Private preview: This feature is only available to select accounts. Contact your Immuta support professional for details.
Data source assignment to a domain will happen continuously without user intervention as tags are added or removed from data sources. Any tag in Immuta can be used for domain assignment (e.g., an external catalog tag or a tag manually applied by a user).
Auto-assignment is implemented with many Immuta features and components:
A user with the GOVERNANCE permission creates a domain.
During creation, the user decides if data sources should be added or . The user picks dynamically in this example.
The tag for dynamic assignment is selected by the user. Only one tag can be selected per domain.
The domain is created; it has all the data sources that already exist with the selected tag.
New data sources are created through schema monitoring or object sync:
Immuta connects them to the external catalog, pulling in the appropriate tags.
Once the data sources get the domain assignment tag, they are automatically added to the domain with the selected, matching tag.
Tags may change on existing data sources:
Updated by a user: If a user adds or removes the domain assignment tag from a data source, the data source will be added or removed from the domain.
Updated in an external catalog: If changes come from an external catalog, those changes will be pulled into Immuta every 24 hours. Any changes to tags, and therefore domain assignment, will be enacted within that timeframe.
The following events are audited in UAM that relate to auto-assignment:
A domain’s data sources are updated: When a domain's data sources change, it creates a UAM audit event.
A tag is applied to or removed from a data source: When a data source's tag is changed, which could lead to a data source being removed from a domain, it creates a UAM audit event for the tag change.
Required Immuta permission: GOVERNANCE
Navigate to the Domains page.
Click + New Domain.
Enter a Name and Description for your domain.
Select Dynamically or Manually for data source assignment:
Dynamically: Data sources are added based on a tag. Every data source with that tag is added to the domain, and the domain will continually be updated to ensure every data source with that tag is in the domain. The data sources update automatically as necessary.
Use the search box to start typing a tag name.
Select a tag to use to dynamically assign data sources to the domain now and in the future. The data sources with that tag will populate in the table. Note: These data sources can only be added or removed by editing the tag; no manual changes are supported.
Manually: Data sources are individually picked by the domain owner. No changes will be made to the domain's data sources without user intervention.
Use the list of data sources and select the checkbox for the data sources you want in the domain.
Click Next.
Opt to assign user permissions; select how you want to assign permissions in the dropdown:
Individual users: All the users you select will get the permission you assign.
Use the search box to start typing a username and select the user from the list.
Use the dropdown to select the permission to grant the user.
Users in group: All the users in the group you select will get the permission you assign. If any user is added or removed from the group, their permission will be updated.
Use the search box to start typing a group name and select the group from the list.
Use the dropdown to select the permission to grant the user.
Click Next. Review the information, then select Create Domain.
For more information about domains and their current behavior, see the Domain reference guide.
For details about creating domains in the current workflow, see the Getting started with domains guide.