Understand the Request app permissions
Permissions in the Request app scale, so that you can give users as little, or as much, power as they should have in Immuta.
Anything a data steward can do a data product manager can do.
Anything a data product manager can do a user with GOVERNANCE permission can do.
However, both data product managers and GOVERNANCE users must be assigned as a data steward in order to approve or deny an access request.
Can act in each data product their request form is assigned to
Can act in the domain they have the Manage Data Products permission in
Can act across all of Immuta, regardless of domain
See the table below for the full breakdown of what actions require which Immuta permissions:
Create a domain
Yes
Grant Manage Data Products in a domain
Yes
Manage a data product
Yes
Yes
Make access request determinations
Yes
Alter a data product
Yes
Yes
Yes (partial)
Create a request form
Yes
Yes
Edit a request form
Yes
Yes
Yes (if assigned)
Attach a request form to an asset
Yes
Attach a request form to a data product
Yes
Yes (if owner)
Attach a data steward to an asset
Yes
Create an access request
Yes
Yes
Yes
Yes
Revoke a member from a data product
Yes
Yes
Yes
Revoke a masking exception
Yes
Yes
Yes
Configure webhooks
Yes
Customize the Request app
Yes
Install Immuta Slack app
Yes
Enable Slack and email notifications
Yes, all users
Yes, self
Last updated
Was this helpful?
Was this helpful?
