Governance Use Cases
Select your use case
Immuta allows you to secure your data through various access control policies you configure.
The guides throughout this section discuss organizing and managing data and user metadata to enforce access controls, focusing specifically on the Immuta features highlighted in the image below:


You will learn about each of these features, how they interact, and how to use them within your data ecosystem to effectively govern your data and meet your business objectives. The illustration above shows the relationships among the major features and components of Immuta.
Choose your path: orchestrated RBAC or ABAC
Before selecting a use case, you need to decide which access control category you fall in. This decision drives how you will manage user and data metadata as well as policies, so it's a critical decision.
If you aren’t sure which category you fall in, you should strive for ABAC. While it may seem more complicated to get started, in the long run it will provide you powerful flexibility and scalability of policy management. In this method, you tag your users and data with facts and prescribe policies that leverage those facts to make real-time decisions. ABAC supports both use cases below.
Orchestrated RBAC puts more strain on managing access decisions outside of your access logic (Immuta) because you need all access decisions in a single attribute on the user. Because of this, it more closely resembles the role explosion problem, and if you incorrectly select this path you will end up there over time. Orchestrated RBAC is tag-orchestrated RBAC and is supported by Immuta (in fact, many organizations stick to this because of the benefits of the tag-orchestration). Orchestrated RBAC can be used in the automate data access control decisions use case below.
Use cases
Immuta allows you to build complex access control policies in a simple, scalable manner. However, there are many different ways organizations think about access control. Because of this, following one of the common use cases below can speed up your onboarding process. Choose the use case below that best fits your goals. If no use case fits, contact your Immuta representative for a more personalized onboarding experience:
Automate data access control decisions: This is the most common use case. It walks you through how to build table access control policies in a scalable manner and clarifies how to think about table access and adjust existing paradigms. ABAC and orchestrated RBAC are supported in this use case.
Compliantly open more sensitive data for ML and analytics: This is an approach where every user has access to every table, yet you mask the sensitive columns appropriately using data policies. You can apply some of the concepts from the automate data access control decisions use case to how you think about masking policy rules. Immuta recommends using ABAC for this use case.
Last updated
Was this helpful?