]}
Response
{
"data": {
"addTagRemovedAuditEvents": [
{
"id": "4",
"sessionId": "abc123",
"userAgent": "xyz789",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Resource],
"relatedResources": [Resource],
"auditPayload": TagAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
addTagUpdatedAuditEvents
Description
Handles storing tag updated audit events.
Response
Returns [TagUpdatedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
data - [TagUpdatedAuditEventInput!]!
|
Example
Query
mutation addTagUpdatedAuditEvents($data: [TagUpdatedAuditEventInput!]!) {
addTagUpdatedAuditEvents(data: $data) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...ResourceFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...TagAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"data": [TagUpdatedAuditEventInput]}
Response
{
"data": {
"addTagUpdatedAuditEvents": [
{
"id": 4,
"sessionId": "xyz789",
"userAgent": "abc123",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Resource],
"relatedResources": [Resource],
"auditPayload": TagAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
addUserAuthenticatedAuditEvents
Description
Handles storing user authenticated audit events.
Response
Returns [UserAuthenticatedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
data - [UserAuthenticatedAuditEventInput!]!
|
Example
Query
mutation addUserAuthenticatedAuditEvents($data: [UserAuthenticatedAuditEventInput!]!) {
addUserAuthenticatedAuditEvents(data: $data) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...UserFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...UserAuthenticatedAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"data": [UserAuthenticatedAuditEventInput]}
Response
{
"data": {
"addUserAuthenticatedAuditEvents": [
{
"id": 4,
"sessionId": "abc123",
"userAgent": "xyz789",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [User],
"relatedResources": [Resource],
"auditPayload": UserAuthenticatedAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
addUserUpdatedAuditEvents
Description
Handles storing user updated audit events.
Response
Returns [UserUpdatedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
data - [UserUpdatedAuditEventInput!]!
|
Example
Query
mutation addUserUpdatedAuditEvents($data: [UserUpdatedAuditEventInput!]!) {
addUserUpdatedAuditEvents(data: $data) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...UserFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...UserAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"data": [UserUpdatedAuditEventInput]}
Response
{
"data": {
"addUserUpdatedAuditEvents": [
{
"id": 4,
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [User],
"relatedResources": [Resource],
"auditPayload": UserAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
addWebhookCreatedAuditEvents
Description
Handles storing webhook created audit events.
Response
Returns [WebhookCreatedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
data - [WebhookCreatedAuditEventInput!]!
|
Example
Query
mutation addWebhookCreatedAuditEvents($data: [WebhookCreatedAuditEventInput!]!) {
addWebhookCreatedAuditEvents(data: $data) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...WebhookFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...WebhookAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"data": [WebhookCreatedAuditEventInput]}
Response
{
"data": {
"addWebhookCreatedAuditEvents": [
{
"id": "4",
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Webhook],
"relatedResources": [Resource],
"auditPayload": WebhookAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
addWebhookDeletedAuditEvents
Description
Handles storing webhook deleted audit events.
Response
Returns [WebhookDeletedAuditEvent!]!
Arguments
| Name | Description |
|---|---|
data - [WebhookDeletedAuditEventInput!]!
|
Example
Query
mutation addWebhookDeletedAuditEvents($data: [WebhookDeletedAuditEventInput!]!) {
addWebhookDeletedAuditEvents(data: $data) {
id
sessionId
userAgent
requestId
action
actionStatus
actionStatusReason
actor {
... on UserActor {
...UserActorFragment
}
... on SystemAccount {
...SystemAccountFragment
}
... on UnknownUser {
...UnknownUserFragment
}
}
actorIp
tenantId
targetType
targets {
...WebhookFragment
}
relatedResources {
...ResourceFragment
}
auditPayload {
...WebhookAuditPayloadFragment
}
eventTimestamp
receivedTimestamp
}
}
Variables
{"data": [WebhookDeletedAuditEventInput]}
Response
{
"data": {
"addWebhookDeletedAuditEvents": [
{
"id": "4",
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Webhook],
"relatedResources": [Resource],
"auditPayload": WebhookAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
]
}
}
createExportJob
Description
Creates an export job.
Response
Returns an ExportJob!
Arguments
| Name | Description |
|---|---|
exportConfigurationId - String!
|
The export configuration for this job. |
Example
Query
mutation createExportJob($exportConfigurationId: String!) {
createExportJob(exportConfigurationId: $exportConfigurationId) {
id
exportConfiguration {
...ExportConfigurationFragment
}
startTimestamp
endTimestamp
status
tasks {
...ExportJobTaskFragment
}
windowStart
windowEnd
failureReason
}
}
Variables
{"exportConfigurationId": "abc123"}
Response
{
"data": {
"createExportJob": {
"id": 4,
"exportConfiguration": ExportConfiguration,
"startTimestamp": "2007-12-03T10:15:30Z",
"endTimestamp": "2007-12-03T10:15:30Z",
"status": "RUNNING",
"tasks": [ExportJobTask],
"windowStart": "2007-12-03T10:15:30Z",
"windowEnd": "2007-12-03T10:15:30Z",
"failureReason": "xyz789"
}
}
}
createExportJobTask
Description
Creates an export job task.
Response
Returns an ExportJobTask!
Arguments
| Name | Description |
|---|---|
data - CreateExportJobTaskInput!
|
The export job task |
Example
Query
mutation createExportJobTask($data: CreateExportJobTaskInput!) {
createExportJobTask(data: $data) {
id
startTimestamp
endTimestamp
attempts
offset
limit
status
failureReason
}
}
Variables
{"data": CreateExportJobTaskInput}
Response
{
"data": {
"createExportJobTask": {
"id": 4,
"startTimestamp": "2007-12-03T10:15:30Z",
"endTimestamp": "2007-12-03T10:15:30Z",
"attempts": 987.65,
"offset": 987,
"limit": 987,
"status": "RUNNING",
"failureReason": "abc123"
}
}
}
createS3ExportConfiguration
Description
Creates an S3 export configuration.
Response
Returns an ExportConfiguration!
Arguments
| Name | Description |
|---|---|
data - CreateS3ExportConfigurationInput!
|
The S3 export configuration. |
Example
Query
mutation createS3ExportConfiguration($data: CreateS3ExportConfigurationInput!) {
createS3ExportConfiguration(data: $data) {
id
interval
enabled
endpointConfiguration {
... on S3EndpointConfiguration {
...S3EndpointConfigurationFragment
}
}
createdBy {
...UserFragment
}
createdAt
updatedBy {
...UserFragment
}
updatedAt
}
}
Variables
{"data": CreateS3ExportConfigurationInput}
Response
{
"data": {
"createS3ExportConfiguration": {
"id": "4",
"interval": "EVERY_2_HOURS",
"enabled": true,
"endpointConfiguration": S3EndpointConfiguration,
"createdBy": User,
"createdAt": "2007-12-03T10:15:30Z",
"updatedBy": User,
"updatedAt": "2007-12-03T10:15:30Z"
}
}
}
deleteExportConfiguration
Description
Deletes an export configuration.
Response
Returns an ExportConfiguration!
Arguments
| Name | Description |
|---|---|
id - String!
|
The ID of the export configuration. |
Example
Query
mutation deleteExportConfiguration($id: String!) {
deleteExportConfiguration(id: $id) {
id
interval
enabled
endpointConfiguration {
... on S3EndpointConfiguration {
...S3EndpointConfigurationFragment
}
}
createdBy {
...UserFragment
}
createdAt
updatedBy {
...UserFragment
}
updatedAt
}
}
Variables
{"id": "xyz789"}
Response
{
"data": {
"deleteExportConfiguration": {
"id": "4",
"interval": "EVERY_2_HOURS",
"enabled": false,
"endpointConfiguration": S3EndpointConfiguration,
"createdBy": User,
"createdAt": "2007-12-03T10:15:30Z",
"updatedBy": User,
"updatedAt": "2007-12-03T10:15:30Z"
}
}
}
disableExportConfiguration
Description
Disable an export configuration. Returns the configuration that was disabled.
Response
Returns an ExportConfiguration!
Arguments
| Name | Description |
|---|---|
id - String!
|
The ID of the export configuration. |
Example
Query
mutation disableExportConfiguration($id: String!) {
disableExportConfiguration(id: $id) {
id
interval
enabled
endpointConfiguration {
... on S3EndpointConfiguration {
...S3EndpointConfigurationFragment
}
}
createdBy {
...UserFragment
}
createdAt
updatedBy {
...UserFragment
}
updatedAt
}
}
Variables
{"id": "abc123"}
Response
{
"data": {
"disableExportConfiguration": {
"id": 4,
"interval": "EVERY_2_HOURS",
"enabled": false,
"endpointConfiguration": S3EndpointConfiguration,
"createdBy": User,
"createdAt": "2007-12-03T10:15:30Z",
"updatedBy": User,
"updatedAt": "2007-12-03T10:15:30Z"
}
}
}
enableExportConfiguration
Description
Enable an export configuration. Returns the configuration that was enabled.
Response
Returns an ExportConfiguration!
Arguments
| Name | Description |
|---|---|
id - String!
|
The ID of the export configuration. |
Example
Query
mutation enableExportConfiguration($id: String!) {
enableExportConfiguration(id: $id) {
id
interval
enabled
endpointConfiguration {
... on S3EndpointConfiguration {
...S3EndpointConfigurationFragment
}
}
createdBy {
...UserFragment
}
createdAt
updatedBy {
...UserFragment
}
updatedAt
}
}
Variables
{"id": "abc123"}
Response
{
"data": {
"enableExportConfiguration": {
"id": 4,
"interval": "EVERY_2_HOURS",
"enabled": false,
"endpointConfiguration": S3EndpointConfiguration,
"createdBy": User,
"createdAt": "2007-12-03T10:15:30Z",
"updatedBy": User,
"updatedAt": "2007-12-03T10:15:30Z"
}
}
}
updateExportJob
Description
Updates an export job.
Response
Returns an ExportJob!
Arguments
| Name | Description |
|---|---|
data - UpdateExportJobInput!
|
The export job |
Example
Query
mutation updateExportJob($data: UpdateExportJobInput!) {
updateExportJob(data: $data) {
id
exportConfiguration {
...ExportConfigurationFragment
}
startTimestamp
endTimestamp
status
tasks {
...ExportJobTaskFragment
}
windowStart
windowEnd
failureReason
}
}
Variables
{"data": UpdateExportJobInput}
Response
{
"data": {
"updateExportJob": {
"id": "4",
"exportConfiguration": ExportConfiguration,
"startTimestamp": "2007-12-03T10:15:30Z",
"endTimestamp": "2007-12-03T10:15:30Z",
"status": "RUNNING",
"tasks": [ExportJobTask],
"windowStart": "2007-12-03T10:15:30Z",
"windowEnd": "2007-12-03T10:15:30Z",
"failureReason": "xyz789"
}
}
}
updateExportJobTask
Description
Updates an export job task.
Response
Returns an ExportJobTask!
Arguments
| Name | Description |
|---|---|
data - UpdateExportJobTaskInput!
|
The export job task |
Example
Query
mutation updateExportJobTask($data: UpdateExportJobTaskInput!) {
updateExportJobTask(data: $data) {
id
startTimestamp
endTimestamp
attempts
offset
limit
status
failureReason
}
}
Variables
{"data": UpdateExportJobTaskInput}
Response
{
"data": {
"updateExportJobTask": {
"id": "4",
"startTimestamp": "2007-12-03T10:15:30Z",
"endTimestamp": "2007-12-03T10:15:30Z",
"attempts": 123.45,
"offset": 987,
"limit": 123,
"status": "RUNNING",
"failureReason": "abc123"
}
}
}
updateS3ExportConfiguration
Description
Updates an S3 export configuration.
Response
Returns an ExportConfiguration!
Arguments
| Name | Description |
|---|---|
data - UpdateS3ExportConfigurationInput!
|
The S3 export configuration. |
Example
Query
mutation updateS3ExportConfiguration($data: UpdateS3ExportConfigurationInput!) {
updateS3ExportConfiguration(data: $data) {
id
interval
enabled
endpointConfiguration {
... on S3EndpointConfiguration {
...S3EndpointConfigurationFragment
}
}
createdBy {
...UserFragment
}
createdAt
updatedBy {
...UserFragment
}
updatedAt
}
}
Variables
{"data": UpdateS3ExportConfigurationInput}
Response
{
"data": {
"updateS3ExportConfiguration": {
"id": 4,
"interval": "EVERY_2_HOURS",
"enabled": false,
"endpointConfiguration": S3EndpointConfiguration,
"createdBy": User,
"createdAt": "2007-12-03T10:15:30Z",
"updatedBy": User,
"updatedAt": "2007-12-03T10:15:30Z"
}
}
}
Subscriptions
id
Description
The ID of the subscription record.
Response
Returns an ID!
Example
Query
subscription id {
id
}
Response
{"data": {"id": 4}}
model
Description
The model to which this subscription grants access.
Response
Returns a SubscriptionModel!
Example
Query
subscription model {
model {
... on Datasource {
...DatasourceFragment
}
... on Project {
...ProjectFragment
}
}
}
Response
{"data": {"model": Datasource}}
name
Description
The name of the subscription (same as ID).
Response
Returns a String!
Example
Query
subscription name {
name
}
Response
{"data": {"name": "abc123"}}
subscriber
Description
The subscriber for which this subscription grants access.
Response
Returns a Subscriber!
Example
Query
subscription subscriber {
subscriber {
... on User {
...UserFragment
}
... on Group {
...GroupFragment
}
}
}
Response
{"data": {"subscriber": User}}
type
Description
The type of the resource - SUBSCRIPTION.
Response
Returns a ResourceType!
Example
Query
subscription type {
type
}
Response
{"data": {"type": "ATTRIBUTE"}}
Types
AbstractDatabricksContext
Description
Databricks context for query audit payloads.
Fields
| Field Name | Description |
|---|---|
type - String!
|
The technology context type: DatabricksContext. |
clusterId - String
|
Databricks cluster ID. |
clusterName - String
|
Databricks cluster name. |
workspaceId - String
|
Databricks workspace ID. |
queryLanguage - String
|
Language used within Databricks notebook cell or JDBC query. |
service - DatabricksService
|
The Databricks service utilized for the query. |
Example
{
"type": "xyz789",
"clusterId": "abc123",
"clusterName": "xyz789",
"workspaceId": "abc123",
"queryLanguage": "abc123",
"service": "CLUSTER"
}
AccessControls
Description
Represents the access controls enforced when a user queries a data source.
Fields
| Field Name | Description |
|---|---|
policySet - [Policy!]
|
The policies applied during this query, if applicable. |
entitlements - Entitlements
|
The user entitlements applied during this query, if applicable. |
Example
{
"policySet": [Policy],
"entitlements": Entitlements
}
Account
Description
An Immuta account type.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the account. |
name - String!
|
The name of the account. |
type - ResourceType!
|
The type of the account. |
Possible Types
| Account Types |
|---|
Example
{
"id": 4,
"name": "xyz789",
"type": "ATTRIBUTE"
}
ActionStatus
Description
An enumeration of event statuses within the Immuta platform.
Values
| Enum Value | Description |
|---|---|
|
|
The event captured by the audit was successful (e.g., the data source was created successfully). |
|
|
The event captured by the audit failed (e.g., the data source had errors being created). |
|
|
The event captured by the audit was unauthorized (e.g., the user was unauthorized to query the data source). |
Example
"SUCCESS"
Actor
Description
A union type representing an account performing an action.
Types
| Union Types |
|---|
Example
UserActor
AdvancedPolicy
Description
An advanced DSL policy.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
subscriptionPolicyType - SubscriptionPolicyType!
|
Denotes the subscription policy type. |
advanced - String!
|
The policy DSL. |
Possible Types
| AdvancedPolicy Types |
|---|
Example
{
"type": "SUBSCRIPTION",
"rationale": "xyz789",
"subscriptionPolicyType": "MANUAL",
"advanced": "abc123"
}
AdvancedPolicyApplied
Description
An advanced DSL policy.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
global - Boolean!
|
|
policyKey - String
|
A key/name to uniquely identify this policy. |
name - String
|
The name of the policy |
id - String
|
The id of the policy |
subscriptionPolicyType - SubscriptionPolicyType!
|
Denotes the subscription policy type. |
mergedPolicies - [SubscriptionPolicyApplied!]
|
The Subscription policies that were merged together to create this policy. |
ruleAppliedForUser - Boolean!
|
If this policy matched for the user running the query. |
advanced - String!
|
The policy DSL. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "xyz789",
"global": false,
"policyKey": "abc123",
"name": "xyz789",
"id": "xyz789",
"subscriptionPolicyType": "MANUAL",
"mergedPolicies": [SubscriptionPolicyApplied],
"ruleAppliedForUser": true,
"advanced": "xyz789"
}
AdvancedPolicyGlobal
Description
An advanced DSL policy.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
subscriptionPolicyType - SubscriptionPolicyType!
|
Denotes the subscription policy type. |
advanced - String!
|
The policy DSL. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "abc123",
"subscriptionPolicyType": "MANUAL",
"advanced": "abc123"
}
AppliedPolicy
Description
The policy type when applied to a Datasource/Project.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
global - Boolean!
|
|
policyKey - String
|
A key/name to uniquely identify this policy. |
name - String
|
The name of the policy. |
id - String
|
The id of the policy. |
Possible Types
| AppliedPolicy Types |
|---|
Example
{
"type": "SUBSCRIPTION",
"rationale": "abc123",
"global": false,
"policyKey": "abc123",
"name": "xyz789",
"id": "xyz789"
}
Approval
Description
The requirements for approving a data source access request.
Example
{
"requiredPermission": "abc123",
"specificApproverRequired": false
}
ApprovalEntitlementsPolicy
Description
A policy that requires users to have specific entitlements and receive manual approval before accessing a data source.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
subscriptionPolicyType - SubscriptionPolicyType!
|
Denotes the subscription policy type. |
approvals - [Approval!]!
|
The approval conditions. |
entitlements - SubscriptionEntitlementsConditions!
|
The entitlements required for the user to access the data source. |
Possible Types
| ApprovalEntitlementsPolicy Types |
|---|
Example
{
"type": "SUBSCRIPTION",
"rationale": "xyz789",
"subscriptionPolicyType": "MANUAL",
"approvals": [Approval],
"entitlements": SubscriptionEntitlementsConditions
}
ApprovalEntitlementsPolicyApplied
Description
A policy that requires users to have specific entitlements and receive manual approval before accessing a data source.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
global - Boolean!
|
|
policyKey - String
|
A key/name to uniquely identify this policy. |
name - String
|
The name of the policy |
id - String
|
The id of the policy |
subscriptionPolicyType - SubscriptionPolicyType!
|
Denotes the subscription policy type. |
mergedPolicies - [SubscriptionPolicyApplied!]
|
The Subscription policies that were merged together to create this policy. |
ruleAppliedForUser - Boolean!
|
If this policy matched for the user running the query. |
approvals - [Approval!]!
|
The approval conditions. |
entitlements - SubscriptionEntitlementsConditions!
|
The entitlements required for the user to access the data source. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "xyz789",
"global": true,
"policyKey": "abc123",
"name": "abc123",
"id": "abc123",
"subscriptionPolicyType": "MANUAL",
"mergedPolicies": [SubscriptionPolicyApplied],
"ruleAppliedForUser": true,
"approvals": [Approval],
"entitlements": SubscriptionEntitlementsConditions
}
ApprovalEntitlementsPolicyGlobal
Description
A policy that requires users to have specific entitlements and receive manual approval before accessing a data source.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
subscriptionPolicyType - SubscriptionPolicyType!
|
Denotes the subscription policy type. |
approvals - [Approval!]!
|
The approval conditions. |
entitlements - SubscriptionEntitlementsConditions!
|
The entitlements required for the user to access the data source. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "abc123",
"subscriptionPolicyType": "MANUAL",
"approvals": [Approval],
"entitlements": SubscriptionEntitlementsConditions
}
ApprovalPolicy
Description
An approval subscription policy.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
subscriptionPolicyType - SubscriptionPolicyType!
|
Denotes the subscription policy type. |
approvals - [Approval!]!
|
The approval conditions. |
Possible Types
| ApprovalPolicy Types |
|---|
Example
{
"type": "SUBSCRIPTION",
"rationale": "abc123",
"subscriptionPolicyType": "MANUAL",
"approvals": [Approval]
}
ApprovalPolicyApplied
Description
An approval subscription policy.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
global - Boolean!
|
|
policyKey - String
|
A key/name to uniquely identify this policy. |
name - String
|
The name of the policy |
id - String
|
The id of the policy |
subscriptionPolicyType - SubscriptionPolicyType!
|
Denotes the subscription policy type. |
mergedPolicies - [SubscriptionPolicyApplied!]
|
The Subscription policies that were merged together to create this policy. |
ruleAppliedForUser - Boolean!
|
If this policy matched for the user running the query. |
approvals - [Approval!]!
|
The approval conditions. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "xyz789",
"global": false,
"policyKey": "abc123",
"name": "xyz789",
"id": "xyz789",
"subscriptionPolicyType": "MANUAL",
"mergedPolicies": [SubscriptionPolicyApplied],
"ruleAppliedForUser": true,
"approvals": [Approval]
}
ApprovalPolicyGlobal
Description
An approval subscription policy.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
subscriptionPolicyType - SubscriptionPolicyType!
|
Denotes the subscription policy type. |
approvals - [Approval!]!
|
The approval conditions. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "xyz789",
"subscriptionPolicyType": "MANUAL",
"approvals": [Approval]
}
AttributEntityType
Description
The type of entity that the attribute is being applied to or removed from (e.g., user, group).
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"USER"
Attribute
Description
An Immuta attribute resource representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The name of the attribute. |
name - String!
|
The name of the attribute (same as ID). |
type - ResourceType!
|
The type of the resource - ATTRIBUTE. |
values - [String!]!
|
The values of the attribute. |
Example
{
"id": "4",
"name": "xyz789",
"type": "ATTRIBUTE",
"values": ["xyz789"]
}
AttributeAppliedAuditEvent
Description
The attribute applied audit event representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the audit event. |
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
action - AuditEventAction!
|
The action that was performed. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actor - Actor!
|
The user who performed the action. |
actorIp - String
|
The IP address of the actor. |
tenantId - String!
|
The ID of the tenant. |
targetType - ResourceType!
|
The type of the target resources (e.g., DATASOURCE, POLICY, PURPOSE, PROJECT, TAG, USER). |
targets - [Resource!]!
|
The target resources of the action. |
relatedResources - [Resource!]!
|
Resources related to the action that are not targets. |
auditPayload - AttributeAuditPayload!
|
The attribute audit event payload. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
receivedTimestamp - DateTime!
|
The timestamp the audit event was received and stored by Immuta. |
Example
{
"id": "4",
"sessionId": "abc123",
"userAgent": "xyz789",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Resource],
"relatedResources": [Resource],
"auditPayload": AttributeAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
AttributeAppliedAuditEventInput
Description
The attribute applied audit event input representation.
Fields
| Input Field | Description |
|---|---|
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actorId - String!
|
The ID of the user who performed the action. |
actorIdProvider - String!
|
The identity provider of the actor. |
profileId - String
|
The ID of the user's profile. |
userName - String
|
The name of the user. |
actorIp - String
|
The IP address of the actor. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
id - ID
|
The ID of the audit event. |
entityIdProvider - String!
|
The identity provider for the entity. |
entityType - AttributEntityType!
|
The type of entity. |
entityId - String!
|
The ID of the entity. |
attributes - [SingleAttributeInput!]!
|
An array of attributes. |
Example
{
"sessionId": "abc123",
"userAgent": "abc123",
"requestId": "abc123",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actorId": "xyz789",
"actorIdProvider": "abc123",
"profileId": "xyz789",
"userName": "abc123",
"actorIp": "xyz789",
"eventTimestamp": "2007-12-03T10:15:30Z",
"id": 4,
"entityIdProvider": "xyz789",
"entityType": "USER",
"entityId": "xyz789",
"attributes": [SingleAttributeInput]
}
AttributeAppliedAuditPayload
Description
The attribute applied audit event payload representation.
Fields
| Field Name | Description |
|---|---|
entityIdProvider - String!
|
The identity provider for the entity. |
entityType - AttributEntityType!
|
The type of entity. |
entityId - String!
|
The ID of the entity. |
attributes - [SingleAttribute!]!
|
An array of attributes. |
type - String!
|
|
version - Float
|
The version of the Audit Event Schema |
Example
{
"entityIdProvider": "abc123",
"entityType": "USER",
"entityId": "abc123",
"attributes": [SingleAttribute],
"type": "xyz789",
"version": 987.65
}
AttributeAuditPayload
Description
The attribute audit event payload.
Possible Types
| AttributeAuditPayload Types |
|---|
Example
{"type": "xyz789", "version": 123.45}
AttributeRemovedAuditEvent
Description
The attribute applied audit event representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the audit event. |
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
action - AuditEventAction!
|
The action that was performed. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actor - Actor!
|
The user who performed the action. |
actorIp - String
|
The IP address of the actor. |
tenantId - String!
|
The ID of the tenant. |
targetType - ResourceType!
|
The type of the target resources (e.g., DATASOURCE, POLICY, PURPOSE, PROJECT, TAG, USER). |
targets - [Resource!]!
|
The target resources of the action. |
relatedResources - [Resource!]!
|
Resources related to the action that are not targets. |
auditPayload - AttributeAuditPayload!
|
The attribute audit event payload. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
receivedTimestamp - DateTime!
|
The timestamp the audit event was received and stored by Immuta. |
Example
{
"id": 4,
"sessionId": "abc123",
"userAgent": "xyz789",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Resource],
"relatedResources": [Resource],
"auditPayload": AttributeAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
AttributeRemovedAuditEventInput
Description
The attribute removed audit event input representation.
Fields
| Input Field | Description |
|---|---|
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actorId - String!
|
The ID of the user who performed the action. |
actorIdProvider - String!
|
The identity provider of the actor. |
profileId - String
|
The ID of the user's profile. |
userName - String
|
The name of the user. |
actorIp - String
|
The IP address of the actor. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
id - ID
|
The ID of the audit event. |
entityIdProvider - String!
|
The identity provider for the entity. |
entityType - AttributEntityType!
|
The type of entity. |
entityId - String!
|
The ID of the entity. |
attributes - [SingleAttributeInput!]!
|
An array of attributes. |
Example
{
"sessionId": "xyz789",
"userAgent": "abc123",
"requestId": "abc123",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actorId": "xyz789",
"actorIdProvider": "xyz789",
"profileId": "abc123",
"userName": "xyz789",
"actorIp": "abc123",
"eventTimestamp": "2007-12-03T10:15:30Z",
"id": 4,
"entityIdProvider": "abc123",
"entityType": "USER",
"entityId": "xyz789",
"attributes": [SingleAttributeInput]
}
AttributeRemovedAuditPayload
Description
The attribute applied audit event payload representation.
Fields
| Field Name | Description |
|---|---|
entityIdProvider - String!
|
The identity provider for the entity. |
entityType - AttributEntityType!
|
The type of entity. |
entityId - String!
|
The ID of the entity. |
attributes - [SingleAttribute!]!
|
An array of attributes. |
type - String!
|
|
version - Float
|
The version of the Audit Event Schema |
Example
{
"entityIdProvider": "xyz789",
"entityType": "USER",
"entityId": "xyz789",
"attributes": [SingleAttribute],
"type": "abc123",
"version": 987.65
}
AuditEvent
Description
An Immuta audit event.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the audit event. |
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
action - AuditEventAction!
|
The action that was performed. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actor - Actor!
|
The user who performed the action. |
actorIp - String
|
The IP address of the actor. |
tenantId - String!
|
The ID of the tenant. |
targetType - ResourceType!
|
The type of the target resources (e.g., DATASOURCE, POLICY, PURPOSE, PROJECT, TAG, USER). |
targets - [Resource!]!
|
The target resources of the action. |
relatedResources - [Resource!]!
|
Resources related to the action that are not targets. |
auditPayload - AuditPayload!
|
The audit event payload. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
receivedTimestamp - DateTime!
|
The timestamp the audit event was received and stored by Immuta. |
Possible Types
| AuditEvent Types |
|---|
Example
{
"id": 4,
"sessionId": "abc123",
"userAgent": "xyz789",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Resource],
"relatedResources": [Resource],
"auditPayload": AuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
AuditEventAction
Description
An enumeration of audit event actions within the Immuta platform.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"ATTRIBUTE_APPLY"
AuditEventSearchCriteriaInput
Description
The audit event search criteria input.
Fields
| Input Field | Description |
|---|---|
offset - Int
|
Audit event search criteria to return a set of audit events after the first audit event. Default is 0. Default = 0 |
limit - Int
|
Audit event search criteria to return a maximum number of audit events. Default is 10. Default = 10 |
sortBy - SortBy
|
Audit event search criteria value to apply the ordering of the returned audit events. |
order - SortOrder
|
Audit search criteria to specify the sort order for the returned audit events. Default to DESC (descending). Default = DESC |
startDate - DateTime
|
Audit search criteria for the start date eventTimestamp in the returned audit events. |
endDate - DateTime
|
Audit search criteria for the end date eventTimestamp in the returned audit events. |
Example
{
"offset": 987,
"limit": 987,
"sortBy": "EVENT_TIMESTAMP",
"order": "ASC",
"startDate": "2007-12-03T10:15:30Z",
"endDate": "2007-12-03T10:15:30Z"
}
AuditPayload
Description
The audit event payload.
Possible Types
| AuditPayload Types |
|---|
Example
{"type": "abc123", "version": 123.45}
BigInt
Description
The BigInt scalar type represents non-fractional signed whole numeric values.
Example
{}
Boolean
Description
The Boolean scalar type represents true or false.
Example
true
Column
Description
An Immuta column resource representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the data source. |
name - String!
|
The name of the data source. |
type - ResourceType!
|
The type of the resource - COLUMN. |
columnName - String!
|
The name of a column on the datasource. |
Example
{
"id": 4,
"name": "abc123",
"type": "ATTRIBUTE",
"columnName": "abc123"
}
ColumnAccessed
Description
The column accessed.
Fields
| Field Name | Description |
|---|---|
name - String!
|
The name of the column accessed. |
tags - [ObjectAccessedTag!]
|
The column accessed tags. |
securityProfile - SecurityProfile
|
The column accessed security profile. |
Example
{
"name": "xyz789",
"tags": [ObjectAccessedTag],
"securityProfile": SecurityProfile
}
ColumnAccessedInput
Description
The column accessed.
Fields
| Input Field | Description |
|---|---|
name - String!
|
The name of the column accessed. |
tags - [ObjectAccessedTagInput!]
|
The column accessed tags. |
securityProfile - SecurityProfileInput
|
The column accessed security profile. |
Example
{
"name": "abc123",
"tags": [ObjectAccessedTagInput],
"securityProfile": SecurityProfileInput
}
ConditionalMaskingRule
Description
Masking rule that can be conditionally applied.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
Possible Types
| ConditionalMaskingRule Types |
|---|
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"conditionalPredicate": "abc123"
}
ConditionalMaskingRuleApplied
Description
Masking rule that can be conditionally applied.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
ruleAppliedForUser - Boolean!
|
If this rule matched for the user running the query. |
fields - [String!]!
|
The columns this rule applies to. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
Possible Types
| ConditionalMaskingRuleApplied Types |
|---|
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"ruleAppliedForUser": false,
"fields": ["xyz789"],
"conditionalPredicate": "abc123"
}
ConditionalMaskingRuleGlobal
Description
Masking rule that can be conditionally applied.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
columnCondition - GlobalColumnCondition!
|
The condition(s) for what columns the policy will apply to. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
Possible Types
| ConditionalMaskingRuleGlobal Types |
|---|
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"columnCondition": GlobalColumnCondition,
"conditionalPredicate": "abc123"
}
ConditionsOperator
Description
Denotes whether all or just some conditions need to be true.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"ALL"
Connection
Description
An Immuta connection resource representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the connection associated with the data source. |
name - String!
|
An alias for connectionKey. |
type - ResourceType!
|
The type of the resource - CONNECTION. |
connectionKey - String!
|
The connection key associated with the data source. |
Example
{
"id": 4,
"name": "abc123",
"type": "ATTRIBUTE",
"connectionKey": "xyz789"
}
ConstantMaskingRule
Description
Masking with a constant value.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
constant - StringOrInt!
|
The constant to replace the values with. |
Possible Types
| ConstantMaskingRule Types |
|---|
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"conditionalPredicate": "xyz789",
"constant": StringOrInt
}
ConstantMaskingRuleApplied
Description
Masking with a constant value.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
ruleAppliedForUser - Boolean!
|
If this rule matched for the user running the query. |
fields - [String!]!
|
The columns this rule applies to. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
constant - StringOrInt!
|
The constant to replace the values with. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"ruleAppliedForUser": false,
"fields": ["abc123"],
"conditionalPredicate": "abc123",
"constant": StringOrInt
}
ConstantMaskingRuleGlobal
Description
Masking with a constant value.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
columnCondition - GlobalColumnCondition!
|
The condition(s) for what columns the policy will apply to. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
constant - StringOrInt!
|
The constant to replace the values with. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"columnCondition": GlobalColumnCondition,
"conditionalPredicate": "abc123",
"constant": StringOrInt
}
CreateExportJobTaskInput
Description
The export job task to create.
Example
{
"exportJobId": "abc123",
"offset": 987,
"limit": 987
}
CreateS3ExportConfigurationInput
Description
The S3 export configuration to create.
Example
{
"interval": "EVERY_2_HOURS",
"bucket": "abc123",
"path": "xyz789",
"region": "xyz789",
"accessKeyId": "xyz789",
"secretAccessKey": "abc123"
}
CustomFunctionMaskingRule
Description
Masking with custom SQL function.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
sqlFunction - String!
|
The SQL function definition. |
Possible Types
| CustomFunctionMaskingRule Types |
|---|
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"conditionalPredicate": "xyz789",
"sqlFunction": "xyz789"
}
CustomFunctionMaskingRuleApplied
Description
Masking with custom SQL function.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
ruleAppliedForUser - Boolean!
|
If this rule matched for the user running the query. |
fields - [String!]!
|
The columns this rule applies to. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
sqlFunction - String!
|
The SQL function definition. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"ruleAppliedForUser": true,
"fields": ["abc123"],
"conditionalPredicate": "abc123",
"sqlFunction": "abc123"
}
CustomFunctionMaskingRuleGlobal
Description
Masking with custom SQL function.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
columnCondition - GlobalColumnCondition!
|
The condition(s) for what columns the policy will apply to. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
sqlFunction - String!
|
The SQL function definition. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"columnCondition": GlobalColumnCondition,
"conditionalPredicate": "abc123",
"sqlFunction": "abc123"
}
DataEntitlementsConditions
Description
The entitlements required for the user to access the data source.
Fields
| Field Name | Description |
|---|---|
entitlementsRequirement - ConditionsOperator!
|
Denotes whether the user needs all entitlements or just one of them. |
groups - [String!]!
|
The required groups the user must be in. |
attributes - [SingleAttribute!]!
|
The required attributes the user must have. |
purposes - [String!]!
|
The required purposes the user must be acting under. |
Example
{
"entitlementsRequirement": "ALL",
"groups": ["abc123"],
"attributes": [SingleAttribute],
"purposes": ["xyz789"]
}
DataPolicy
Description
The common data policy fields.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
dataPolicyType - DataPolicyType!
|
What type of data policy this represents. |
rules - [DataRule!]!
|
The rules for this policy. |
Possible Types
| DataPolicy Types |
|---|
Example
{
"type": "SUBSCRIPTION",
"rationale": "xyz789",
"dataPolicyType": "MASKING",
"rules": [DataRule]
}
DataPolicyApplied
Description
The common data policy fields type when applied to a Datasource.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
dataPolicyType - DataPolicyType!
|
What type of data policy this represents. |
rules - [DataRuleInQuery!]!
|
The rules for this policy. |
global - Boolean!
|
|
policyKey - String
|
The key for the policy for usage with the v2 api |
name - String
|
The name of the policy |
id - String
|
The id of the policy |
Possible Types
| DataPolicyApplied Types |
|---|
Example
{
"type": "SUBSCRIPTION",
"rationale": "abc123",
"dataPolicyType": "MASKING",
"rules": [DataRuleInQuery],
"global": false,
"policyKey": "xyz789",
"name": "abc123",
"id": "xyz789"
}
DataPolicyGlobal
Description
The common data policy fields.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
dataPolicyType - DataPolicyType!
|
What type of data policy this represents. |
rules - [DataRule!]!
|
The rules for this policy. |
Possible Types
| DataPolicyGlobal Types |
|---|
Example
{
"type": "SUBSCRIPTION",
"rationale": "xyz789",
"dataPolicyType": "MASKING",
"rules": [DataRule]
}
DataPolicyType
Description
The type of data policy.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"MASKING"
DataRule
Description
The common data rule fields
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
|
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
Possible Types
| DataRule Types |
|---|
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions
}
DataRuleInQuery
Description
Data rule when the policy was used in a query
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
|
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
ruleAppliedForUser - Boolean!
|
If this rule matched for the user running the query. |
Possible Types
| DataRuleInQuery Types |
|---|
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"ruleAppliedForUser": false
}
DataRuleType
Description
The type of data rule.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"MASKING_HASH"
DatabricksAccountInformation
DatabricksContext
Description
Databricks context for query audit payloads.
Fields
| Field Name | Description |
|---|---|
type - String!
|
The technology context type. |
clusterId - String
|
Databricks cluster ID. |
clusterName - String
|
Databricks cluster name. |
workspaceId - String
|
Databricks workspace ID. |
queryLanguage - String
|
Language used within Databricks notebook cell or JDBC query. |
service - DatabricksService
|
The Databricks service utilized for the query. |
queryText - String
|
Text used within Databricks notebook cell or JDBC query. |
pathUris - [String!]
|
Databricks cluster path URIs. |
metastoreTables - [String!]
|
Databricks metastore tables. |
immutaPluginVersion - String
|
Version of the Immuta Databricks plugin. |
Example
{
"type": "xyz789",
"clusterId": "abc123",
"clusterName": "abc123",
"workspaceId": "abc123",
"queryLanguage": "abc123",
"service": "CLUSTER",
"queryText": "xyz789",
"pathUris": ["abc123"],
"metastoreTables": ["abc123"],
"immutaPluginVersion": "xyz789"
}
DatabricksQueryAuditEventInput
Description
The audit event input from Databricks queries.
Fields
| Input Field | Description |
|---|---|
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actorId - String!
|
The ID of the user who performed the action. |
actorIdProvider - String!
|
The identity provider of the actor. |
profileId - String
|
The ID of the user's profile. |
userName - String
|
The name of the user. |
actorIp - String
|
The IP address of the actor. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
id - ID
|
The ID of the audit event. |
datasources - [DatasourceInput!]!
|
The data sources used in this query. |
queryId - String!
|
Unique ID of the query. |
query - String
|
The executed query. |
startTime - DateTime!
|
The start time of the query. |
endTime - DateTime
|
The end time of the query. |
duration - Float
|
The duration of the query in milliseconds. |
impersonatedBy - String
|
The user who directed impersonation, if this query used impersonation. |
policySet - JSON
|
The policies applied during this query, if applicable. |
entitlements - EntitlementsInput
|
The user entitlements applied during this query, if applicable. |
objectsAccessed - [ObjectAccessedInput!]!
|
The objects accessed in the query explicitly or through shortcuts, such as using an asterisk (*). |
securityProfile - SecurityProfileInput
|
The query security profile. |
errorCode - String
|
The error code of the query, if applicable. |
clusterId - String
|
Databricks cluster ID. |
clusterName - String
|
Databricks cluster name. |
workspaceId - String
|
Databricks workspace ID. |
pathUris - [String!]
|
Databricks cluster path URIs. |
metastoreTables - [String!]
|
Databricks metastore tables. |
queryLanguage - String
|
Language used within Databricks notebook cell or JDBC query. |
queryText - String
|
Text used within Databricks notebook cell or JDBC query. |
immutaPluginVersion - String
|
Version of the Immuta Databricks plugin. |
databricksAccountId - String
|
Databricks Account ID |
databricksUsername - String
|
Databricks username. |
warehouseId - String
|
Databricks warehouse ID. |
notebookId - String
|
Databricks notebook id |
host - String
|
Databricks hostname. |
clientIp - String
|
The IP address that the query was executed from. |
service - DatabricksService
|
The Databricks service utilized for the query. |
Example
{
"sessionId": "xyz789",
"userAgent": "abc123",
"requestId": "xyz789",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actorId": "xyz789",
"actorIdProvider": "xyz789",
"profileId": "xyz789",
"userName": "xyz789",
"actorIp": "abc123",
"eventTimestamp": "2007-12-03T10:15:30Z",
"id": 4,
"datasources": [DatasourceInput],
"queryId": "xyz789",
"query": "abc123",
"startTime": "2007-12-03T10:15:30Z",
"endTime": "2007-12-03T10:15:30Z",
"duration": 123.45,
"impersonatedBy": "abc123",
"policySet": {},
"entitlements": EntitlementsInput,
"objectsAccessed": [ObjectAccessedInput],
"securityProfile": SecurityProfileInput,
"errorCode": "xyz789",
"clusterId": "xyz789",
"clusterName": "xyz789",
"workspaceId": "abc123",
"pathUris": ["abc123"],
"metastoreTables": ["abc123"],
"queryLanguage": "abc123",
"queryText": "abc123",
"immutaPluginVersion": "abc123",
"databricksAccountId": "abc123",
"databricksUsername": "abc123",
"warehouseId": "xyz789",
"notebookId": "abc123",
"host": "abc123",
"clientIp": "xyz789",
"service": "CLUSTER"
}
DatabricksService
Description
The Databricks service utilized for the query.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"CLUSTER"
DatabricksUnityCatalogContext
Description
Databricks context for query audit payloads.
Fields
| Field Name | Description |
|---|---|
type - String!
|
The technology context type. |
clusterId - String
|
Databricks cluster ID. |
clusterName - String
|
Databricks cluster name. |
workspaceId - String
|
Databricks workspace ID. |
queryLanguage - String
|
Language used within Databricks notebook cell or JDBC query. |
service - DatabricksService
|
The Databricks service utilized for the query. |
warehouseId - String
|
Databricks warehouse ID. |
notebookId - String
|
Databricks notebook id |
account - DatabricksAccountInformation
|
Databricks Account Information |
host - String
|
Databricks hostname. |
clientIp - String
|
The IP address that the query was executed from. |
Example
{
"type": "abc123",
"clusterId": "xyz789",
"clusterName": "abc123",
"workspaceId": "abc123",
"queryLanguage": "xyz789",
"service": "CLUSTER",
"warehouseId": "abc123",
"notebookId": "abc123",
"account": DatabricksAccountInformation,
"host": "abc123",
"clientIp": "abc123"
}
Datasource
Description
An Immuta data source resource representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the data source. |
name - String!
|
The name of the data source. |
type - ResourceType!
|
The type of the resource - DATASOURCE. |
technology - DatasourceTechnology!
|
The technology of the data source. |
Example
{
"id": 4,
"name": "xyz789",
"type": "ATTRIBUTE",
"technology": "AMAZON_ATHENA"
}
DatasourceAuditPayload
Description
The data source audit event payload.
Possible Types
| DatasourceAuditPayload Types |
|---|
Example
{"type": "abc123", "version": 123.45}
DatasourceCatalog
Description
The representation of a data source in terms of properties that can be specified by a catalog.
Fields
| Field Name | Description |
|---|---|
catalogId - String
|
The ID of the associated catalog, if applicable. |
description - String
|
The short description specified by the catalog provider for this data source. |
documentation - String
|
The markdown documentation specified by the catalog provider for this data source. |
tableTags - [String!]
|
The list of tags specified by the catalog provider for this data source. |
dictionary - [DatasourceCatalogDictionaryColumn!]
|
The set of data source catalog columns. |
Example
{
"catalogId": "abc123",
"description": "xyz789",
"documentation": "xyz789",
"tableTags": ["abc123"],
"dictionary": [DatasourceCatalogDictionaryColumn]
}
DatasourceCatalogDictionaryColumn
Description
A column in a data source catalog dictionary.
Fields
| Field Name | Description |
|---|---|
columnName - String!
|
The name of a column on the datasource. |
description - String
|
The short description specified by the catalog provider for this column. |
tags - [String!]!
|
The list of tags specified by the catalog provider for this column. |
Example
{
"columnName": "xyz789",
"description": "abc123",
"tags": ["xyz789"]
}
DatasourceCatalogDictionaryColumnInput
Description
A column in a data source catalog dictionary.
Fields
| Input Field | Description |
|---|---|
columnName - String!
|
The name of a column on the datasource. |
description - String
|
The short description specified by the catalog provider for this column. |
tags - [String!]!
|
The list of tags specified by the catalog provider for this column. |
Example
{
"columnName": "xyz789",
"description": "xyz789",
"tags": ["abc123"]
}
DatasourceCatalogInput
Description
The representation of a data source in terms of properties that can be specified by a catalog.
Fields
| Input Field | Description |
|---|---|
catalogId - String
|
The ID of the associated catalog, if applicable. |
description - String
|
The short description specified by the catalog provider for this data source. |
documentation - String
|
The markdown documentation specified by the catalog provider for this data source. |
tableTags - [String!]
|
The list of tags specified by the catalog provider for this data source. |
dictionary - [DatasourceCatalogDictionaryColumnInput!]
|
The set of data source catalog columns. |
Example
{
"catalogId": "xyz789",
"description": "abc123",
"documentation": "abc123",
"tableTags": ["abc123"],
"dictionary": [DatasourceCatalogDictionaryColumnInput]
}
DatasourceCatalogSync
Description
The before and after state from a data source catalog sync.
Fields
| Field Name | Description |
|---|---|
before - DatasourceCatalog!
|
The data source catalog state before this sync. Note that fields 'tableTags' and 'dictionary' will be null if unchanged. |
after - DatasourceCatalog!
|
The data source catalog state after this sync. Note that fields 'tableTags' and 'dictionary' will be null if unchanged. |
Example
{
"before": DatasourceCatalog,
"after": DatasourceCatalog
}
DatasourceCatalogSyncInput
Description
The before and after state from a data source catalog sync.
Fields
| Input Field | Description |
|---|---|
before - DatasourceCatalogInput!
|
The data source catalog state before this sync. Note that fields 'tableTags' and 'dictionary' will be null if unchanged. |
after - DatasourceCatalogInput!
|
The data source catalog state after this sync. Note that fields 'tableTags' and 'dictionary' will be null if unchanged. |
Example
{
"before": DatasourceCatalogInput,
"after": DatasourceCatalogInput
}
DatasourceCatalogSyncedAuditEvent
Description
The data source catalog synced audit event representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the audit event. |
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
action - AuditEventAction!
|
The action that was performed. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actor - Actor!
|
The user who performed the action. |
actorIp - String
|
The IP address of the actor. |
tenantId - String!
|
The ID of the tenant. |
targetType - ResourceType!
|
The type of the target resources (e.g., DATASOURCE, POLICY, PURPOSE, PROJECT, TAG, USER). |
targets - [Datasource!]!
|
The target data sources. |
relatedResources - [Resource!]!
|
Resources related to the action that are not targets. |
auditPayload - DatasourceAuditPayload!
|
The data source audit event payload. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
receivedTimestamp - DateTime!
|
The timestamp the audit event was received and stored by Immuta. |
Example
{
"id": 4,
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Datasource],
"relatedResources": [Resource],
"auditPayload": DatasourceAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
DatasourceCatalogSyncedAuditEventInput
Description
The data source catalog synced audit event input representation.
Fields
| Input Field | Description |
|---|---|
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actorId - String!
|
The ID of the user who performed the action. |
actorIdProvider - String!
|
The identity provider of the actor. |
profileId - String
|
The ID of the user's profile. |
userName - String
|
The name of the user. |
actorIp - String
|
The IP address of the actor. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
id - ID
|
The ID of the audit event. |
datasourceId - String!
|
The ID of the data source. |
changes - DatasourceCatalogSyncInput!
|
The data source catalog state before and after this sync. |
Example
{
"sessionId": "xyz789",
"userAgent": "abc123",
"requestId": "xyz789",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actorId": "abc123",
"actorIdProvider": "xyz789",
"profileId": "xyz789",
"userName": "abc123",
"actorIp": "abc123",
"eventTimestamp": "2007-12-03T10:15:30Z",
"id": "4",
"datasourceId": "abc123",
"changes": DatasourceCatalogSyncInput
}
DatasourceCatalogSyncedAuditPayload
Description
The data source catalog synced audit event payload representation.
Fields
| Field Name | Description |
|---|---|
type - String!
|
|
version - Float
|
The version of the Audit Event Schema |
datasourceId - String!
|
The ID of the data source. |
changes - DatasourceCatalogSync!
|
The data source catalog state before and after this sync. |
Example
{
"type": "abc123",
"version": 123.45,
"datasourceId": "abc123",
"changes": DatasourceCatalogSync
}
DatasourceCreatedAuditEvent
Description
The data source created audit event representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the audit event. |
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
action - AuditEventAction!
|
The action that was performed. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actor - Actor!
|
The user who performed the action. |
actorIp - String
|
The IP address of the actor. |
tenantId - String!
|
The ID of the tenant. |
targetType - ResourceType!
|
The type of the target resources (e.g., DATASOURCE, POLICY, PURPOSE, PROJECT, TAG, USER). |
targets - [Datasource!]!
|
The target data sources. |
relatedResources - [Resource!]!
|
Resources related to the action that are not targets. |
auditPayload - DatasourceAuditPayload!
|
The data source audit event payload. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
receivedTimestamp - DateTime!
|
The timestamp the audit event was received and stored by Immuta. |
Example
{
"id": "4",
"sessionId": "abc123",
"userAgent": "xyz789",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Datasource],
"relatedResources": [Resource],
"auditPayload": DatasourceAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
DatasourceCreatedAuditEventInput
Description
The data source created audit event input representation.
Fields
| Input Field | Description |
|---|---|
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actorId - String!
|
The ID of the user who performed the action. |
actorIdProvider - String!
|
The identity provider of the actor. |
profileId - String
|
The ID of the user's profile. |
userName - String
|
The name of the user. |
actorIp - String
|
The IP address of the actor. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
id - ID
|
The ID of the audit event. |
datasourceId - String
|
The ID of the data source. |
name - String!
|
The name of the data source. |
description - String
|
The short description of the data source. |
documentation - String
|
The data source documentation rendered in Markdown. |
expiration - DateTime
|
The time at which this data source will expire. |
columnDetectionEnabled - Boolean
|
True if column detection was configured to run on this data source. |
disabled - Boolean
|
True if the data source is disabled. |
blobHandlerType - String!
|
The technology of the data source as used by the Immuta Web Service API. |
connectionId - String
|
The ID of the connection associated with the data source. |
table - String!
|
The name of the table that backs this data source. |
schema - String
|
The name of the schema that backs this data source. |
sensitiveDataDiscoveryEnabled - Boolean
|
True if Sensitive Data Discovery (SDD) was configured to run on this data source. |
Example
{
"sessionId": "abc123",
"userAgent": "xyz789",
"requestId": "xyz789",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actorId": "xyz789",
"actorIdProvider": "xyz789",
"profileId": "xyz789",
"userName": "xyz789",
"actorIp": "abc123",
"eventTimestamp": "2007-12-03T10:15:30Z",
"id": 4,
"datasourceId": "xyz789",
"name": "abc123",
"description": "xyz789",
"documentation": "abc123",
"expiration": "2007-12-03T10:15:30Z",
"columnDetectionEnabled": false,
"disabled": true,
"blobHandlerType": "xyz789",
"connectionId": "abc123",
"table": "abc123",
"schema": "abc123",
"sensitiveDataDiscoveryEnabled": false
}
DatasourceCreatedAuditPayload
Description
The data source created audit event payload representation.
Fields
| Field Name | Description |
|---|---|
name - String!
|
The name of the data source. |
description - String
|
The short description of the data source. |
documentation - String
|
The data source documentation rendered in Markdown. |
expiration - DateTime
|
The time at which this data source will expire. |
columnDetectionEnabled - Boolean
|
True if column detection was configured to run on this data source. |
disabled - Boolean
|
True if the data source is disabled. |
type - String!
|
|
version - Float
|
The version of the Audit Event Schema |
technology - DatasourceTechnology!
|
The technology of the data source. |
connectionId - String
|
The ID of the connection associated with the data source. |
table - String!
|
The name of the table that backs this data source. |
schema - String
|
The name of the schema that backs this data source. |
sensitiveDataDiscoveryEnabled - Boolean
|
True if Sensitive Data Discovery (SDD) was configured to run on this data source. |
Example
{
"name": "xyz789",
"description": "abc123",
"documentation": "abc123",
"expiration": "2007-12-03T10:15:30Z",
"columnDetectionEnabled": true,
"disabled": true,
"type": "xyz789",
"version": 123.45,
"technology": "AMAZON_ATHENA",
"connectionId": "xyz789",
"table": "xyz789",
"schema": "abc123",
"sensitiveDataDiscoveryEnabled": false
}
DatasourceDeletedAuditEvent
Description
The data source deleted audit event representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the audit event. |
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
action - AuditEventAction!
|
The action that was performed. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actor - Actor!
|
The user who performed the action. |
actorIp - String
|
The IP address of the actor. |
tenantId - String!
|
The ID of the tenant. |
targetType - ResourceType!
|
The type of the target resources (e.g., DATASOURCE, POLICY, PURPOSE, PROJECT, TAG, USER). |
targets - [Datasource!]!
|
The target data sources. |
relatedResources - [Resource!]!
|
Resources related to the action that are not targets. |
auditPayload - DatasourceAuditPayload!
|
The data source audit event payload. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
receivedTimestamp - DateTime!
|
The timestamp the audit event was received and stored by Immuta. |
Example
{
"id": 4,
"sessionId": "abc123",
"userAgent": "abc123",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Datasource],
"relatedResources": [Resource],
"auditPayload": DatasourceAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
DatasourceDeletedAuditEventInput
Description
The data source deleted audit event input representation.
Fields
| Input Field | Description |
|---|---|
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actorId - String!
|
The ID of the user who performed the action. |
actorIdProvider - String!
|
The identity provider of the actor. |
profileId - String
|
The ID of the user's profile. |
userName - String
|
The name of the user. |
actorIp - String
|
The IP address of the actor. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
id - ID
|
The ID of the audit event. |
datasourceId - String!
|
The ID of the data source. |
name - String
|
The name of the data source. |
blobHandlerType - String
|
The technology of the data source as used by the Immuta Web Service API. |
Example
{
"sessionId": "xyz789",
"userAgent": "abc123",
"requestId": "xyz789",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actorId": "xyz789",
"actorIdProvider": "xyz789",
"profileId": "abc123",
"userName": "xyz789",
"actorIp": "abc123",
"eventTimestamp": "2007-12-03T10:15:30Z",
"id": 4,
"datasourceId": "abc123",
"name": "abc123",
"blobHandlerType": "xyz789"
}
DatasourceDeletedAuditPayload
Description
The data source deleted audit event payload representation.
Fields
| Field Name | Description |
|---|---|
datasourceId - String!
|
The ID of the data source. |
name - String
|
The name of the data source. |
technology - DatasourceTechnology
|
The technology of the data source as used by the Immuta Web Service API. |
type - String!
|
|
version - Float
|
The version of the Audit Event Schema |
Example
{
"datasourceId": "abc123",
"name": "xyz789",
"technology": "AMAZON_ATHENA",
"type": "abc123",
"version": 123.45
}
DatasourceDisabledAuditEvent
Description
The data source disabled audit event representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the audit event. |
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
action - AuditEventAction!
|
The action that was performed. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actor - Actor!
|
The user who performed the action. |
actorIp - String
|
The IP address of the actor. |
tenantId - String!
|
The ID of the tenant. |
targetType - ResourceType!
|
The type of the target resources (e.g., DATASOURCE, POLICY, PURPOSE, PROJECT, TAG, USER). |
targets - [Datasource!]!
|
The target data sources. |
relatedResources - [Resource!]!
|
Resources related to the action that are not targets. |
auditPayload - DatasourceAuditPayload!
|
The data source audit event payload. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
receivedTimestamp - DateTime!
|
The timestamp the audit event was received and stored by Immuta. |
Example
{
"id": 4,
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Datasource],
"relatedResources": [Resource],
"auditPayload": DatasourceAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
DatasourceDisabledAuditEventInput
Description
The data source disabled audit event input representation.
Fields
| Input Field | Description |
|---|---|
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actorId - String!
|
The ID of the user who performed the action. |
actorIdProvider - String!
|
The identity provider of the actor. |
profileId - String
|
The ID of the user's profile. |
userName - String
|
The name of the user. |
actorIp - String
|
The IP address of the actor. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
id - ID
|
The ID of the audit event. |
datasourceId - String!
|
The ID of the data source. |
name - String
|
The name of the data source. |
blobHandlerType - String
|
The technology of the data source as used by the Immuta Web Service API. |
Example
{
"sessionId": "abc123",
"userAgent": "xyz789",
"requestId": "xyz789",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actorId": "abc123",
"actorIdProvider": "abc123",
"profileId": "xyz789",
"userName": "xyz789",
"actorIp": "xyz789",
"eventTimestamp": "2007-12-03T10:15:30Z",
"id": 4,
"datasourceId": "abc123",
"name": "abc123",
"blobHandlerType": "abc123"
}
DatasourceDisabledAuditPayload
Description
The data source disabled audit event payload representation.
Fields
| Field Name | Description |
|---|---|
datasourceId - String!
|
The ID of the data source. |
name - String
|
The name of the data source. |
technology - DatasourceTechnology
|
The technology of the data source as used by the Immuta Web Service API. |
type - String!
|
|
version - Float
|
The version of the Audit Event Schema |
Example
{
"datasourceId": "abc123",
"name": "xyz789",
"technology": "AMAZON_ATHENA",
"type": "xyz789",
"version": 987.65
}
DatasourceInput
DatasourceTechnology
Description
The technology of the data source.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"AMAZON_ATHENA"
DatasourceUpdatedAuditEvent
Description
The data source updated audit event representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the audit event. |
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
action - AuditEventAction!
|
The action that was performed. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actor - Actor!
|
The user who performed the action. |
actorIp - String
|
The IP address of the actor. |
tenantId - String!
|
The ID of the tenant. |
targetType - ResourceType!
|
The type of the target resources (e.g., DATASOURCE, POLICY, PURPOSE, PROJECT, TAG, USER). |
targets - [Datasource!]!
|
The target data sources. |
relatedResources - [Resource!]!
|
Resources related to the action that are not targets. |
auditPayload - DatasourceAuditPayload!
|
The data source audit event payload. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
receivedTimestamp - DateTime!
|
The timestamp the audit event was received and stored by Immuta. |
Example
{
"id": "4",
"sessionId": "abc123",
"userAgent": "abc123",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Datasource],
"relatedResources": [Resource],
"auditPayload": DatasourceAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
DatasourceUpdatedAuditEventInput
Description
The data source updated audit event input representation.
Fields
| Input Field | Description |
|---|---|
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actorId - String!
|
The ID of the user who performed the action. |
actorIdProvider - String!
|
The identity provider of the actor. |
profileId - String
|
The ID of the user's profile. |
userName - String
|
The name of the user. |
actorIp - String
|
The IP address of the actor. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
id - ID
|
The ID of the audit event. |
datasourceId - String!
|
The ID of the data source. |
name - String
|
The name of the data source. |
description - String
|
The short description of the data source. |
documentation - String
|
The data source documentation rendered in Markdown. |
expiration - DateTime
|
The time at which this data source will expire. |
columnDetectionEnabled - Boolean
|
True if column detection was configured to run on this data source. |
disabled - Boolean
|
True if the data source is disabled. |
Example
{
"sessionId": "abc123",
"userAgent": "xyz789",
"requestId": "xyz789",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actorId": "abc123",
"actorIdProvider": "xyz789",
"profileId": "xyz789",
"userName": "xyz789",
"actorIp": "abc123",
"eventTimestamp": "2007-12-03T10:15:30Z",
"id": "4",
"datasourceId": "abc123",
"name": "xyz789",
"description": "xyz789",
"documentation": "xyz789",
"expiration": "2007-12-03T10:15:30Z",
"columnDetectionEnabled": true,
"disabled": true
}
DatasourceUpdatedAuditPayload
Description
The data source updated audit event payload representation.
Fields
| Field Name | Description |
|---|---|
name - String
|
The name of the data source. |
description - String
|
The short description of the data source. |
documentation - String
|
The data source documentation rendered in Markdown. |
expiration - DateTime
|
The time at which this data source will expire. |
columnDetectionEnabled - Boolean
|
True if column detection was configured to run on this data source. |
disabled - Boolean
|
True if the data source is disabled. |
type - String!
|
|
version - Float
|
The version of the Audit Event Schema |
datasourceId - String!
|
The ID of the data source. |
Example
{
"name": "xyz789",
"description": "xyz789",
"documentation": "xyz789",
"expiration": "2007-12-03T10:15:30Z",
"columnDetectionEnabled": false,
"disabled": true,
"type": "abc123",
"version": 123.45,
"datasourceId": "abc123"
}
DateTime
Description
A date-time string at UTC, such as 2007-12-03T10:15:30Z, compliant with the date-time format outlined in section 5.6 of the RFC 3339 profile of the ISO 8601 standard for representation of dates and times using the Gregorian calendar.
Example
"2007-12-03T10:15:30Z"
DeletedPurpose
DeletedPurposeInput
DifferentialPrivacyDataRuleApplied
Description
Makes the data source differentially private.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
|
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
ruleAppliedForUser - Boolean!
|
If this rule matched for the user running the query. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"ruleAppliedForUser": true
}
DifferentialPrivacyDataRuleGlobal
Description
Makes the data source differentially private.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
|
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions
}
DifferentialPrivacyPolicyApplied
Description
Restricts usage of the data source to the purposes listed.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
global - Boolean!
|
|
policyKey - String
|
The key for the policy for usage with the v2 api |
name - String
|
The name of the policy |
id - String
|
The id of the policy |
dataPolicyType - DataPolicyType!
|
What type of data policy this represents. |
rules - [DifferentialPrivacyDataRuleApplied!]!
|
The Differential Privacy rules for this policy. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "xyz789",
"global": true,
"policyKey": "xyz789",
"name": "abc123",
"id": "xyz789",
"dataPolicyType": "MASKING",
"rules": [DifferentialPrivacyDataRuleApplied]
}
DifferentialPrivacyPolicyGlobal
Description
Restricts usage of the data source to the purposes listed.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
dataPolicyType - DataPolicyType!
|
What type of data policy this represents. |
rules - [DifferentialPrivacyDataRuleGlobal!]!
|
The Differential Privacy rules for this policy. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "abc123",
"dataPolicyType": "MASKING",
"rules": [DifferentialPrivacyDataRuleGlobal]
}
EndpointConfiguration
Description
The endpoint configuration for the export.
Types
| Union Types |
|---|
Example
S3EndpointConfiguration
Entitlements
Description
User entitlements.
Fields
| Field Name | Description |
|---|---|
groups - [String!]!
|
The user's groups. |
attributes - [SingleAttribute!]!
|
The user's attributes. |
project - EntitlementsProject
|
The user's current project at query time, if applicable. |
Example
{
"groups": ["abc123"],
"attributes": [SingleAttribute],
"project": EntitlementsProject
}
EntitlementsConditions
Description
The entitlements required for the user to access the data source.
Fields
| Field Name | Description |
|---|---|
entitlementsRequirement - ConditionsOperator!
|
Denotes whether the user needs all entitlements or just one of them. |
groups - [String!]!
|
The required groups the user must be in. |
attributes - [SingleAttribute!]!
|
The required attributes the user must have. |
Possible Types
| EntitlementsConditions Types |
|---|
Example
{
"entitlementsRequirement": "ALL",
"groups": ["xyz789"],
"attributes": [SingleAttribute]
}
EntitlementsInput
Description
User entitlements.
Fields
| Input Field | Description |
|---|---|
groups - [String!]
|
The user's groups. Default = [] |
attributes - [SingleAttributeInput!]
|
The user's attributes. Default = [] |
project - EntitlementsProjectInput
|
The user's current project at query time, if applicable. |
Example
{
"groups": ["abc123"],
"attributes": [SingleAttributeInput],
"project": EntitlementsProjectInput
}
EntitlementsPolicy
Description
An entitlements subscription policy.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
subscriptionPolicyType - SubscriptionPolicyType!
|
Denotes the subscription policy type. |
entitlements - SubscriptionEntitlementsConditions!
|
The entitlements required for the user to access the data source. |
Possible Types
| EntitlementsPolicy Types |
|---|
Example
{
"type": "SUBSCRIPTION",
"rationale": "xyz789",
"subscriptionPolicyType": "MANUAL",
"entitlements": SubscriptionEntitlementsConditions
}
EntitlementsPolicyApplied
Description
An entitlements subscription policy.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
global - Boolean!
|
|
policyKey - String
|
A key/name to uniquely identify this policy. |
name - String
|
The name of the policy |
id - String
|
The id of the policy |
subscriptionPolicyType - SubscriptionPolicyType!
|
Denotes the subscription policy type. |
mergedPolicies - [SubscriptionPolicyApplied!]
|
The Subscription policies that were merged together to create this policy. |
ruleAppliedForUser - Boolean!
|
If this policy matched for the user running the query. |
entitlements - SubscriptionEntitlementsConditions!
|
The entitlements required for the user to access the data source. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "xyz789",
"global": false,
"policyKey": "xyz789",
"name": "abc123",
"id": "xyz789",
"subscriptionPolicyType": "MANUAL",
"mergedPolicies": [SubscriptionPolicyApplied],
"ruleAppliedForUser": false,
"entitlements": SubscriptionEntitlementsConditions
}
EntitlementsPolicyGlobal
Description
An entitlements subscription policy.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
subscriptionPolicyType - SubscriptionPolicyType!
|
Denotes the subscription policy type. |
entitlements - SubscriptionEntitlementsConditions!
|
The entitlements required for the user to access the data source. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "abc123",
"subscriptionPolicyType": "MANUAL",
"entitlements": SubscriptionEntitlementsConditions
}
EntitlementsProject
Description
Project with entitlements information.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the project. |
name - String!
|
The name of the project. |
type - ResourceType!
|
The type of the resource - PROJECT. |
projectKey - String!
|
A key/name to uniquely identify this project. |
purposes - [String!]!
|
The purposes applied to the project. |
equalized - Boolean!
|
An equalized project will normalize all users to the same entitlements so that everyone sees the same data. True if equalization is on and Immuta automatically determines the least restrictive level of equalization so everyone sees as much data as possible. |
Example
{
"id": 4,
"name": "abc123",
"type": "ATTRIBUTE",
"projectKey": "abc123",
"purposes": ["xyz789"],
"equalized": false
}
EntitlementsProjectInput
Description
Project with entitlements information.
Fields
| Input Field | Description |
|---|---|
id - ID!
|
The ID of the project. |
name - String!
|
The name of the project. |
projectKey - String!
|
A key/name to uniquely identify this project. |
purposes - [String!]!
|
The purposes applied to the project. |
equalized - Boolean!
|
An equalized project will normalize all users to the same entitlements so that everyone sees the same data. True if equalization is on and Immuta automatically determines the least restrictive level of equalization so everyone sees as much data as possible. |
Example
{
"id": "4",
"name": "abc123",
"projectKey": "abc123",
"purposes": ["abc123"],
"equalized": true
}
ExemptionDataRule
Description
Exempts users/groups from all data policies applying to them.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
|
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
groups - [String!]!
|
The exempt groups. |
users - [ExemptionUserInfo!]!
|
The exempt users. |
Possible Types
| ExemptionDataRule Types |
|---|
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"groups": ["xyz789"],
"users": [ExemptionUserInfo]
}
ExemptionDataRuleApplied
Description
Exempts users/groups from all data policies applying to them.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
|
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
ruleAppliedForUser - Boolean!
|
If this rule matched for the user running the query. |
groups - [String!]!
|
The exempt groups. |
users - [ExemptionUserInfo!]!
|
The exempt users. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"ruleAppliedForUser": true,
"groups": ["abc123"],
"users": [ExemptionUserInfo]
}
ExemptionDataRuleGlobal
Description
Exempts users/groups from all data policies applying to them.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
|
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
groups - [String!]!
|
The exempt groups. |
users - [ExemptionUserInfo!]!
|
The exempt users. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"groups": ["xyz789"],
"users": [ExemptionUserInfo]
}
ExemptionPolicyApplied
Description
Exempts users/groups from all data policies applying to them
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
global - Boolean!
|
|
policyKey - String
|
The key for the policy for usage with the v2 api |
name - String
|
The name of the policy |
id - String
|
The id of the policy |
dataPolicyType - DataPolicyType!
|
What type of data policy this represents. |
rules - [ExemptionDataRuleApplied!]!
|
The exemption rules for this policy. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "xyz789",
"global": true,
"policyKey": "xyz789",
"name": "abc123",
"id": "xyz789",
"dataPolicyType": "MASKING",
"rules": [ExemptionDataRuleApplied]
}
ExemptionPolicyGlobal
Description
Exempts users/groups from all data policies applying to them
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
dataPolicyType - DataPolicyType!
|
What type of data policy this represents. |
rules - [ExemptionDataRuleGlobal!]!
|
The exemption rules for this policy. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "xyz789",
"dataPolicyType": "MASKING",
"rules": [ExemptionDataRuleGlobal]
}
ExemptionUserInfo
ExportConfiguration
Description
An export configuration.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the node. |
interval - Interval!
|
The interval of the export. |
enabled - Boolean!
|
The enabled state of the export configuration - enabled (true), disabled (false). |
endpointConfiguration - EndpointConfiguration!
|
The endpoint configuration for the export. |
createdBy - User!
|
The user that created the export configuration. |
createdAt - DateTime!
|
The date the export configuration was created. |
updatedBy - User!
|
The user that updated the export configuration. |
updatedAt - DateTime!
|
The date the export configuration was updated. |
Example
{
"id": 4,
"interval": "EVERY_2_HOURS",
"enabled": true,
"endpointConfiguration": S3EndpointConfiguration,
"createdBy": User,
"createdAt": "2007-12-03T10:15:30Z",
"updatedBy": User,
"updatedAt": "2007-12-03T10:15:30Z"
}
ExportJob
Description
An export job representation. An export job is responsible for running tasks that handle collecting and exporting audit events based on the configuration and time window.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the node. |
exportConfiguration - ExportConfiguration!
|
The export configuration for this job. |
startTimestamp - DateTime!
|
The timestamp when the job started. |
endTimestamp - DateTime
|
The timestamp when the job ended. |
status - JobStatus!
|
The status of the job |
tasks - [ExportJobTask!]
|
The tasks for this job. |
windowStart - DateTime!
|
The start timestamp used for the time window of audit events to export. |
windowEnd - DateTime!
|
The end timestamp used for the time window of audit events to export. |
failureReason - String
|
The reason the job failed, if applicable. |
Example
{
"id": 4,
"exportConfiguration": ExportConfiguration,
"startTimestamp": "2007-12-03T10:15:30Z",
"endTimestamp": "2007-12-03T10:15:30Z",
"status": "RUNNING",
"tasks": [ExportJobTask],
"windowStart": "2007-12-03T10:15:30Z",
"windowEnd": "2007-12-03T10:15:30Z",
"failureReason": "abc123"
}
ExportJobTask
Description
An export job task representation. An export job task is responsible for collecting and exporting audit events based on the parent job configuration.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the node. |
startTimestamp - DateTime!
|
The timestamp when the task started. |
endTimestamp - DateTime
|
The timestamp when the task ended. |
attempts - Float!
|
The number of times the task attempted to run a failed job due to retries. |
offset - Int!
|
The starting point for the audit events handled by the task. |
limit - Int!
|
The maximum limit of the number of audit events handled by the task. |
status - JobTaskStatus!
|
The status of the task. |
failureReason - String
|
The reason the task failed, if applicable. |
Example
{
"id": 4,
"startTimestamp": "2007-12-03T10:15:30Z",
"endTimestamp": "2007-12-03T10:15:30Z",
"attempts": 123.45,
"offset": 123,
"limit": 123,
"status": "RUNNING",
"failureReason": "abc123"
}
ExternalUserId
Description
An external user ID.
Fields
| Field Name | Description |
|---|---|
technology - DatasourceTechnology!
|
The technology to which the external user ID belongs. |
userId - String!
|
The associated user ID. |
Example
{
"technology": "AMAZON_ATHENA",
"userId": "abc123"
}
ExternalUserIdInput
Description
An external user ID.
Fields
| Input Field | Description |
|---|---|
technology - DatasourceTechnology!
|
The technology to which the external user ID belongs. |
userId - String!
|
The associated user ID. |
Example
{
"technology": "AMAZON_ATHENA",
"userId": "xyz789"
}
FPMaskingRule
Description
Mask with format persevering masking.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
Possible Types
| FPMaskingRule Types |
|---|
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"conditionalPredicate": "abc123"
}
FPMaskingRuleApplied
Description
Mask with format persevering masking.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
ruleAppliedForUser - Boolean!
|
If this rule matched for the user running the query. |
fields - [String!]!
|
The columns this rule applies to. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"ruleAppliedForUser": false,
"fields": ["xyz789"],
"conditionalPredicate": "abc123"
}
FPMaskingRuleGlobal
Description
Mask with format persevering masking.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
columnCondition - GlobalColumnCondition!
|
The condition(s) for what columns the policy will apply to. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"columnCondition": GlobalColumnCondition,
"conditionalPredicate": "abc123"
}
Float
Description
The Float scalar type represents signed double-precision fractional values as specified by IEEE 754.
Example
123.45
FrameworkMeasures
Description
Framework measures assess a resource's security posture, such as the resource's sensitivity.
Fields
| Field Name | Description |
|---|---|
sensitivity - SensitivityValue
|
The maximum value of all the framework's sensitivity measures. |
Example
{"sensitivity": "NOT_APPLICABLE"}
FrameworkMeasuresInput
Description
Framework measures assess a resource's security posture, such as the resource's sensitivity.
Fields
| Input Field | Description |
|---|---|
sensitivity - Int!
|
The maximum value of all the framework's sensitivity measures. |
Example
{"sensitivity": 987}
GlobalColumnCondition
Description
Global Column Conditions
Fields
| Field Name | Description |
|---|---|
type - GlobalColumnConditionTypes!
|
The conditions for what columns this rule will apply too. |
Possible Types
| GlobalColumnCondition Types |
|---|
Example
{"type": "CROSS_SECTIONAL"}
GlobalColumnConditionRegex
Description
Global Column Conditions regex
Fields
| Field Name | Description |
|---|---|
type - GlobalColumnConditionTypes!
|
The conditions for what columns this rule will apply too. |
regex - String!
|
The regex to apply to columns of a data source. If matched the rule will apply to that column. |
caseInsensitive - Boolean!
|
If the regex should be case insensitive. |
Example
{
"type": "CROSS_SECTIONAL",
"regex": "abc123",
"caseInsensitive": true
}
GlobalColumnConditionSpecial
Description
Global Column Conditions special tags
Fields
| Field Name | Description |
|---|---|
type - GlobalColumnConditionTypes!
|
The conditions for what columns this rule will apply too. |
Example
{"type": "CROSS_SECTIONAL"}
GlobalColumnConditionTag
Description
Global Column Conditions tags
Fields
| Field Name | Description |
|---|---|
type - GlobalColumnConditionTypes!
|
The conditions for what columns this rule will apply too. |
tags - [String!]!
|
The tags which must be on a column for this rule to apply. |
Example
{
"type": "CROSS_SECTIONAL",
"tags": ["abc123"]
}
GlobalColumnConditionTypes
Description
Conditions for how a global masking rule will apply to columns of a data source.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"CROSS_SECTIONAL"
GlobalPolicyResource
Description
An Immuta Global Policy resource representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the global policy. |
name - String!
|
The name of the global policy. |
type - ResourceType!
|
The type of the resource - GLOBAL_POLICY. |
policyKey - String!
|
A key/name to uniquely identify this policy. |
Example
{
"id": 4,
"name": "xyz789",
"type": "ATTRIBUTE",
"policyKey": "xyz789"
}
Group
Description
An Immuta group resource representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
ID of the group. |
name - String!
|
Name of the group. |
type - ResourceType!
|
Type of the resource - GROUP. |
identityProvider - String!
|
Identity provider of the group. |
Example
{
"id": 4,
"name": "xyz789",
"type": "ATTRIBUTE",
"identityProvider": "abc123"
}
HashMaskingRule
Description
Mask with hashing.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
Possible Types
| HashMaskingRule Types |
|---|
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"conditionalPredicate": "abc123"
}
HashMaskingRuleApplied
Description
Mask with hashing.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
ruleAppliedForUser - Boolean!
|
If this rule matched for the user running the query. |
fields - [String!]!
|
The columns this rule applies to. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"ruleAppliedForUser": false,
"fields": ["xyz789"],
"conditionalPredicate": "xyz789"
}
HashMaskingRuleGlobal
Description
Mask with hashing.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
columnCondition - GlobalColumnCondition!
|
The condition(s) for what columns the policy will apply to. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"columnCondition": GlobalColumnCondition,
"conditionalPredicate": "xyz789"
}
ID
Description
The ID scalar type represents a unique identifier, often used to refetch an object or as key for a cache. The ID type appears in a JSON response as a String; however, it is not intended to be human-readable. When expected as an input type, any string (such as "4") or integer (such as 4) input value will be accepted as an ID.
Example
4
Int
Description
The Int scalar type represents non-fractional signed whole numeric values. Int can represent values between -(2^31) and 2^31 - 1.
Example
987
Interval
Description
The interval of the export.
Values
| Enum Value | Description |
|---|---|
|
|
Run export every 2 hours at the beginning of the hour (0 */2 * * *). |
|
|
Run export every 4 hours at the beginning of the hour (0 */4 * * *). |
|
|
Run export every 6 hours at the beginning of the hour (0 */6 * * *). |
|
|
Run export every 12 hours at the beginning of the hour (0 */12 * * *). |
|
|
Run export every 24 hours at the beginning of the hour (0 */24 * * *). |
Example
"EVERY_2_HOURS"
JSON
Description
The JSON scalar type represents JSON values as specified by ECMA-404.
Example
{}
JobStatus
Description
The status of the job
Values
| Enum Value | Description |
|---|---|
|
|
Default value when a new job has been submitted and is running. |
|
|
Value when a job has failed for any reason. |
|
|
Value when a job has successfully completed. |
Example
"RUNNING"
JobTaskStatus
Description
The status of the task.
Values
| Enum Value | Description |
|---|---|
|
|
Value when a task is running. |
|
|
Value when a task has failed for any reason. |
|
|
Value when a task has successfully completed. |
Example
"RUNNING"
KAnonMaskingRule
Description
Mask by K-Anonymization.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
kLevel - Float
|
The minimum group size. |
reIdProbability - Float
|
The re-identification probability. |
Possible Types
| KAnonMaskingRule Types |
|---|
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"kLevel": 987.65,
"reIdProbability": 123.45
}
KAnonMaskingRuleApplied
Description
Mask by K-Anonymization.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
ruleAppliedForUser - Boolean!
|
If this rule matched for the user running the query. |
fields - [String!]!
|
The columns this rule applies to. |
kLevel - Float
|
The minimum group size. |
reIdProbability - Float
|
The re-identification probability. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"ruleAppliedForUser": false,
"fields": ["xyz789"],
"kLevel": 123.45,
"reIdProbability": 123.45
}
KAnonMaskingRuleGlobal
Description
Mask by K-Anonymization.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
columnCondition - GlobalColumnCondition!
|
The condition(s) for what columns the policy will apply to. |
kLevel - Float
|
The minimum group size. |
reIdProbability - Float
|
The re-identification probability. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"columnCondition": GlobalColumnCondition,
"kLevel": 123.45,
"reIdProbability": 123.45
}
License
Description
An Immuta license resource representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the license. |
name - String!
|
The name of the license (same as ID). |
type - ResourceType!
|
The type of the resource - LICENSE. |
Example
{
"id": 4,
"name": "abc123",
"type": "ATTRIBUTE"
}
LicenseAuditPayload
Description
The license audit event payload.
Possible Types
| LicenseAuditPayload Types |
|---|
Example
{"type": "abc123", "version": 987.65}
LicenseCreatedAuditEvent
Description
The license created audit event representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the audit event. |
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
action - AuditEventAction!
|
The action that was performed. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actor - Actor!
|
The user who performed the action. |
actorIp - String
|
The IP address of the actor. |
tenantId - String!
|
The ID of the tenant. |
targetType - ResourceType!
|
The type of the target resources (e.g., DATASOURCE, POLICY, PURPOSE, PROJECT, TAG, USER). |
targets - [License!]!
|
The target licenses. |
relatedResources - [Resource!]!
|
Resources related to the action that are not targets. |
auditPayload - LicenseAuditPayload!
|
The license audit event payload. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
receivedTimestamp - DateTime!
|
The timestamp the audit event was received and stored by Immuta. |
Example
{
"id": 4,
"sessionId": "abc123",
"userAgent": "xyz789",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [License],
"relatedResources": [Resource],
"auditPayload": LicenseAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
LicenseCreatedAuditEventInput
Description
The license created audit event input representation.
Fields
| Input Field | Description |
|---|---|
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actorId - String!
|
The ID of the user who performed the action. |
actorIdProvider - String!
|
The identity provider of the actor. |
profileId - String
|
The ID of the user's profile. |
userName - String
|
The name of the user. |
actorIp - String
|
The IP address of the actor. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
id - ID
|
The ID of the audit event. |
licenseId - String
|
The ID of the license. |
licenseKey - String!
|
The encoded license key. |
Example
{
"sessionId": "abc123",
"userAgent": "abc123",
"requestId": "xyz789",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actorId": "abc123",
"actorIdProvider": "xyz789",
"profileId": "xyz789",
"userName": "abc123",
"actorIp": "xyz789",
"eventTimestamp": "2007-12-03T10:15:30Z",
"id": 4,
"licenseId": "xyz789",
"licenseKey": "abc123"
}
LicenseCreatedAuditPayload
LicenseDeletedAuditEvent
Description
The license deleted audit event representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the audit event. |
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
action - AuditEventAction!
|
The action that was performed. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actor - Actor!
|
The user who performed the action. |
actorIp - String
|
The IP address of the actor. |
tenantId - String!
|
The ID of the tenant. |
targetType - ResourceType!
|
The type of the target resources (e.g., DATASOURCE, POLICY, PURPOSE, PROJECT, TAG, USER). |
targets - [License!]!
|
The target licenses. |
relatedResources - [Resource!]!
|
Resources related to the action that are not targets. |
auditPayload - LicenseAuditPayload!
|
The license audit event payload. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
receivedTimestamp - DateTime!
|
The timestamp the audit event was received and stored by Immuta. |
Example
{
"id": 4,
"sessionId": "abc123",
"userAgent": "xyz789",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [License],
"relatedResources": [Resource],
"auditPayload": LicenseAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
LicenseDeletedAuditEventInput
Description
The license deleted audit event input representation.
Fields
| Input Field | Description |
|---|---|
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actorId - String!
|
The ID of the user who performed the action. |
actorIdProvider - String!
|
The identity provider of the actor. |
profileId - String
|
The ID of the user's profile. |
userName - String
|
The name of the user. |
actorIp - String
|
The IP address of the actor. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
id - ID
|
The ID of the audit event. |
licenseId - String!
|
The ID of the license. |
Example
{
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "abc123",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actorId": "abc123",
"actorIdProvider": "abc123",
"profileId": "xyz789",
"userName": "xyz789",
"actorIp": "abc123",
"eventTimestamp": "2007-12-03T10:15:30Z",
"id": "4",
"licenseId": "abc123"
}
LicenseDeletedAuditPayload
MaskingPolicyApplied
Description
The common masking policy fields
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
global - Boolean!
|
|
policyKey - String
|
The key for the policy for usage with the v2 api |
name - String
|
The name of the policy |
id - String
|
The id of the policy |
dataPolicyType - DataPolicyType!
|
What type of data policy this represents. |
rules - [MaskingRuleLocal!]!
|
The masking rules for this policy. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "xyz789",
"global": false,
"policyKey": "xyz789",
"name": "abc123",
"id": "abc123",
"dataPolicyType": "MASKING",
"rules": [MaskingRuleLocal]
}
MaskingPolicyGlobal
Description
The common masking policy fields
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
dataPolicyType - DataPolicyType!
|
What type of data policy this represents. |
rules - [MaskingRuleGlobal!]!
|
The masking rules for this policy. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "abc123",
"dataPolicyType": "MASKING",
"rules": [MaskingRuleGlobal]
}
MaskingRule
Description
The common masking rule fields.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
Possible Types
| MaskingRule Types |
|---|
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions
}
MaskingRuleGlobal
Description
The common global masking rule fields.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
columnCondition - GlobalColumnCondition!
|
The condition(s) for what columns the policy will apply to. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"columnCondition": GlobalColumnCondition
}
MaskingRuleLocal
Description
The common local masking rule fields.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
ruleAppliedForUser - Boolean!
|
If this rule matched for the user running the query. |
fields - [String!]!
|
The columns this rule applies to. |
Possible Types
| MaskingRuleLocal Types |
|---|
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"ruleAppliedForUser": false,
"fields": ["xyz789"]
}
MinimizationDataRule
Description
Restrcits data shown to be a certain perctnage of the actual data.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
|
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
percent - Float!
|
How much data will be shown. |
Possible Types
| MinimizationDataRule Types |
|---|
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"percent": 987.65
}
MinimizationDataRuleApplied
Description
Restrcits data shown to be a certain perctnage of the actual data.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
|
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
ruleAppliedForUser - Boolean!
|
If this rule matched for the user running the query. |
percent - Float!
|
How much data will be shown. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"ruleAppliedForUser": true,
"percent": 123.45
}
MinimizationDataRuleGlobal
Description
Restrcits data shown to be a certain perctnage of the actual data.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
|
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
percent - Float!
|
How much data will be shown. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"percent": 123.45
}
MinimizationPolicyApplied
Description
Restrcits data shown to be a certain perctnage of the actual data.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
global - Boolean!
|
|
policyKey - String
|
The key for the policy for usage with the v2 api |
name - String
|
The name of the policy |
id - String
|
The id of the policy |
dataPolicyType - DataPolicyType!
|
What type of data policy this represents. |
rules - [MinimizationDataRuleApplied!]!
|
The minimization rules for this policy. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "abc123",
"global": true,
"policyKey": "abc123",
"name": "xyz789",
"id": "abc123",
"dataPolicyType": "MASKING",
"rules": [MinimizationDataRuleApplied]
}
MinimizationPolicyGlobal
Description
Restrcits data shown to be a certain perctnage of the actual data.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
dataPolicyType - DataPolicyType!
|
What type of data policy this represents. |
rules - [MinimizationDataRuleGlobal!]!
|
The minimization rules for this policy. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "xyz789",
"dataPolicyType": "MASKING",
"rules": [MinimizationDataRuleGlobal]
}
Node
Description
A node object with an ID. Used to facilitate pagination.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the node. |
Possible Types
| Node Types |
|---|
Example
{"id": 4}
NullMaskingRule
Description
Mask by making the value null.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
Possible Types
| NullMaskingRule Types |
|---|
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"conditionalPredicate": "xyz789"
}
NullMaskingRuleApplied
Description
Mask by making the value null.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
ruleAppliedForUser - Boolean!
|
If this rule matched for the user running the query. |
fields - [String!]!
|
The columns this rule applies to. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"ruleAppliedForUser": true,
"fields": ["abc123"],
"conditionalPredicate": "xyz789"
}
NullMaskingRuleGlobal
Description
Mask by making the value null.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
columnCondition - GlobalColumnCondition!
|
The condition(s) for what columns the policy will apply to. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"columnCondition": GlobalColumnCondition,
"conditionalPredicate": "abc123"
}
ObjectAccessed
Description
The object accessed in the query explicitly or through shortcuts, such as using an asterisk (*).
Fields
| Field Name | Description |
|---|---|
name - String!
|
The name of the object accessed. |
datasourceId - String
|
The ID of the data source. |
databaseName - String
|
The name of the database that backs this data source. |
schemaName - String
|
The name of the schema that backs this data source. |
type - ObjectAccessedType!
|
The type of the object accessed (e.g., TABLE or STAGE). |
columns - [ColumnAccessed!]!
|
The list of all columns accessed. |
tags - [ObjectAccessedTag!]
|
The tags associated to the object accessed. |
securityProfile - SecurityProfile
|
The column accessed security profile. |
Example
{
"name": "xyz789",
"datasourceId": "xyz789",
"databaseName": "abc123",
"schemaName": "abc123",
"type": "TABLE",
"columns": [ColumnAccessed],
"tags": [ObjectAccessedTag],
"securityProfile": SecurityProfile
}
ObjectAccessedInput
Description
The object accessed in the query explicitly or through shortcuts, such as using an asterisk (*).
Fields
| Input Field | Description |
|---|---|
name - String!
|
The name of the object accessed. |
datasourceId - String
|
The ID of the data source. |
databaseName - String
|
The name of the database that backs this data source. |
schemaName - String
|
The name of the schema that backs this data source. |
type - ObjectAccessedType!
|
The type of the object accessed (e.g., TABLE or STAGE). |
columns - [ColumnAccessedInput!]
|
The list of all columns accessed. |
tags - [ObjectAccessedTagInput!]
|
The tags associated to the object accessed. |
securityProfile - SecurityProfileInput
|
The column accessed security profile. |
Example
{
"name": "xyz789",
"datasourceId": "abc123",
"databaseName": "abc123",
"schemaName": "xyz789",
"type": "TABLE",
"columns": [ColumnAccessedInput],
"tags": [ObjectAccessedTagInput],
"securityProfile": SecurityProfileInput
}
ObjectAccessedTag
Description
The object accessed tag.
Fields
| Field Name | Description |
|---|---|
id - String!
|
The object accessed tag ID. |
name - String!
|
The object accessed tag name. |
source - String!
|
The object accessed tag source. |
context - String
|
The context under which the tag was applied. |
deleted - Boolean
|
True if the tag is deleted. |
transient - Boolean
|
True if the tag is transient to the query. |
framework - TagFramework
|
The object accessed tag framework, if applicable. |
Example
{
"id": "xyz789",
"name": "abc123",
"source": "abc123",
"context": "xyz789",
"deleted": false,
"transient": true,
"framework": TagFramework
}
ObjectAccessedTagInput
Description
The object accessed tag.
Fields
| Input Field | Description |
|---|---|
id - String!
|
The object accessed tag ID. |
name - String!
|
The object accessed tag name. |
source - String!
|
The object accessed tag source. |
context - String
|
The context under which the tag was applied. |
deleted - Boolean
|
True if the tag is deleted. |
transient - Boolean
|
True if the tag is transient to the query. |
framework - TagFrameworkInput
|
The object accessed tag framework, if applicable. |
Example
{
"id": "abc123",
"name": "xyz789",
"source": "abc123",
"context": "abc123",
"deleted": true,
"transient": false,
"framework": TagFrameworkInput
}
ObjectAccessedType
Description
The type of the object accessed (e.g., TABLE or STAGE).
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"TABLE"
OlderOrNewer
Description
For use in a time window rule. If OLDER the time set is a min age, if NEWER the time is used as a max age.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"OLDER"
Policy
Description
The root policy type for all data and subscription policies.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
Possible Types
| Policy Types |
|---|
Example
{
"type": "SUBSCRIPTION",
"rationale": "abc123"
}
PolicyType
Description
If the policy is a data or subscription policy.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"SUBSCRIPTION"
Project
Description
A project resource representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the project. |
name - String!
|
The name of the project. |
type - ResourceType!
|
The type of the resource - PROJECT. |
projectKey - String!
|
A key/name to uniquely identify this project. |
Example
{
"id": 4,
"name": "abc123",
"type": "ATTRIBUTE",
"projectKey": "abc123"
}
Purpose
Description
An Immuta purpose resource representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the purpose. |
name - String!
|
The name of the purpose. |
type - ResourceType!
|
The type of the resource - PURPOSE. |
Example
{
"id": "4",
"name": "xyz789",
"type": "ATTRIBUTE"
}
PurposeAuditPayload
Description
The purpose audit event payload.
Possible Types
| PurposeAuditPayload Types |
|---|
Example
{"type": "abc123", "version": 123.45}
PurposeDeletedAuditEvent
Description
The purpose deleted audit event representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the audit event. |
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
action - AuditEventAction!
|
The action that was performed. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actor - Actor!
|
The user who performed the action. |
actorIp - String
|
The IP address of the actor. |
tenantId - String!
|
The ID of the tenant. |
targetType - ResourceType!
|
The type of the target resources (e.g., DATASOURCE, POLICY, PURPOSE, PROJECT, TAG, USER). |
targets - [Purpose!]!
|
The target purposes. |
relatedResources - [Resource!]!
|
Resources related to the action that are not targets. |
auditPayload - PurposeAuditPayload!
|
The purpose audit event payload. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
receivedTimestamp - DateTime!
|
The timestamp the audit event was received and stored by Immuta. |
Example
{
"id": "4",
"sessionId": "xyz789",
"userAgent": "abc123",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Purpose],
"relatedResources": [Resource],
"auditPayload": PurposeAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
PurposeDeletedAuditEventInput
Description
The purpose deleted audit event input representation.
Fields
| Input Field | Description |
|---|---|
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actorId - String!
|
The ID of the user who performed the action. |
actorIdProvider - String!
|
The identity provider of the actor. |
profileId - String
|
The ID of the user's profile. |
userName - String
|
The name of the user. |
actorIp - String
|
The IP address of the actor. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
id - ID
|
The ID of the audit event. |
purposes - [DeletedPurposeInput!]!
|
An array of purposes. |
Example
{
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "abc123",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actorId": "abc123",
"actorIdProvider": "abc123",
"profileId": "xyz789",
"userName": "xyz789",
"actorIp": "abc123",
"eventTimestamp": "2007-12-03T10:15:30Z",
"id": 4,
"purposes": [DeletedPurposeInput]
}
PurposeDeletedAuditPayload
Description
The purpose deleted audit event payload representation.
Fields
| Field Name | Description |
|---|---|
type - String!
|
|
version - Float
|
The version of the Audit Event Schema |
purposes - [DeletedPurpose!]!
|
An array of purposes. |
Example
{
"type": "xyz789",
"version": 123.45,
"purposes": [DeletedPurpose]
}
PurposeRestrictionDataRule
Description
Restricts usage of the data source to the purposes listed.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
|
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
purposes - [String!]!
|
The purposes needed. |
purposeRequirement - ConditionsOperator!
|
If the user needs all purposes or just one of them. |
Possible Types
| PurposeRestrictionDataRule Types |
|---|
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"purposes": ["abc123"],
"purposeRequirement": "ALL"
}
PurposeRestrictionDataRuleApplied
Description
Restricts usage of the data source to the purposes listed.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
|
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
ruleAppliedForUser - Boolean!
|
If this rule matched for the user running the query. |
purposes - [String!]!
|
The purposes needed. |
purposeRequirement - ConditionsOperator!
|
If the user needs all purposes or just one of them. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"ruleAppliedForUser": false,
"purposes": ["xyz789"],
"purposeRequirement": "ALL"
}
PurposeRestrictionDataRuleGlobal
Description
Restricts usage of the data source to the purposes listed.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
|
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
purposes - [String!]!
|
The purposes needed. |
purposeRequirement - ConditionsOperator!
|
If the user needs all purposes or just one of them. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"purposes": ["xyz789"],
"purposeRequirement": "ALL"
}
PurposeRestrictionPolicyApplied
Description
Restricts usage of the data source to the purposes listed.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
global - Boolean!
|
|
policyKey - String
|
The key for the policy for usage with the v2 api |
name - String
|
The name of the policy |
id - String
|
The id of the policy |
dataPolicyType - DataPolicyType!
|
What type of data policy this represents. |
rules - [PurposeRestrictionDataRuleApplied!]!
|
The purpose restriction rules for this policy. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "xyz789",
"global": false,
"policyKey": "abc123",
"name": "abc123",
"id": "xyz789",
"dataPolicyType": "MASKING",
"rules": [PurposeRestrictionDataRuleApplied]
}
PurposeRestrictionPolicyGlobal
Description
Restricts usage of the data source to the purposes listed.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
dataPolicyType - DataPolicyType!
|
What type of data policy this represents. |
rules - [PurposeRestrictionDataRuleGlobal!]!
|
The purpose restriction rules for this policy. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "abc123",
"dataPolicyType": "MASKING",
"rules": [PurposeRestrictionDataRuleGlobal]
}
PurposeUpdatedAuditEvent
Description
The purpose updated audit event representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the audit event. |
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
action - AuditEventAction!
|
The action that was performed. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actor - Actor!
|
The user who performed the action. |
actorIp - String
|
The IP address of the actor. |
tenantId - String!
|
The ID of the tenant. |
targetType - ResourceType!
|
The type of the target resources (e.g., DATASOURCE, POLICY, PURPOSE, PROJECT, TAG, USER). |
targets - [Purpose!]!
|
The target purposes. |
relatedResources - [Resource!]!
|
Resources related to the action that are not targets. |
auditPayload - PurposeAuditPayload!
|
The purpose audit event payload. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
receivedTimestamp - DateTime!
|
The timestamp the audit event was received and stored by Immuta. |
Example
{
"id": 4,
"sessionId": "xyz789",
"userAgent": "abc123",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Purpose],
"relatedResources": [Resource],
"auditPayload": PurposeAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
PurposeUpdatedAuditEventInput
Description
The purpose updated audit event input representation.
Fields
| Input Field | Description |
|---|---|
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actorId - String!
|
The ID of the user who performed the action. |
actorIdProvider - String!
|
The identity provider of the actor. |
profileId - String
|
The ID of the user's profile. |
userName - String
|
The name of the user. |
actorIp - String
|
The IP address of the actor. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
id - ID
|
The ID of the audit event. |
description - String
|
The description of the purpose. |
kAnonNoiseReduction - String
|
The level of noise reduction allowed when doing policy adjustments on data sources in projects with this purpose. |
allowUnmaskedKAnon - Boolean
|
True if fields normally masked via K-anonymization are eligible for viewing in an unmasked state. |
adjustmentCertificationText - String
|
The text that will be shown when certifying a policy adjustment. |
purposeId - String!
|
The ID of the purpose. |
name - String
|
The name of the purpose. |
acknowledgement - String
|
The acknowledgement that users must agree to when joining a project with this purpose. |
Example
{
"sessionId": "abc123",
"userAgent": "xyz789",
"requestId": "abc123",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actorId": "xyz789",
"actorIdProvider": "abc123",
"profileId": "abc123",
"userName": "abc123",
"actorIp": "xyz789",
"eventTimestamp": "2007-12-03T10:15:30Z",
"id": 4,
"description": "xyz789",
"kAnonNoiseReduction": "abc123",
"allowUnmaskedKAnon": true,
"adjustmentCertificationText": "xyz789",
"purposeId": "abc123",
"name": "abc123",
"acknowledgement": "xyz789"
}
PurposeUpdatedAuditPayload
Description
The purpose updated audit event payload representation.
Fields
| Field Name | Description |
|---|---|
description - String
|
The description of the purpose. |
kAnonNoiseReduction - String
|
The level of noise reduction allowed when doing policy adjustments on data sources in projects with this purpose. |
allowUnmaskedKAnon - Boolean
|
The text that will be shown when certifying a policy adjustment. |
adjustmentCertificationText - String
|
The text that will be shown when certifying a policy adjustment. |
type - String!
|
|
version - Float
|
The version of the Audit Event Schema |
id - ID!
|
The ID of the purpose. |
name - String
|
The name of the purpose. |
acknowledgement - String
|
The acknowledgement that users must agree to when joining a project with this purpose. |
Example
{
"description": "xyz789",
"kAnonNoiseReduction": "xyz789",
"allowUnmaskedKAnon": false,
"adjustmentCertificationText": "abc123",
"type": "abc123",
"version": 987.65,
"id": "4",
"name": "abc123",
"acknowledgement": "abc123"
}
PurposeUpsertedAuditEvent
Description
The purpose upserted audit event representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the audit event. |
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
action - AuditEventAction!
|
The action that was performed. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actor - Actor!
|
The user who performed the action. |
actorIp - String
|
The IP address of the actor. |
tenantId - String!
|
The ID of the tenant. |
targetType - ResourceType!
|
The type of the target resources (e.g., DATASOURCE, POLICY, PURPOSE, PROJECT, TAG, USER). |
targets - [Purpose!]!
|
The target purposes. |
relatedResources - [Resource!]!
|
Resources related to the action that are not targets. |
auditPayload - PurposeAuditPayload!
|
The purpose audit event payload. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
receivedTimestamp - DateTime!
|
The timestamp the audit event was received and stored by Immuta. |
Example
{
"id": 4,
"sessionId": "abc123",
"userAgent": "xyz789",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Purpose],
"relatedResources": [Resource],
"auditPayload": PurposeAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
PurposeUpsertedAuditEventInput
Description
The purpose upserted audit event input representation.
Fields
| Input Field | Description |
|---|---|
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actorId - String!
|
The ID of the user who performed the action. |
actorIdProvider - String!
|
The identity provider of the actor. |
profileId - String
|
The ID of the user's profile. |
userName - String
|
The name of the user. |
actorIp - String
|
The IP address of the actor. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
id - ID
|
The ID of the audit event. |
description - String
|
The description of the purpose. |
kAnonNoiseReduction - String
|
The level of noise reduction allowed when doing policy adjustments on data sources in projects with this purpose. |
allowUnmaskedKAnon - Boolean
|
True if fields normally masked via K-anonymization are eligible for viewing in an unmasked state. |
adjustmentCertificationText - String
|
The text that will be shown when certifying a policy adjustment. |
purposeId - String
|
The ID of the purpose. |
name - String!
|
The name of the purpose. |
acknowledgement - String!
|
The acknowledgement that users must agree to when joining a project with this purpose. |
subpurposes - [SubpurposeInput!]!
|
The subpurposes of the purpose. |
Example
{
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "xyz789",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actorId": "xyz789",
"actorIdProvider": "abc123",
"profileId": "abc123",
"userName": "abc123",
"actorIp": "xyz789",
"eventTimestamp": "2007-12-03T10:15:30Z",
"id": "4",
"description": "xyz789",
"kAnonNoiseReduction": "abc123",
"allowUnmaskedKAnon": false,
"adjustmentCertificationText": "xyz789",
"purposeId": "xyz789",
"name": "xyz789",
"acknowledgement": "xyz789",
"subpurposes": [SubpurposeInput]
}
PurposeUpsertedAuditPayload
Description
The purpose upserted audit event payload representation.
Fields
| Field Name | Description |
|---|---|
description - String
|
The description of the purpose. |
kAnonNoiseReduction - String
|
The level of noise reduction allowed when doing policy adjustments on data sources in projects with this purpose. |
allowUnmaskedKAnon - Boolean
|
The text that will be shown when certifying a policy adjustment. |
adjustmentCertificationText - String
|
The text that will be shown when certifying a policy adjustment. |
type - String!
|
|
version - Float
|
The version of the Audit Event Schema |
name - String!
|
The name of the purpose. |
acknowledgement - String!
|
The acknowledgement that users must agree to when joining a project with this purpose. |
subpurposes - [Subpurpose!]!
|
The subpurposes of the purpose. |
Example
{
"description": "abc123",
"kAnonNoiseReduction": "abc123",
"allowUnmaskedKAnon": true,
"adjustmentCertificationText": "abc123",
"type": "xyz789",
"version": 987.65,
"name": "xyz789",
"acknowledgement": "xyz789",
"subpurposes": [Subpurpose]
}
QueryAuditEvent
Description
The query audit event representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the audit event. |
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
action - AuditEventAction!
|
The action that was performed. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actor - Actor!
|
The user who performed the action. |
actorIp - String
|
The IP address of the actor. |
tenantId - String!
|
The ID of the tenant. |
targetType - ResourceType!
|
The type of the target resources (e.g., DATASOURCE, POLICY, PURPOSE, PROJECT, TAG, USER). |
targets - [Datasource!]!
|
The target data sources of the query. |
relatedResources - [Resource!]!
|
Resources related to the action that are not targets. |
auditPayload - QueryAuditPayload!
|
Base query audit event payload representation. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
receivedTimestamp - DateTime!
|
The timestamp the audit event was received and stored by Immuta. |
Example
{
"id": "4",
"sessionId": "xyz789",
"userAgent": "abc123",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Datasource],
"relatedResources": [Resource],
"auditPayload": QueryAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
QueryAuditPayload
Description
Base query audit event payload representation.
Fields
| Field Name | Description |
|---|---|
type - String!
|
|
version - Float
|
The version of the Audit Event Schema |
queryId - String!
|
Unique ID of the query. |
query - String
|
The executed query. |
startTime - DateTime!
|
The start time of the query. |
endTime - DateTime
|
The end time of the query. |
duration - Float
|
The duration of the query in milliseconds. |
accessControls - AccessControls
|
Represents the access controls enforced when a user queries a data source. |
technologyContext - TechnologyContext!
|
Additional context of the query based on the underlying technology. |
objectsAccessed - [ObjectAccessed!]!
|
The objects accessed in the query explicitly or through shortcuts, such as using an asterisk (*). |
securityProfile - SecurityProfile
|
The query security profile. |
errorCode - String
|
The error code of the query, if applicable. |
Example
{
"type": "abc123",
"version": 123.45,
"queryId": "abc123",
"query": "xyz789",
"startTime": "2007-12-03T10:15:30Z",
"endTime": "2007-12-03T10:15:30Z",
"duration": 123.45,
"accessControls": AccessControls,
"technologyContext": TechnologyContext,
"objectsAccessed": [ObjectAccessed],
"securityProfile": SecurityProfile,
"errorCode": "xyz789"
}
QueryEngineContext
Description
Query Engine context for query audit payloads.
Fields
| Field Name | Description |
|---|---|
type - String!
|
The technology context type - QueryEngineContext. |
remoteQueries - [String!]!
|
Remote queries executed on the underlying database provider by the Immuta Query Engine. |
Example
{
"type": "abc123",
"remoteQueries": ["abc123"]
}
RandomizedResponseMaskingRule
Description
Masking with Randomized Response.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
replacementRate - Float
|
The actual/computed likelihood that a value will be replaced with a different value (categorical data only). |
replacementRatePercent - Float
|
The specified percentage of how often a value should be replaced with a different value (categorical data only). |
stddev - Float
|
The standard deviation of a replaced value based on the original value (numeric data only). |
Possible Types
| RandomizedResponseMaskingRule Types |
|---|
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"replacementRate": 123.45,
"replacementRatePercent": 123.45,
"stddev": 123.45
}
RandomizedResponseMaskingRuleApplied
Description
Masking with Randomized Response.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
ruleAppliedForUser - Boolean!
|
If this rule matched for the user running the query. |
fields - [String!]!
|
The columns this rule applies to. |
replacementRate - Float
|
The actual/computed likelihood that a value will be replaced with a different value (categorical data only). |
replacementRatePercent - Float
|
The specified percentage of how often a value should be replaced with a different value (categorical data only). |
stddev - Float
|
The standard deviation of a replaced value based on the original value (numeric data only). |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"ruleAppliedForUser": false,
"fields": ["abc123"],
"replacementRate": 123.45,
"replacementRatePercent": 123.45,
"stddev": 123.45
}
RandomizedResponseMaskingRuleGlobal
Description
Masking with Randomized Response.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
columnCondition - GlobalColumnCondition!
|
The condition(s) for what columns the policy will apply to. |
replacementRate - Float
|
The actual/computed likelihood that a value will be replaced with a different value (categorical data only). |
replacementRatePercent - Float
|
The specified percentage of how often a value should be replaced with a different value (categorical data only). |
stddev - Float
|
The standard deviation of a replaced value based on the original value (numeric data only). |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"columnCondition": GlobalColumnCondition,
"replacementRate": 123.45,
"replacementRatePercent": 987.65,
"stddev": 987.65
}
RegexMaskingRule
Description
Masking with regular expression.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
regex - String!
|
The regular expression to use. |
replacement - String!
|
The replacement expression used to mask the column. |
caseInsensitive - Boolean!
|
If a case insensitive regex search and replace was performed. |
global - Boolean!
|
If a global regex search and replace was performed. |
Possible Types
| RegexMaskingRule Types |
|---|
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"conditionalPredicate": "abc123",
"regex": "xyz789",
"replacement": "xyz789",
"caseInsensitive": false,
"global": false
}
RegexMaskingRuleApplied
Description
Masking with regular expression.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
ruleAppliedForUser - Boolean!
|
If this rule matched for the user running the query. |
fields - [String!]!
|
The columns this rule applies to. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
regex - String!
|
The regular expression to use. |
replacement - String!
|
The replacement expression used to mask the column. |
caseInsensitive - Boolean!
|
If a case insensitive regex search and replace was performed. |
global - Boolean!
|
If a global regex search and replace was performed. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"ruleAppliedForUser": false,
"fields": ["abc123"],
"conditionalPredicate": "xyz789",
"regex": "xyz789",
"replacement": "abc123",
"caseInsensitive": true,
"global": true
}
RegexMaskingRuleGlobal
Description
Masking with regular expression.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
columnCondition - GlobalColumnCondition!
|
The condition(s) for what columns the policy will apply to. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
regex - String!
|
The regular expression to use. |
replacement - String!
|
The replacement expression used to mask the column. |
caseInsensitive - Boolean!
|
If a case insensitive regex search and replace was performed. |
global - Boolean!
|
If a global regex search and replace was performed. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"columnCondition": GlobalColumnCondition,
"conditionalPredicate": "abc123",
"regex": "xyz789",
"replacement": "xyz789",
"caseInsensitive": true,
"global": false
}
Resource
Description
An Immuta-managed resource.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the resource. |
name - String!
|
The name of the resource. |
type - ResourceType!
|
The type of the resource. |
Possible Types
| Resource Types |
|---|
Example
{
"id": "4",
"name": "abc123",
"type": "ATTRIBUTE"
}
ResourceType
Description
An enumeration of resource types within the Immuta platform.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"ATTRIBUTE"
ReversibleMaskingRuleApplied
Description
Mask with reversible masking.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
ruleAppliedForUser - Boolean!
|
If this rule matched for the user running the query. |
fields - [String!]!
|
The columns this rule applies to. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"ruleAppliedForUser": false,
"fields": ["xyz789"],
"conditionalPredicate": "abc123"
}
ReversibleMaskingRuleGlobal
Description
Mask with reversible masking.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
columnCondition - GlobalColumnCondition!
|
The condition(s) for what columns the policy will apply to. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"columnCondition": GlobalColumnCondition,
"conditionalPredicate": "xyz789"
}
RoundingMaskingRule
Description
Mask by rounding.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
bucketSize - Float
|
The size of the bucket for grouping values. |
timePrecision - TimePrecision
|
The date/time unit to group/bucket values. |
Possible Types
| RoundingMaskingRule Types |
|---|
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"conditionalPredicate": "xyz789",
"bucketSize": 987.65,
"timePrecision": "HOUR"
}
RoundingMaskingRuleApplied
Description
Mask by rounding.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
ruleAppliedForUser - Boolean!
|
If this rule matched for the user running the query. |
fields - [String!]!
|
The columns this rule applies to. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
bucketSize - Float
|
The size of the bucket for grouping values. |
timePrecision - TimePrecision
|
The date/time unit to group/bucket values. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"ruleAppliedForUser": false,
"fields": ["xyz789"],
"conditionalPredicate": "xyz789",
"bucketSize": 987.65,
"timePrecision": "HOUR"
}
RoundingMaskingRuleGlobal
Description
Mask by rounding.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of masking used in this rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
columnCondition - GlobalColumnCondition!
|
The condition(s) for what columns the policy will apply to. |
conditionalPredicate - String
|
SQL where clause to conditionally apply this masking rule. |
bucketSize - Float
|
The size of the bucket for grouping values. |
timePrecision - TimePrecision
|
The date/time unit to group/bucket values. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"columnCondition": GlobalColumnCondition,
"conditionalPredicate": "abc123",
"bucketSize": 123.45,
"timePrecision": "HOUR"
}
RowLevelDataRule
Description
Row level rule.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of data rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
Possible Types
| RowLevelDataRule Types |
|---|
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions
}
RowLevelDataRuleLocal
Description
Row level rule.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of data rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
ruleAppliedForUser - Boolean!
|
If this rule matched for the user running the query. |
Possible Types
| RowLevelDataRuleLocal Types |
|---|
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"ruleAppliedForUser": false
}
RowRestrictionPolicyApplied
Description
Filters the rows shown.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
global - Boolean!
|
|
policyKey - String
|
The key for the policy for usage with the v2 api |
name - String
|
The name of the policy |
id - String
|
The id of the policy |
dataPolicyType - DataPolicyType!
|
What type of data policy this represents. |
rules - [RowLevelDataRuleLocal!]!
|
The rules for this policy. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "xyz789",
"global": false,
"policyKey": "abc123",
"name": "xyz789",
"id": "xyz789",
"dataPolicyType": "MASKING",
"rules": [RowLevelDataRuleLocal]
}
RowRestrictionPolicyGlobal
Description
Filters the rows shown.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
dataPolicyType - DataPolicyType!
|
What type of data policy this represents. |
rules - [RowLevelDataRule!]!
|
The rules for this policy. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "xyz789",
"dataPolicyType": "MASKING",
"rules": [RowLevelDataRule]
}
RowRestrictionShowRowsNeverRule
Description
Filters/blocks all rows unconditionally
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of data rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
Possible Types
| RowRestrictionShowRowsNeverRule Types |
|---|
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions
}
RowRestrictionShowRowsNeverRuleApplied
Description
Filters/blocks all rows unconditionally
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of data rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
ruleAppliedForUser - Boolean!
|
If this rule matched for the user running the query. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"ruleAppliedForUser": false
}
RowRestrictionShowRowsNeverRuleGlobal
Description
Filters/blocks all rows unconditionally
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of data rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions
}
RowRestrictionWhereRule
Description
Filters rows according to a SQL predicate.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of data rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
predicate - String!
|
The SQL predicate to filter by. |
Possible Types
| RowRestrictionWhereRule Types |
|---|
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"predicate": "abc123"
}
RowRestrictionWhereRuleApplied
Description
Filters rows according to a SQL predicate.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of data rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
ruleAppliedForUser - Boolean!
|
If this rule matched for the user running the query. |
predicate - String!
|
The SQL predicate to filter by. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"ruleAppliedForUser": true,
"predicate": "xyz789"
}
RowRestrictionWhereRuleGlobal
Description
Filters rows according to a SQL predicate.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
The type of data rule. |
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
predicate - String!
|
The SQL predicate to filter by. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"predicate": "abc123"
}
S3EndpointConfiguration
Description
The S3 export configuration.
Example
{
"bucket": "abc123",
"path": "abc123",
"region": "xyz789",
"accessKeyId": "xyz789"
}
SecurityProfile
Description
This profile describes various security-related measures that assess the overall security posture of a resource.
Fields
| Field Name | Description |
|---|---|
sensitivity - TagSensitivity
|
The security profile's sensitivity of the associated tags. |
Example
{"sensitivity": TagSensitivity}
SecurityProfileInput
Description
This profile describes various security-related measures that assess the overall security posture of a resource.
Fields
| Input Field | Description |
|---|---|
sensitivity - TagSensitivityInput!
|
The security profile's sensitivity of the associated tags. |
Example
{"sensitivity": TagSensitivityInput}
SensitivityValue
Description
An enumeration of the sensitivity values.
Values
| Enum Value | Description |
|---|---|
|
|
Sensitivity is not applicable. |
|
|
Sensitivity is indeterminate. |
|
|
Non-sensitive. |
|
|
Sensitive. |
|
|
Sensitivity is high. |
Example
"NOT_APPLICABLE"
SimplePolicy
Description
Simple Subscription policies with no extra information.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
subscriptionPolicyType - SubscriptionPolicyType!
|
Denotes the subscription policy type. |
Possible Types
| SimplePolicy Types |
|---|
Example
{
"type": "SUBSCRIPTION",
"rationale": "xyz789",
"subscriptionPolicyType": "MANUAL"
}
SimplePolicyApplied
Description
Simple Subscription policies with no extra information.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
global - Boolean!
|
|
policyKey - String
|
A key/name to uniquely identify this policy. |
name - String
|
The name of the policy |
id - String
|
The id of the policy |
subscriptionPolicyType - SubscriptionPolicyType!
|
Denotes the subscription policy type. |
mergedPolicies - [SubscriptionPolicyApplied!]
|
The Subscription policies that were merged together to create this policy. |
ruleAppliedForUser - Boolean!
|
If this policy matched for the user running the query. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "xyz789",
"global": false,
"policyKey": "xyz789",
"name": "xyz789",
"id": "xyz789",
"subscriptionPolicyType": "MANUAL",
"mergedPolicies": [SubscriptionPolicyApplied],
"ruleAppliedForUser": true
}
SimplePolicyGlobal
Description
Simple Subscription policies with no extra information.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
subscriptionPolicyType - SubscriptionPolicyType!
|
Denotes the subscription policy type. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "xyz789",
"subscriptionPolicyType": "MANUAL"
}
SingleAttribute
Description
An attribute.
Fields
| Field Name | Description |
|---|---|
attribute - String!
|
The name of the attribute. |
values - [String!]!
|
The values of the attribute. |
Example
{
"attribute": "xyz789",
"values": ["abc123"]
}
SingleAttributeInput
Description
An attribute.
Fields
| Input Field | Description |
|---|---|
attribute - String!
|
The name of the attribute. |
values - [String!]!
|
The values of the attribute. |
Example
{
"attribute": "abc123",
"values": ["abc123"]
}
SingleTag
SingleTagApplied
Description
A tag resource representation with context within a tag event.
Example
{
"id": "xyz789",
"name": "abc123",
"source": "abc123",
"context": "xyz789"
}
SingleTagAppliedInput
Description
A tag resource representation with context within a tag event.
Example
{
"id": "abc123",
"name": "xyz789",
"source": "xyz789",
"context": "xyz789"
}
SingleTagInput
SingleWebhook
Description
A webhook.
Fields
| Field Name | Description |
|---|---|
id - String
|
The ID of the webhook. |
url - String!
|
The URL for the webhook. |
name - String
|
The name of the webhook. |
global - Boolean!
|
Global flag for the webhook. |
notificationType - [String!]!
|
The notification type for the webhook. |
actionType - WebhookActionType
|
The action type for the webhook. |
Example
{
"id": "abc123",
"url": "abc123",
"name": "xyz789",
"global": true,
"notificationType": ["xyz789"],
"actionType": "TRIGGERED"
}
SnowflakeContext
Description
Snowflake context for query audit payloads.
Fields
| Field Name | Description |
|---|---|
type - String!
|
The technology context type: SnowflakeContext. |
host - String!
|
Snowflake hostname. |
clientIp - String
|
The IP address that the query was executed from. |
snowflakeUsername - String!
|
Snowflake username. |
rowsProduced - BigInt!
|
The number of rows produced by the query. |
roleName - String
|
The active role during the query. |
warehouseId - String
|
The Snowflake ID of the warehouse the query was executed on, if applicable. |
warehouseName - String
|
The name of the warehouse the query was executed on, if applicable. |
clusterNumber - Float
|
The cluster the query was executed on. |
Example
{
"type": "xyz789",
"host": "abc123",
"clientIp": "abc123",
"snowflakeUsername": "abc123",
"rowsProduced": {},
"roleName": "abc123",
"warehouseId": "abc123",
"warehouseName": "xyz789",
"clusterNumber": 987.65
}
SnowflakeQueryAuditEventInput
Description
The audit event input from Snowflake queries.
Fields
| Input Field | Description |
|---|---|
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actorId - String!
|
The ID of the user who performed the action. |
actorIdProvider - String!
|
The identity provider of the actor. |
profileId - String
|
The ID of the user's profile. |
userName - String
|
The name of the user. |
actorIp - String
|
The IP address of the actor. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
id - ID
|
The ID of the audit event. |
datasources - [DatasourceInput!]!
|
The data sources used in this query. |
queryId - String!
|
Unique ID of the query. |
query - String
|
The executed query. |
startTime - DateTime!
|
The start time of the query. |
endTime - DateTime
|
The end time of the query. |
duration - Float
|
The duration of the query in milliseconds. |
impersonatedBy - String
|
The user who directed impersonation, if this query used impersonation. |
policySet - JSON
|
The policies applied during this query, if applicable. |
entitlements - EntitlementsInput
|
The user entitlements applied during this query, if applicable. |
objectsAccessed - [ObjectAccessedInput!]!
|
The objects accessed in the query explicitly or through shortcuts, such as using an asterisk (*). |
securityProfile - SecurityProfileInput
|
The query security profile. |
errorCode - String
|
The error code of the query, if applicable. |
host - String!
|
Snowflake hostname. |
clientIp - String
|
The IP address that the query was executed from. |
snowflakeUsername - String!
|
Snowflake username. |
rowsProduced - BigInt!
|
The number of rows produced by the query. |
roleName - String
|
The active role during the query. |
warehouseId - String
|
The Snowflake ID of the warehouse the query was executed on, if applicable. |
warehouseName - String
|
The name of the warehouse the query was executed on, if applicable. |
clusterNumber - Float
|
The cluster the query was executed on. |
Example
{
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "xyz789",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actorId": "abc123",
"actorIdProvider": "xyz789",
"profileId": "abc123",
"userName": "abc123",
"actorIp": "abc123",
"eventTimestamp": "2007-12-03T10:15:30Z",
"id": "4",
"datasources": [DatasourceInput],
"queryId": "abc123",
"query": "abc123",
"startTime": "2007-12-03T10:15:30Z",
"endTime": "2007-12-03T10:15:30Z",
"duration": 987.65,
"impersonatedBy": "xyz789",
"policySet": {},
"entitlements": EntitlementsInput,
"objectsAccessed": [ObjectAccessedInput],
"securityProfile": SecurityProfileInput,
"errorCode": "abc123",
"host": "xyz789",
"clientIp": "abc123",
"snowflakeUsername": "xyz789",
"rowsProduced": {},
"roleName": "abc123",
"warehouseId": "xyz789",
"warehouseName": "xyz789",
"clusterNumber": 987.65
}
SortBy
Description
An enumeration of the supported query sort by fields.
Values
| Enum Value | Description |
|---|---|
|
|
Order results based on event timestamp. |
Example
"EVENT_TIMESTAMP"
SortOrder
Description
An enumeration of the supported query sort orders.
Values
| Enum Value | Description |
|---|---|
|
|
Sort in ascending order. |
|
|
Sort in descending order. |
Example
"ASC"
String
Description
The String scalar type represents textual data, represented as UTF-8 character sequences. The String type is most often used by GraphQL to represent free-form human-readable text.
Example
"abc123"
StringOrInt
Description
A String or an Int union type.
Example
StringOrInt
Subpurpose
Description
The subpurposes of the purpose.
Fields
| Field Name | Description |
|---|---|
name - String!
|
The name of the subpurpose. |
acknowledgement - String!
|
The acknowledgement that users must agree to when joining a project with this subpurpose. |
description - String
|
The description of the subpurpose. |
kAnonNoiseReduction - String
|
The level of noise reduction allowed when doing policy adjustments on data sources in projects with this subpurpose. |
allowUnmaskedKAnon - Boolean
|
True if fields normally masked via K-anonymization are eligible for viewing in an unmasked state. |
adjustmentCertificationText - String
|
The text that will be shown when certifying a policy adjustment. |
Example
{
"name": "xyz789",
"acknowledgement": "xyz789",
"description": "xyz789",
"kAnonNoiseReduction": "abc123",
"allowUnmaskedKAnon": false,
"adjustmentCertificationText": "abc123"
}
SubpurposeInput
Description
The subpurposes of the purpose.
Fields
| Input Field | Description |
|---|---|
name - String!
|
The name of the subpurpose. |
acknowledgement - String!
|
The acknowledgement that users must agree to when joining a project with this subpurpose. |
description - String
|
The description of the subpurpose. |
kAnonNoiseReduction - String
|
The level of noise reduction allowed when doing policy adjustments on data sources in projects with this subpurpose. |
allowUnmaskedKAnon - Boolean
|
True if fields normally masked via K-anonymization are eligible for viewing in an unmasked state. |
adjustmentCertificationText - String
|
The text that will be shown when certifying a policy adjustment. |
Example
{
"name": "xyz789",
"acknowledgement": "abc123",
"description": "abc123",
"kAnonNoiseReduction": "abc123",
"allowUnmaskedKAnon": false,
"adjustmentCertificationText": "xyz789"
}
Subscriber
SubscriptionEntitlementsConditions
Description
The entitlements required for the user to access the data source.
Fields
| Field Name | Description |
|---|---|
entitlementsRequirement - ConditionsOperator!
|
Denotes whether the user needs all entitlements or just one of them. |
groups - [String!]!
|
The required groups the user must be in. |
attributes - [SingleAttribute!]!
|
The required attributes the user must have. |
Example
{
"entitlementsRequirement": "ALL",
"groups": ["xyz789"],
"attributes": [SingleAttribute]
}
SubscriptionModel
Description
The model to which this subscription grants access.
Types
| Union Types |
|---|
Example
Datasource
SubscriptionPolicy
Description
The common subscription policy fields
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
subscriptionPolicyType - SubscriptionPolicyType!
|
Denotes the subscription policy type. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "xyz789",
"subscriptionPolicyType": "MANUAL"
}
SubscriptionPolicyApplied
Description
A Subscription Policy Applied to a Datasource/Project
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
subscriptionPolicyType - SubscriptionPolicyType!
|
Denotes the subscription policy type. |
global - Boolean!
|
|
policyKey - String
|
A key/name to uniquely identify this policy. |
name - String
|
The name of the policy |
id - String
|
The id of the policy |
mergedPolicies - [SubscriptionPolicyApplied!]
|
The Subscription policies that were merged together to create this policy. |
ruleAppliedForUser - Boolean!
|
If this policy matched for the user running the query. |
Possible Types
| SubscriptionPolicyApplied Types |
|---|
Example
{
"type": "SUBSCRIPTION",
"rationale": "abc123",
"subscriptionPolicyType": "MANUAL",
"global": false,
"policyKey": "xyz789",
"name": "abc123",
"id": "xyz789",
"mergedPolicies": [SubscriptionPolicyApplied],
"ruleAppliedForUser": false
}
SubscriptionPolicyType
Description
The type of subscription policy.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"MANUAL"
SystemAccount
Description
An Immuta user resource representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the system account. |
name - String!
|
The name of the system account. |
type - ResourceType!
|
The type of the resource - SYSTEM_ACCOUNT. |
Example
{
"id": "4",
"name": "abc123",
"type": "ATTRIBUTE"
}
Tag
Description
A tag resource representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the tag. |
name - String!
|
The name of the tag. |
type - ResourceType!
|
The type of the resource - TAG. |
source - String!
|
The source of the tag. |
Example
{
"id": 4,
"name": "xyz789",
"type": "ATTRIBUTE",
"source": "abc123"
}
TagAppliedAuditEvent
Description
Tag applied audit event representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the audit event. |
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
action - AuditEventAction!
|
The action that was performed. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actor - Actor!
|
The user who performed the action. |
actorIp - String
|
The IP address of the actor. |
tenantId - String!
|
The ID of the tenant. |
targetType - ResourceType!
|
The type of the target resources (e.g., DATASOURCE, POLICY, PURPOSE, PROJECT, TAG, USER). |
targets - [Resource!]!
|
The target resources of the action. |
relatedResources - [Resource!]!
|
Resources related to the action that are not targets. |
auditPayload - TagAuditPayload!
|
The tag audit event payload. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
receivedTimestamp - DateTime!
|
The timestamp the audit event was received and stored by Immuta. |
Example
{
"id": 4,
"sessionId": "abc123",
"userAgent": "xyz789",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Resource],
"relatedResources": [Resource],
"auditPayload": TagAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
TagAppliedAuditEventInput
Description
Tag applied audit event input representation.
Fields
| Input Field | Description |
|---|---|
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actorId - String!
|
The ID of the user who performed the action. |
actorIdProvider - String!
|
The identity provider of the actor. |
profileId - String
|
The ID of the user's profile. |
userName - String
|
The name of the user. |
actorIp - String
|
The IP address of the actor. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
id - ID
|
The ID of the audit event. |
modelType - TagModelType!
|
The type of model that the tag is being applied to or removed from (e.g., datasource, project). |
modelId - String!
|
The id of the model. |
subModelType - ResourceType
|
The type of sub-model (e.g., column is a sub-model type for a data source model). |
subModelId - String
|
The id of the sub-model. |
tags - [SingleTagAppliedInput!]!
|
An array of tags. |
Example
{
"sessionId": "abc123",
"userAgent": "xyz789",
"requestId": "abc123",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actorId": "xyz789",
"actorIdProvider": "xyz789",
"profileId": "xyz789",
"userName": "abc123",
"actorIp": "xyz789",
"eventTimestamp": "2007-12-03T10:15:30Z",
"id": 4,
"modelType": "DATASOURCE",
"modelId": "abc123",
"subModelType": "ATTRIBUTE",
"subModelId": "abc123",
"tags": [SingleTagAppliedInput]
}
TagAppliedAuditPayload
Description
Tag applied audit event payload representation.
Fields
| Field Name | Description |
|---|---|
modelType - TagModelType!
|
The type of model that the tag is being applied to or removed from (e.g., datasource, project). |
modelId - String!
|
The id of the model. |
subModelType - ResourceType
|
The type of sub-model (e.g., column is a sub-model type for a data source model). |
subModelId - String
|
The id of the sub-model. |
type - String!
|
|
version - Float
|
The version of the Audit Event Schema |
tags - [SingleTagApplied!]!
|
An array of tags. |
Example
{
"modelType": "DATASOURCE",
"modelId": "xyz789",
"subModelType": "ATTRIBUTE",
"subModelId": "abc123",
"type": "xyz789",
"version": 987.65,
"tags": [SingleTagApplied]
}
TagAuditPayload
Description
The tag audit event payload.
Possible Types
| TagAuditPayload Types |
|---|
Example
{"type": "xyz789", "version": 123.45}
TagCreatedAuditEvent
Description
Tag created audit event representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the audit event. |
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
action - AuditEventAction!
|
The action that was performed. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actor - Actor!
|
The user who performed the action. |
actorIp - String
|
The IP address of the actor. |
tenantId - String!
|
The ID of the tenant. |
targetType - ResourceType!
|
The type of the target resources (e.g., DATASOURCE, POLICY, PURPOSE, PROJECT, TAG, USER). |
targets - [Resource!]!
|
The target resources of the action. |
relatedResources - [Resource!]!
|
Resources related to the action that are not targets. |
auditPayload - TagAuditPayload!
|
The tag audit event payload. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
receivedTimestamp - DateTime!
|
The timestamp the audit event was received and stored by Immuta. |
Example
{
"id": "4",
"sessionId": "xyz789",
"userAgent": "abc123",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Resource],
"relatedResources": [Resource],
"auditPayload": TagAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
TagCreatedAuditEventInput
Description
Tag created audit event input representation.
Fields
| Input Field | Description |
|---|---|
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actorId - String!
|
The ID of the user who performed the action. |
actorIdProvider - String!
|
The identity provider of the actor. |
profileId - String
|
The ID of the user's profile. |
userName - String
|
The name of the user. |
actorIp - String
|
The IP address of the actor. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
id - ID
|
The ID of the audit event. |
tags - [SingleTagInput!]!
|
An array of tags. |
Example
{
"sessionId": "abc123",
"userAgent": "abc123",
"requestId": "abc123",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actorId": "xyz789",
"actorIdProvider": "xyz789",
"profileId": "abc123",
"userName": "abc123",
"actorIp": "abc123",
"eventTimestamp": "2007-12-03T10:15:30Z",
"id": 4,
"tags": [SingleTagInput]
}
TagCreatedAuditPayload
Description
Tag created audit event payload representation.
Fields
| Field Name | Description |
|---|---|
type - String!
|
|
version - Float
|
The version of the Audit Event Schema |
tags - [SingleTag!]!
|
An array of tags. |
Example
{
"type": "abc123",
"version": 987.65,
"tags": [SingleTag]
}
TagDeletedAuditEvent
Description
Tag deleted audit event representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the audit event. |
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
action - AuditEventAction!
|
The action that was performed. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actor - Actor!
|
The user who performed the action. |
actorIp - String
|
The IP address of the actor. |
tenantId - String!
|
The ID of the tenant. |
targetType - ResourceType!
|
The type of the target resources (e.g., DATASOURCE, POLICY, PURPOSE, PROJECT, TAG, USER). |
targets - [Resource!]!
|
The target resources of the action. |
relatedResources - [Resource!]!
|
Resources related to the action that are not targets. |
auditPayload - TagAuditPayload!
|
The tag audit event payload. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
receivedTimestamp - DateTime!
|
The timestamp the audit event was received and stored by Immuta. |
Example
{
"id": 4,
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Resource],
"relatedResources": [Resource],
"auditPayload": TagAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
TagDeletedAuditEventInput
Description
Tag deleted audit event input representation.
Fields
| Input Field | Description |
|---|---|
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actorId - String!
|
The ID of the user who performed the action. |
actorIdProvider - String!
|
The identity provider of the actor. |
profileId - String
|
The ID of the user's profile. |
userName - String
|
The name of the user. |
actorIp - String
|
The IP address of the actor. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
id - ID
|
The ID of the audit event. |
name - String!
|
The name of the tag. |
tags - [SingleTagInput!]!
|
An array of tags. |
deleteHierarchy - Boolean
|
True if you want to delete the entire hierarchy. |
Example
{
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "abc123",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actorId": "xyz789",
"actorIdProvider": "xyz789",
"profileId": "abc123",
"userName": "abc123",
"actorIp": "xyz789",
"eventTimestamp": "2007-12-03T10:15:30Z",
"id": "4",
"name": "abc123",
"tags": [SingleTagInput],
"deleteHierarchy": true
}
TagDeletedAuditPayload
Description
Tag deleted audit event payload representation.
Fields
| Field Name | Description |
|---|---|
type - String!
|
|
version - Float
|
The version of the Audit Event Schema |
name - String!
|
The name of the tag. |
deleteHierarchy - Boolean
|
True if you want to delete the entire hierarchy. |
tags - [SingleTag!]!
|
An array of tags. |
Example
{
"type": "xyz789",
"version": 123.45,
"name": "xyz789",
"deleteHierarchy": true,
"tags": [SingleTag]
}
TagFramework
Description
This framework includes additional tag metadata that allows the tag to be used to calculate the security profile of a resource when it is associated with a column or table.
Fields
| Field Name | Description |
|---|---|
id - String!
|
The tag framework ID. |
version - String!
|
The tag framework version. |
name - String!
|
The tag framework name. |
measures - FrameworkMeasures!
|
The tag framework measures. |
Example
{
"id": "abc123",
"version": "abc123",
"name": "xyz789",
"measures": FrameworkMeasures
}
TagFrameworkInput
Description
This framework includes additional tag metadata that allows the tag to be used to calculate the security profile of a resource when it is associated with a column or table.
Fields
| Input Field | Description |
|---|---|
id - String!
|
The tag framework ID. |
version - String!
|
The tag framework version. |
name - String!
|
The tag framework name. |
measures - FrameworkMeasuresInput!
|
The tag framework measures. |
Example
{
"id": "abc123",
"version": "xyz789",
"name": "abc123",
"measures": FrameworkMeasuresInput
}
TagModelType
Description
The type of model that the tag is being applied to or removed from (e.g., datasource, project).
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"DATASOURCE"
TagRemovedAuditEvent
Description
Tag removed audit event representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the audit event. |
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
action - AuditEventAction!
|
The action that was performed. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actor - Actor!
|
The user who performed the action. |
actorIp - String
|
The IP address of the actor. |
tenantId - String!
|
The ID of the tenant. |
targetType - ResourceType!
|
The type of the target resources (e.g., DATASOURCE, POLICY, PURPOSE, PROJECT, TAG, USER). |
targets - [Resource!]!
|
The target resources of the action. |
relatedResources - [Resource!]!
|
Resources related to the action that are not targets. |
auditPayload - TagAuditPayload!
|
The tag audit event payload. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
receivedTimestamp - DateTime!
|
The timestamp the audit event was received and stored by Immuta. |
Example
{
"id": 4,
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [Resource],
"relatedResources": [Resource],
"auditPayload": TagAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
TagRemovedAuditEventInput
Description
Tag removed audit event input representation.
Fields
| Input Field | Description |
|---|---|
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actorId - String!
|
The ID of the user who performed the action. |
actorIdProvider - String!
|
The identity provider of the actor. |
profileId - String
|
The ID of the user's profile. |
userName - String
|
The name of the user. |
actorIp - String
|
The IP address of the actor. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
id - ID
|
The ID of the audit event. |
modelType - TagModelType!
|
The type of model that the tag is being applied to or removed from (e.g., datasource, project). |
modelId - String!
|
The id of the model. |
subModelType - ResourceType
|
The type of sub-model (e.g., column is a sub-model type for a data source model). |
subModelId - String
|
The id of the sub-model. |
tags - [SingleTagInput!]!
|
An array of tags. |
Example
{
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "xyz789",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actorId": "xyz789",
"actorIdProvider": "xyz789",
"profileId": "xyz789",
"userName": "abc123",
"actorIp": "xyz789",
"eventTimestamp": "2007-12-03T10:15:30Z",
"id": 4,
"modelType": "DATASOURCE",
"modelId": "abc123",
"subModelType": "ATTRIBUTE",
"subModelId": "xyz789",
"tags": [SingleTagInput]
}
TagRemovedAuditPayload
Description
Tag removed audit event payload representation.
Fields
| Field Name | Description |
|---|---|
modelType - TagModelType!
|
The type of model that the tag is being applied to or removed from (e.g., datasource, project). |
modelId - String!
|
The id of the model. |
subModelType - ResourceType
|
The type of sub-model (e.g., column is a sub-model type for a data source model). |
subModelId - String
|
The id of the sub-model. |
type - String!
|
|
version - Float
|
The version of the Audit Event Schema |
tags - [SingleTag!]!
|
An array of tags. |
Example
{
"modelType": "DATASOURCE",
"modelId": "abc123",
"subModelType": "ATTRIBUTE",
"subModelId": "xyz789",
"type": "abc123",
"version": 987.65,
"tags": [SingleTag]
}
TagSensitivity
Description
The sensitivity of the associated tags.
Fields
| Field Name | Description |
|---|---|
score - SensitivityValue!
|
The maximum value of all sensitivity measures of the associated tags. |
Example
{"score": "NOT_APPLICABLE"}
TagSensitivityInput
Description
The sensitivity of the associated tags.
Fields
| Input Field | Description |
|---|---|
score - Int!
|
The maximum value of all sensitivity measures of the associated tags. |
Example
{"score": 123}
TagUpdatedAuditEvent
Description
Tag updated audit event representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the audit event. |
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
action - AuditEventAction!
|
The action that was performed. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actor - Actor!
|
The user who performed the action. |
actorIp - String
|
The IP address of the actor. |
tenantId - String!
|
The ID of the tenant. |
targetType - ResourceType!
|
The type of the target resources (e.g., DATASOURCE, POLICY, PURPOSE, PROJECT, TAG, USER). |
targets - [Resource!]!
|
The target resources of the action. |
relatedResources - [Resource!]!
|
Resources related to the action that are not targets. |
auditPayload - TagAuditPayload!
|
The tag audit event payload. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
receivedTimestamp - DateTime!
|
The timestamp the audit event was received and stored by Immuta. |
Example
{
"id": "4",
"sessionId": "xyz789",
"userAgent": "abc123",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Resource],
"relatedResources": [Resource],
"auditPayload": TagAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
TagUpdatedAuditEventInput
Description
Tag updated audit event input representation.
Fields
| Input Field | Description |
|---|---|
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actorId - String!
|
The ID of the user who performed the action. |
actorIdProvider - String!
|
The identity provider of the actor. |
profileId - String
|
The ID of the user's profile. |
userName - String
|
The name of the user. |
actorIp - String
|
The IP address of the actor. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
id - ID
|
The ID of the audit event. |
rootTag - String!
|
The root tag. |
deleteHierarchy - Boolean!
|
True if you want to delete the entire hierarchy. |
tags - [SingleTagInput!]!
|
An array of tags. |
Example
{
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "abc123",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actorId": "xyz789",
"actorIdProvider": "xyz789",
"profileId": "xyz789",
"userName": "xyz789",
"actorIp": "xyz789",
"eventTimestamp": "2007-12-03T10:15:30Z",
"id": 4,
"rootTag": "abc123",
"deleteHierarchy": true,
"tags": [SingleTagInput]
}
TagUpdatedAuditPayload
Description
Tag updated audit event payload representation.
Fields
| Field Name | Description |
|---|---|
type - String!
|
|
version - Float
|
The version of the Audit Event Schema |
rootTag - String!
|
The name of the tag. |
deleteHierarchy - Boolean!
|
True if you want to delete the entire hierarchy. |
tags - [SingleTag!]!
|
An array of tags. |
Example
{
"type": "xyz789",
"version": 123.45,
"rootTag": "abc123",
"deleteHierarchy": false,
"tags": [SingleTag]
}
TechnologyContext
Description
A representation of the technology context of an audit payload.
Fields
| Field Name | Description |
|---|---|
type - String!
|
The technology context type. |
Possible Types
| TechnologyContext Types |
|---|
Example
{"type": "xyz789"}
TimePrecision
Description
The date/time unit to group/bucket values.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"HOUR"
TimeWindowDataRule
Description
Restrict data shown to be older/newer than the given length.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
|
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
time - Float!
|
How old/new the data must be. |
isOlderOrNewer - OlderOrNewer!
|
Whether or not the time range checks for older or newer records. |
Possible Types
| TimeWindowDataRule Types |
|---|
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"time": 987.65,
"isOlderOrNewer": "OLDER"
}
TimeWindowDataRuleApplied
Description
Restrict data shown to be older/newer than the given length.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
|
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
ruleAppliedForUser - Boolean!
|
If this rule matched for the user running the query. |
time - Float!
|
How old/new the data must be. |
isOlderOrNewer - OlderOrNewer!
|
Whether or not the time range checks for older or newer records. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"ruleAppliedForUser": false,
"time": 987.65,
"isOlderOrNewer": "OLDER"
}
TimeWindowDataRuleGlobal
Description
Restrict data shown to be older/newer than the given length.
Fields
| Field Name | Description |
|---|---|
type - DataRuleType!
|
|
exceptions - DataEntitlementsConditions
|
If these conditions are met, the rule will not apply to this user. |
inclusions - DataEntitlementsConditions
|
If these conditions are met, the rule will apply to this user. |
time - Float!
|
How old/new the data must be. |
isOlderOrNewer - OlderOrNewer!
|
Whether or not the time range checks for older or newer records. |
Example
{
"type": "MASKING_HASH",
"exceptions": DataEntitlementsConditions,
"inclusions": DataEntitlementsConditions,
"time": 123.45,
"isOlderOrNewer": "OLDER"
}
TimeWindowPolicyApplied
Description
Time window data policy.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
global - Boolean!
|
|
policyKey - String
|
The key for the policy for usage with the v2 api |
name - String
|
The name of the policy |
id - String
|
The id of the policy |
dataPolicyType - DataPolicyType!
|
What type of data policy this represents. |
rules - [TimeWindowDataRuleApplied!]!
|
The time rules for this policy. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "xyz789",
"global": true,
"policyKey": "xyz789",
"name": "xyz789",
"id": "abc123",
"dataPolicyType": "MASKING",
"rules": [TimeWindowDataRuleApplied]
}
TimeWindowPolicyGlobal
Description
Time window data policy.
Fields
| Field Name | Description |
|---|---|
type - PolicyType!
|
If the policy is a data or subscription policy. |
rationale - String
|
The description of the policy. |
dataPolicyType - DataPolicyType!
|
What type of data policy this represents. |
rules - [TimeWindowDataRuleGlobal!]!
|
The time rules for this policy. |
Example
{
"type": "SUBSCRIPTION",
"rationale": "abc123",
"dataPolicyType": "MASKING",
"rules": [TimeWindowDataRuleGlobal]
}
UnknownUser
Description
An unknown user resource representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
Always set to the string "Unknown". |
name - String!
|
Always set to the string "Unknown". |
type - ResourceType!
|
The type of the resource - UNKNOWN_USER. |
Example
{
"id": 4,
"name": "abc123",
"type": "ATTRIBUTE"
}
UpdateExportJobInput
Description
The export job to update.
Example
{
"id": "abc123",
"endTimestamp": "2007-12-03T10:15:30Z",
"status": "RUNNING",
"failureReason": "xyz789"
}
UpdateExportJobTaskInput
Description
The export job task to update.
Fields
| Input Field | Description |
|---|---|
id - String!
|
The export job task ID. |
endTimestamp - DateTime
|
The timestamp when the task ended. |
attempts - Float
|
The number of times the task attempted to run a failed job due to retries. |
status - JobTaskStatus
|
The status of the task. |
failureReason - String
|
The reason the task failed, if applicable. |
Example
{
"id": "abc123",
"endTimestamp": "2007-12-03T10:15:30Z",
"attempts": 123.45,
"status": "RUNNING",
"failureReason": "xyz789"
}
UpdateS3ExportConfigurationInput
Description
The S3 export configuration to update.
Fields
| Input Field | Description |
|---|---|
interval - Interval!
|
The interval of the export. |
bucket - String!
|
The S3 bucket name. |
path - String
|
The S3 bucket path - optional. |
region - String!
|
The S3 bucket region. |
accessKeyId - String!
|
The AWS Access Key ID. |
secretAccessKey - String!
|
The AWS Secret Access Key. |
id - ID
|
The ID of the export configuration. |
Example
{
"interval": "EVERY_2_HOURS",
"bucket": "xyz789",
"path": "xyz789",
"region": "abc123",
"accessKeyId": "xyz789",
"secretAccessKey": "xyz789",
"id": 4
}
User
Description
An Immuta user resource representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the user. |
name - String!
|
The name of the user. |
type - ResourceType!
|
The type of the resource - USER. |
identityProvider - String!
|
The identity provider of the user. |
profileId - ID
|
The ID of the user's profile. |
Example
{
"id": "4",
"name": "xyz789",
"type": "ATTRIBUTE",
"identityProvider": "immuta",
"profileId": "4"
}
UserActor
Description
An Immuta User who is performing an action.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the user. |
name - String!
|
The name of the user. |
type - ResourceType!
|
The type of the resource - USER_ACTOR. |
identityProvider - String!
|
The identity provider of the user. |
profileId - ID
|
The ID of the user's profile. |
impersonatedBy - String
|
If the event was run by an impersonated user, this field identifies the user who directed the impersonation. |
Example
{
"id": "4",
"name": "xyz789",
"type": "ATTRIBUTE",
"identityProvider": "abc123",
"profileId": "4",
"impersonatedBy": "xyz789"
}
UserAuditPayload
Description
The user audit event payload.
Possible Types
| UserAuditPayload Types |
|---|
Example
{"type": "xyz789", "version": 987.65}
UserAuthenticatedAuditEvent
Description
The user authenticated audit event representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the audit event. |
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
action - AuditEventAction!
|
The action that was performed. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actor - Actor!
|
The user who performed the action. |
actorIp - String
|
The IP address of the actor. |
tenantId - String!
|
The ID of the tenant. |
targetType - ResourceType!
|
The type of the target resources (e.g., DATASOURCE, POLICY, PURPOSE, PROJECT, TAG, USER). |
targets - [User!]!
|
The user being impersonated during authentication. |
relatedResources - [Resource!]!
|
Resources related to the action that are not targets. |
auditPayload - UserAuthenticatedAuditPayload!
|
The user authenticated audit event payload representation. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
receivedTimestamp - DateTime!
|
The timestamp the audit event was received and stored by Immuta. |
Example
{
"id": "4",
"sessionId": "abc123",
"userAgent": "xyz789",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "xyz789",
"targetType": "ATTRIBUTE",
"targets": [User],
"relatedResources": [Resource],
"auditPayload": UserAuthenticatedAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
UserAuthenticatedAuditEventInput
Description
The user authenticated audit event input representation.
Fields
| Input Field | Description |
|---|---|
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actorId - String!
|
The ID of the user who performed the action. |
actorIdProvider - String!
|
The identity provider of the actor. |
profileId - String
|
The ID of the user's profile. |
userName - String
|
The name of the user. |
actorIp - String
|
The IP address of the actor. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
id - ID
|
The ID of the audit event. |
impersonatedId - String
|
The userId (email) of the user being impersonated. |
impersonatedIdProvider - String
|
The identity provider of the user being impersonated. |
authenticationMethod - String!
|
The method through which the user authenticated. |
Example
{
"sessionId": "abc123",
"userAgent": "abc123",
"requestId": "abc123",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actorId": "xyz789",
"actorIdProvider": "xyz789",
"profileId": "xyz789",
"userName": "xyz789",
"actorIp": "xyz789",
"eventTimestamp": "2007-12-03T10:15:30Z",
"id": "4",
"impersonatedId": "abc123",
"impersonatedIdProvider": "abc123",
"authenticationMethod": "abc123"
}
UserAuthenticatedAuditPayload
Description
The user authenticated audit event payload representation.
Fields
| Field Name | Description |
|---|---|
type - String!
|
|
version - Float
|
The version of the Audit Event Schema |
impersonatedId - String
|
The userId (email) of the user being impersonated. |
impersonatedIdProvider - String
|
The identity provider of the user being impersonated. |
authenticationMethod - String!
|
The method through which the user authenticated. |
Example
{
"type": "abc123",
"version": 123.45,
"impersonatedId": "xyz789",
"impersonatedIdProvider": "xyz789",
"authenticationMethod": "xyz789"
}
UserUpdatedAuditEvent
Description
The user updated audit event representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the audit event. |
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
action - AuditEventAction!
|
The action that was performed. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actor - Actor!
|
The user who performed the action. |
actorIp - String
|
The IP address of the actor. |
tenantId - String!
|
The ID of the tenant. |
targetType - ResourceType!
|
The type of the target resources (e.g., DATASOURCE, POLICY, PURPOSE, PROJECT, TAG, USER). |
targets - [User!]!
|
The target users. |
relatedResources - [Resource!]!
|
Resources related to the action that are not targets. |
auditPayload - UserAuditPayload!
|
The user audit event payload. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
receivedTimestamp - DateTime!
|
The timestamp the audit event was received and stored by Immuta. |
Example
{
"id": 4,
"sessionId": "abc123",
"userAgent": "xyz789",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [User],
"relatedResources": [Resource],
"auditPayload": UserAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
UserUpdatedAuditEventInput
Description
The user updated audit event input representation.
Fields
| Input Field | Description |
|---|---|
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actorId - String!
|
The ID of the user who performed the action. |
actorIdProvider - String!
|
The identity provider of the actor. |
profileId - String
|
The ID of the user's profile. |
userName - String
|
The name of the user. |
actorIp - String
|
The IP address of the actor. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
id - ID
|
The ID of the audit event. |
userId - String!
|
The user ID. |
userIdProvider - String!
|
The user provider to which the user belongs. |
externalUserIds - [ExternalUserIdInput!]!
|
The external user IDs. |
Example
{
"sessionId": "abc123",
"userAgent": "xyz789",
"requestId": "abc123",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actorId": "abc123",
"actorIdProvider": "abc123",
"profileId": "xyz789",
"userName": "abc123",
"actorIp": "xyz789",
"eventTimestamp": "2007-12-03T10:15:30Z",
"id": 4,
"userId": "xyz789",
"userIdProvider": "abc123",
"externalUserIds": [ExternalUserIdInput]
}
UserUpdatedAuditPayload
Description
The user updated audit event payload representation.
Fields
| Field Name | Description |
|---|---|
type - String!
|
|
version - Float
|
The version of the Audit Event Schema |
userId - String!
|
The user ID. |
userIdProvider - String!
|
The user provider to which the user belongs. |
externalUserIds - [ExternalUserId!]!
|
The external user IDs. |
Example
{
"type": "xyz789",
"version": 123.45,
"userId": "abc123",
"userIdProvider": "xyz789",
"externalUserIds": [ExternalUserId]
}
Webhook
Description
An Immuta webhook resource representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the webhook. |
name - String!
|
The name of the webhook. |
type - ResourceType!
|
The type of the resource - WEBHOOK. |
Example
{
"id": 4,
"name": "abc123",
"type": "ATTRIBUTE"
}
WebhookActionType
Description
The action type for the webhook.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"TRIGGERED"
WebhookAuditPayload
Description
The webhook audit event payload.
Possible Types
| WebhookAuditPayload Types |
|---|
Example
{"type": "xyz789", "version": 987.65}
WebhookCreatedAuditEvent
Description
The webhook created audit event representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the audit event. |
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
action - AuditEventAction!
|
The action that was performed. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actor - Actor!
|
The user who performed the action. |
actorIp - String
|
The IP address of the actor. |
tenantId - String!
|
The ID of the tenant. |
targetType - ResourceType!
|
The type of the target resources (e.g., DATASOURCE, POLICY, PURPOSE, PROJECT, TAG, USER). |
targets - [Webhook!]!
|
The target webhooks. |
relatedResources - [Resource!]!
|
Resources related to the action that are not targets. |
auditPayload - WebhookAuditPayload!
|
The webhook audit event payload. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
receivedTimestamp - DateTime!
|
The timestamp the audit event was received and stored by Immuta. |
Example
{
"id": 4,
"sessionId": "xyz789",
"userAgent": "abc123",
"requestId": "abc123",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "abc123",
"actor": UserActor,
"actorIp": "abc123",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Webhook],
"relatedResources": [Resource],
"auditPayload": WebhookAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
WebhookCreatedAuditEventInput
Description
The webhook created audit event input representation.
Fields
| Input Field | Description |
|---|---|
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actorId - String!
|
The ID of the user who performed the action. |
actorIdProvider - String!
|
The identity provider of the actor. |
profileId - String
|
The ID of the user's profile. |
userName - String
|
The name of the user. |
actorIp - String
|
The IP address of the actor. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
id - ID
|
The ID of the audit event. |
webhooks - [WebhookInput!]!
|
An array of webhooks. |
Example
{
"sessionId": "xyz789",
"userAgent": "abc123",
"requestId": "abc123",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actorId": "xyz789",
"actorIdProvider": "abc123",
"profileId": "xyz789",
"userName": "abc123",
"actorIp": "xyz789",
"eventTimestamp": "2007-12-03T10:15:30Z",
"id": 4,
"webhooks": [WebhookInput]
}
WebhookCreatedAuditPayload
Description
The webhook created audit event payload representation.
Fields
| Field Name | Description |
|---|---|
type - String!
|
|
version - Float
|
The version of the Audit Event Schema |
webhooks - [SingleWebhook!]!
|
An array of webhooks. |
Example
{
"type": "xyz789",
"version": 123.45,
"webhooks": [SingleWebhook]
}
WebhookDeletedAuditEvent
Description
The webhook deleted audit event representation.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
The ID of the audit event. |
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
action - AuditEventAction!
|
The action that was performed. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actor - Actor!
|
The user who performed the action. |
actorIp - String
|
The IP address of the actor. |
tenantId - String!
|
The ID of the tenant. |
targetType - ResourceType!
|
The type of the target resources (e.g., DATASOURCE, POLICY, PURPOSE, PROJECT, TAG, USER). |
targets - [Webhook!]!
|
The target webhooks. |
relatedResources - [Resource!]!
|
Resources related to the action that are not targets. |
auditPayload - WebhookAuditPayload!
|
The webhook audit event payload. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
receivedTimestamp - DateTime!
|
The timestamp the audit event was received and stored by Immuta. |
Example
{
"id": 4,
"sessionId": "xyz789",
"userAgent": "xyz789",
"requestId": "xyz789",
"action": "ATTRIBUTE_APPLY",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actor": UserActor,
"actorIp": "xyz789",
"tenantId": "abc123",
"targetType": "ATTRIBUTE",
"targets": [Webhook],
"relatedResources": [Resource],
"auditPayload": WebhookAuditPayload,
"eventTimestamp": "2007-12-03T10:15:30Z",
"receivedTimestamp": "2007-12-03T10:15:30Z"
}
WebhookDeletedAuditEventInput
Description
The webhook deleted audit event input representation.
Fields
| Input Field | Description |
|---|---|
sessionId - String
|
The session ID of the actor who performed the action. |
userAgent - String
|
The user agent application used by the actor who performed the action. |
requestId - String
|
The API request ID that triggered the action, if applicable. |
actionStatus - ActionStatus!
|
The status of the action. |
actionStatusReason - String
|
The reason for the action status, if applicable (e.g., a listing of errors that occurred completing the action). |
actorId - String!
|
The ID of the user who performed the action. |
actorIdProvider - String!
|
The identity provider of the actor. |
profileId - String
|
The ID of the user's profile. |
userName - String
|
The name of the user. |
actorIp - String
|
The IP address of the actor. |
eventTimestamp - DateTime!
|
The timestamp of the event. |
id - ID
|
The ID of the audit event. |
webhookId - String
|
The ID of the webhook. |
name - String
|
The name of the webhook. |
Example
{
"sessionId": "abc123",
"userAgent": "abc123",
"requestId": "abc123",
"actionStatus": "SUCCESS",
"actionStatusReason": "xyz789",
"actorId": "abc123",
"actorIdProvider": "abc123",
"profileId": "xyz789",
"userName": "abc123",
"actorIp": "xyz789",
"eventTimestamp": "2007-12-03T10:15:30Z",
"id": "4",
"webhookId": "abc123",
"name": "abc123"
}
WebhookDeletedAuditPayload
Description
The webhook deleted audit event payload representation.
Example
{
"type": "xyz789",
"version": 123.45,
"webhookId": "4",
"name": "abc123"
}
WebhookInput
Description
A webhook.
Fields
| Input Field | Description |
|---|---|
id - String
|
The ID of the webhook. |
url - String!
|
The URL for the webhook. |
name - String
|
The name of the webhook. |
global - Boolean!
|
Global flag for the webhook. |
notificationType - [String!]!
|
The notification type for the webhook. |
actionType - WebhookActionType
|
The action type for the webhook. |
Example
{
"id": "abc123",
"url": "xyz789",
"name": "xyz789",
"global": true,
"notificationType": ["xyz789"],
"actionType": "TRIGGERED"
}