Managing User Metadata
This guide focuses on how to organize and manage user metadata, which is used by Immuta to identify users targeted by policy:
To manage user metadata with this particular use case, you should use the ABAC method as described in the Governance use cases introduction.
This is because you must know the contents and sensitivity of every column in your data ecosystem to follow this use case. With orchestrated RBAC, you tag your columns with access logic baked in. ABAC means you tag your columns with facts: what is in the column. It is feasible to do the latter, extremely hard to do the former (unless you use tag lineage described in the next topic), especially in a data ecosystem with constant change. This means that your users will need to have facts about them that drive policy decisions (ABAC) rather than single variables that drive access (as in orchestrated-RBAC).
Understanding that, read the ABAC section in the automate data access control decisions use case's Managing user metadata guide.
Next steps
Learn
Read these guides to learn more about using Immuta to mask sensitive data.
Compliantly open more sensitive data for ML and analytics: Review this use case to understand how to mask or open up sensitive data to certain users for machine learning and analytics while remaining compliant.
Managing data metadata: This guide describes how to manage your data metadata and create meaningful tags before you use them to author policies.
Author policy: This guide describes how to define your global data policy logic.
Implement
Follow these guides to start using Immuta to mask sensitive data.
Manage user metadata. Tag your users with attributes and groups that are meaningful for Immuta global policies.
Manage data metadata. Tag your columns with tags that are meaningful.
Author policy. Define your global data policy logic.
Optionally test and deploy policy.
Last updated
Was this helpful?