Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
This page details the immuta datasource
command, its subcommands and arguments, and the workflow for creating, renaming, and deleting data sources.
immuta datasource
This command allows you to list, save, delete, and rename data sources in your instance of Immuta. The table below illustrates subcommands and arguments.
list keys
List all data source connection keys.
n/a
list sources
List all data sources for a given connection key.
connection key
save
Create or update all specified data sources in Immuta given connection information to the remote database.
filepath
delete
Delete all data sources for the given connection key.
connection key
rename
Rename the data source connection key.
connection key
Use these options to get more details about the datasource
command or any of its subcommands:
-h
--help
immuta datasource save
Add your remote database's connection information in a valid YAML file for the V2 API. Additional payload examples for creating data sources can be found here:
Run immuta datasource save <filepath> [--wait int] [--dryRun]
, referencing the file you just created. The options you can specify include
-d
or --dryRun
: No updates will actually be made to the data source(s).
-h
or --help
: Get more information about the command.
-w
or --wait int
: Specify how long to wait for data source creation.
The following example illustrates a user saving an updated datasourceInfo.yaml
file, first as a dry run and then by specifying that the data sources wait 5 seconds to be created.
immuta datasource rename
Run immuta datasource list keys
to view a list of data source connection keys. Options you can specify include
-h
or --help
: Get more information about the command.
-v
or --verbose
: Print response as JSON.
To rename one of your data source connection keys, run immuta datasource rename <old connection key> <new connection key>
. You can include the -h
or --help
options to get more information about this command.
The following example illustrates a user renaming a data source connection key to demonstration
.
immuta datasource delete
This command will delete all data sources for the connection key you specify.
Run immuta datasource list keys
to view a list of data source connection keys. Options you can specify include
-h
or --help
: Get more information about the command.
-v
or --verbose
: Print response as JSON.
Opt to view a list of the data sources in this connection key by running immuta datasource list sources <connection key>
.
Run immuta datasource delete <connection key> [--dryRun]
to delete all of these data sources. Options you can specify include
-d
or --dryRun
: No updates will actually be made.
-h
or --help
: Get more information about the command.
The following example illustrates a user deleting the demonstration
connection key and all its data sources.
This page details the immuta
command, its subcommands and arguments, and the workflow for cloning a tenant and using the Immuta API.
immuta
This command allows you to manage your Immuta tenant by creating data sources, projects, policies, and purposes. The table below illustrates the immuta
subcommands and arguments.
Make an authenticated Immuta API request.
endpoint
Clone all data sources, projects, purposes, and policies information into files.
directory path
Generate shell completion scripts for Immuta CLI commands.
bash
, zsh
, fish
, or powershell
Specify an Immuta tenant URL and API Key to be saved to the Immuta configuration file.
instance url
and Immuta API key
Manage data sources.
list
, delete
, rename
, and save
Manage Global Policies.
list
, delete
, rename
, and save
Manage projects.
list
, delete
, rename
, and save
Manage purposes.
list
, delete
, and save
version
The version of the Immuta CLI.
n/a
To view a list of the commands available in your current Immuta CLI version, run immuta
with no additional arguments.
Options you can specify with the immuta
command include
--config string
: Specify the configuration file name and where it will be saved. (The default is $HOME/.immutacfg.yaml
.)
-h
or --help
: Get more information about the command.
-p
or --profile string
: Specify the profile for what tenant or API the CLI will use.
immuta clone
You need the GOVERNANCE
permission in Immuta to run this command.
If you have an Immuta tenant that was set up without using the API, you can use the immuta clone
command to save all your data sources, projects, policies, and purposes as payloads:
This command will create valid V2 API YAML files for all your data sources, projects, policies, and purposes. Within these files, database passwords and user files (such as a BigQuery auth file) will be removed; instead passwords will appear as {{EnvVar "dbPass"}}
. The CLI will then read the environment variable dbPass
to fill in the password if you use the cloned payload to create or update a data source. File contents will appear as {{ReadFile "<filePath>"}}
, and then the CLI will read the file at the path and replace the value when commands are run.
--force
: Overwrite existing output directory targets. If this flag is omitted, you will receive an error when the output directory exists and is not empty.
-h
or --help
: Get details about the command.
Tags for data sources and projects are not returned.
Data sources will not have the sources
field, so if these payloads are used in create
commands, all possible tables will be created as data sources.
immuta api
This command makes an authenticated HTTP(s) request to the Immuta API and prints the response. The default HTTP request method is GET
, but POST
is used if any parameters were added. You can override the method with --method
:
-b
, --body string
: Unmodified string to be sent as payload body.
-d
, --data key=value
: Add a typed parameter in key=value
format. The --data
flag behaves like --raw-data
, with type conversion based on the format of the value. Literal values, true
, false
, null
, and integers are converted to appropriate JSON types. This will be sent in as the request payload.
--data-raw key=value
: Add a string parameter in key=value
format. The --data
flag behaves like --raw-data
, with type conversion based on the format of the value. Literal values, true
, false
, null
, and integers are converted to appropriate JSON types. This will be sent in as the request payload.
-H
, --header key:value
: Add an HTTP request header in key:value
format.
-h
, --help
: Get details about the command.
--input <filepath>
: A raw request body may be passed from the outside via the file specified to use as body for the HTTP request. Pass in '-' for standard input.
-X
, --method string
: The HTTP method for the request (default GET
).
-P
, --path-param key=value
: Add a string parameter in key=value format. Will replace {key}
in the url with value
.
-q
, --query key=value
: Add a string parameter in key=value format. The key value pairs are serialized into URL query parameters.
-t
, --outputTemplate string
: Format the response using a Go template. The provided Go template is rendered using the JSON data as input. For the syntax of Go templates, see this document.
The documentation below provides descriptions and examples of immuta api
options.
The Immuta CLI allows users to interact with their Immuta tenant using the command line to manage data sources, projects, policies, and purposes. This feature allows you to have all of your Immuta tenant information in a Git repository and use the CLI to sync your Immuta tenant with the files in your Git repository. To install the Immuta CLI, follow this installation guide.
You can navigate this section of documentation in two different ways: by workflow or by command.
The navigation in the left pane is organized by major workflows you would use in Immuta. Each workflow contains relevant commands. Follow this chronological outline to find commands relevant to your workflow.
Below is a list of major commands available in the Immuta CLI. Click a command to navigate to its corresponding page that details subcommands, options, and arguments.
immuta
: Interact with your Immuta tenant to create data sources, projects, policies, and purposes.
immuta api
: Make an authenticated Immuta API request. This command will let you hit any endpoint in the Immuta API, including version 1 endpoints. For example, immuta api /tag
will hit the v1 endpoint to list tags. This allows you to use the immuta api
command instead of something like Postman or cURL to interact with the V1 API.
immuta clone
: Clone all data sources, projects, purposes, and policies information into files.
immuta completion
: Generate shell completion scripts.
immuta configure
: Specify an Immuta tenant url and API key to be saved to the Immuta configuration file.
immuta datasource
: Manage data sources.
immuta policy
: Manage Global Policies.
immuta project
: Manage projects.
immuta purpose
: Manage purposes.
immuta audit exportConfig
: Manage the audit export.
This page details how to install the Immuta CLI and tab completions.
macOS CLI Binary Warning: When installing the macOS CLI binary, macOS displays the warning "could not verify that this app is free from malware" when the binary is run. Navigate to the Security & Privacy section in your System Preferences to allow the binary to be run.
Download the binary that corresponds to your operating system.
The latest stable binaries can be found here:
Linux x86_64 (amd64)
Linux ARMv8 (arm64)
The latest stable binaries can be found here:
Darwin x86_64 (amd64)
Darwin ARMv8 (arm64)
The latest stable binary can be found here: https://immuta-platform-artifacts.s3.amazonaws.com/cli/latest/immuta_cli_windows_amd64.
Download and add the binary to a directory in your system's $PATH as immuta.exe
.
The SHA 256 checksum is available to verify the file at https://immuta-platform-artifacts.s3.amazonaws.com/cli/latest/immuta_cli_SHA256SUMS.
Run immuta configure
.
Enter the URL of your Immuta tenant in the interactive prompt.
Enter your Immuta API Key in the interactive prompt:
Below is the configuration file that will be saved at ~/.immutacfg.yaml
:
To generate shell completion scripts for Immuta CLI commands, run immuta completion [bash|zsh|fish|powershell]
. You can opt to specify -h
or --help
for instructions on installing tab completions for Bash, Zsh, Fish, and PowerShell commands and flags.
Use the tabs below for specific instructions for each of these shells.
Install bash-completion https://github.com/scop/bash-completion.
Add this to your ~/.bash_profile
:
Generate an _immuta
completion script and save it in your $fpath
:
Ensure that the following is present in your ~/.zshrc
:
Generate an immuta.fish
completion script:
Run immuta completion powershell | Out-String | Invoke-Expression
.
To load completions for every new session, run
Source this immuta.ps1
from your PowerShell profile.
The exact configuration file locations might vary based on your system. Make sure to restart your shell before you test whether completions are working.
Sensitive data discovery must be enabled.
immuta sdd classifier
This command allows you to manage identifiers that will apply tags to data that matches the criteria you specify during SDD. The table below illustrates subcommands and arguments.
save
Create an identifier.
None
Delete the passed identifier.
None
Get an identifier.
ls
, list
Search all identifiers.
None
Update an identifier.
Use these options to get more details about the sdd classifier
command or any of its subcommands:
-h
--help
Save your identifier to a valid YAML or JSON file using these attributes.
name
string
Unique, request-friendly identifier name.
Yes
displayName
string
Unique, human-readable identifier name.
Yes
description
string
The identifier description.
Yes
type
string
The type of criteria: regex
, dictionary
, columnNameRegex
, or builtIn
.
Yes
config
object
The configuration of the identifier, which may include config.values
, config.caseSensitive
, config.regex
, config.columnNameRegex
, and config.tags
.
Yes
config.tags
array[string]
The name of the tags to apply to the data source.
Yes
config.regex
string
A case-insensitive regular expression to match against column values.
No
config.columnNameRegex
string
A case-insensitive regular expression to match against column names.
No
config.values
array[string]
The list of words to include in the dictionary.
No
config.caseSensitive
boolean
Indicates whether or not values
are case sensitive. Defaults to false
.
No
Examples are provided below.
Run immuta sdd classifier create <filepath> [flags]
, referencing the file you just created. The options you can specify include
-h
or --help
: Get more information about the command.
-o
or --output json | yaml
: Specify the output format.
--outputTemplate string
: Format the response using a Go template.
Run immuta sdd classifier get <classifierName> [flags]
, specifying the name of the identifier you would like to get. Options you can specify include
-h
or --help
: Get more information about the command.
-o
or --output json | yaml
: Specify the output format.
--outputTemplate string
: Format the response using a Go template.
The example below illustrates a user getting an identifier called ACCOUNT_NUMBER_IDENTIFIER.
Run immuta sdd classifier search [string] [flags]
to list all identifiers or search identifiers by name. Options you can specify include
-h
, --help
: Help for search.
--limit int
The search limit for pagination (default 25).
--offset int
: The search offset for pagination.
--order asc | desc
: The sort order.
-o
, --output json | yaml
: The output format.
--outputTemplate string
: Format the response using a Go template.
-s
, --sort id | name | displayName | type | createdAt | updatedAt
: Field to sort by.
--type regex | columnNameRegex | dictionary | builtIn
: Limit results to the specified criteria type.
The example below illustrates a user searching all identifiers containing account
.
Update your identifier in a valid YAML or JSON file using these attributes:
name
string
Unique, request-friendly identifier name.
Yes
displayName
string
Unique, human-readable identifier name.
Yes
description
string
The identifier description.
Yes
type
string
The type of criteria: regex
, dictionary
, columnNameRegex
, or builtIn
.
Yes
config
object
The configuration of the identifier, which may include config.values
, config.caseSensitive
, config.regex
, config.columnNameRegex
, and config.tags
.
Yes
config.tags
array[string]
The name of the tags to apply to the data source.
Yes
config.regex
string
A case-insensitive regular expression to match against column values.
No
config.columnNameRegex
string
A case-insensitive regular expression to match against column names.
No
config.values
array[string]
The list of words to include in the dictionary.
No
config.caseSensitive
boolean
Indicates whether or not values
are case sensitive. Defaults to false
.
No
Run immuta sdd classifier update <classifierName> <filepath> [flags]
, referencing the file you just updated. The options you can specify include
-h
or --help
: Get more information about the command.
-o
or --output json | yaml
: Specify the output format.
--outputTemplate string
: Format the response using a Go template.
The example below illustrates a user updating an identifier named ACCOUNT_NUMBER_IDENTIFIER.
Run immuta sdd classifier delete <classifierName> [flags]
to delete the identifier. The options you can specify include
-h
or --help
: Get more information about the command.
-o
or --output json | yaml
: Specify the output format.
--outputTemplate string
: Format the response using a Go template.
immuta sdd
This command allows you to customize and run SDD in your instance of Immuta. The table below illustrates subcommands and arguments.
Manage SDD identifiers.
Run SDD on specific data sources or all data sources.
Manage SDD frameworks.
Use these options to get more details about the sdd
command or any of its subcommands:
-h
--help
Two common workflows for using SDD are outlined below. The first illustrates how to apply a global framework to all data sources, while the second outlines how users can create and apply frameworks to data sources they own.
The tutorials linked below show how to use the CLI to complete this workflow. For an overview of how sensitive data discovery works, see this overview.
Data governor creates a framework using one or more identifiers.
Data governor creates one or more identifiers.
Data owner triggers SDD on one or more data sources and resulting tags are applied to columns where criteria were met.
Sensitive data discovery must be enabled.
immuta sdd template
This command allows you to manage identification frameworks, which are a collection of identifiers and settings used to drive the configuration of SDD runs. The table below illustrates subcommands and arguments.
save
Create an identification framework.
None
Delete the passed identification framework.
None
Get an identification framework.
None
Get the global framework.
ls
, list
Search all identification frameworks.
None
Update an identification framework.
Use these options to get more details about the sdd template
command or any of its subcommands:
-h
--help
Save your framework to a valid YAML or JSON file using these attributes:
name
string
Unique, request-friendly framework name.
Yes
displayName
string
Unique, human-readable framework name.
Yes
description
string
The framework description.
Yes
classifiers
array
Includes each identifier's name
and overrides
for minConfidence
and tags
.
Yes
An example is provided below.
Run immuta sdd template create <filepath> [flags]
, referencing the file you just created. The options you can specify include
-h
or --help
: Get more information about the command.
-o
or --output json | yaml
: Specify the output format.
--outputTemplate string
: Format the response using a Go template.
Run immuta sdd template get <frameworkName> [flags]
, specifying the name of the framework you would like to get. Options you can specify include
-h
or --help
: Get more information about the command.
-o
or --output json | yaml
: Specify the output format.
--outputTemplate string
: Format the response using a Go template.
The example below illustrates a user getting a framework named ACCOUNT_NUMBERS_FRAMEWORK.
Run immuta sdd template global [flags]
, to get the global framework that has been configured for sensitive data discovery. Options you can specify include
-h
or --help
: Get more information about the command.
-o
or --output json | yaml
: Specify the output format.
--outputTemplate string
: Format the response using a Go template.
The example below illustrates a user getting the global framework that had been configured in the Immuta UI by an administrator.
Run immuta sdd template search [string] [flags]
to list all identification frameworks or search identification frameworks by name. Options you can specify include
--classifiers strings
: Limit results to only frameworks that contain the specified identifiers.
-h
, --help
: Help for search.
--limit int
The search limit for pagination (default 25).
--offset int
: The search offset for pagination.
--order asc | desc
: The sort order.
-o
, --output json | yaml
: The output format.
--outputTemplate string
: Format the response using a Go template.
-s
, --sort id | name | displayName | type | createdAt | updatedAt
: Field to sort by.
The example below illustrates a user searching all frameworks containing the ACCOUNT_NUMBER_IDENTIFIER
.
Update your framework in a valid YAML or JSON file using these attributes:
name
string
Unique, request-friendly framework name.
Yes
displayName
string
Unique, human-readable framework name.
Yes
description
string
The framework description.
Yes
classifiers
array
Includes each identifier's name
and overrides
for minConfidence
and tags
.
Yes
Run immuta sdd template update <frameworkName> <filepath> [flags]
, referencing the file you just updated. The options you can specify include
-h
or --help
: Get more information about the command.
-o
or --output json | yaml
: Specify the output format.
--outputTemplate string
: Format the response using a Go template.
The example below illustrates a user updating a framework named ACCOUNT_NUMBERS_FRAMEWORK.
Run immuta sdd template delete <frameworkName> [flags]
to delete the framework. The options you can specify include
-h
or --help
: Get more information about the command.
-o
or --output json | yaml
: Specify the output format.
--outputTemplate string
: Format the response using a Go template.
Public preview: This feature is public preview and available to all accounts.
Use these audit export configuration commands to manage exporting your audit logs to S3 and ADLS Gen2, including intervals the events are exported and the S3 bucket or ADLS container they are exported to.
immuta audit exportConfig {command} <arguments> [flags]
Inspect, disable, enable, and delete configurations for exporting your audit events to S3 and ADLS Gen 2.
The Immuta Audit CLI supports a number of flags for every command.
--config string
: Specifies the configuration file name and where it will be saved. (The default is $HOME/.immutacfg.yaml
.)
-h
, --help
: Gets more information about the command.
-p
, --profile string
: Specifies the profile for what instance the CLI will use.
create <technology> [flags]
: Configures a time interval and location to export your audit logs to. Options for <technology>
are s3
and adls
.
Example: $ immuta audit exportConfig create:s3 ./exportConfig.json
The filepath to the JSON or YAML file that configures the location and time interval for exporting your audit logs to S3 and ADLS Gen2.
-o
, `- -output json
delete <export configuration ID> [flags]
: Deletes an audit export configuration based on the provided ID.
Example: $ immuta audit exportConfig delete f7f9e289-f37b-4942-a18d-66d6de6e7cb2
The ID of the export configuration.
-o
, `--output json
disable <export configuration ID> [flags]
: Disables an audit export configuration based on the provided ID.
Example: $ immuta audit exportConfig disable f7f9e289-f37b-4942-a18d-66d6de6e7cb2
The ID of the export configuration.
-o
, `--output json
enable <export configuration ID> [flags]
: Enables an audit export configuration based on the provided ID.
Example: $ immuta audit exportConfig enable f7f9e289-f37b-4942-a18d-66d6de6e7cb2
The ID of the export configuration.
-o
, `--output json
The ID of the export configuration.
-o
, `--output json
list [flags]
: Lists all export configurations.
Example: $ immuta audit exportConfig list
-o
, `--output json
This page details the immuta purpose
command, its subcommands and arguments, and the workflow for creating and deleting purposes.
immuta purpose
This command allows you to list, save, and delete purposes in your instance of Immuta. The table below illustrates subcommands and arguments.
Use these options to get more details about the purpose
command or any of its subcommands:
-h
--help
immuta purpose save
Run immuta purpose save <filepath> [--dryRun] [--reAcknowledge]
, referencing the file you just created. The options you can specify include
--reAcknowledge
: Require all users of any projects using this purpose to re-acknowledge any updated acknowledgement statements.
-d
or --dryRun
: No updates will be made.
-h
or --help
: Get more information about the command.
The example below illustrates a user creating a purpose called Demo Purpose
.
immuta purpose delete
You need the GOVERNANCE
permission in Immuta to run this command.
Opt to list all purposes to determine which purpose you would like to delete by running immuta purpose list
. Options you can specify include
-h
or --help
: Get more information about the command.
-v
or --verbose
: Print response as JSON.
Delete a purpose by running immuta purpose delete <purpose name> [--dryRun]
, enclosing the purpose name in quotation marks. Options you can specify include
-d
or --dryRun
: No updates will be made.
-h
or --help
: Get more information about the command.
The example below illustrates a user deleting the purpose Demo Purpose
.
.
immuta sdd run
This command allows you to run SDD on specific data sources or all data sources in your instance of Immuta.
Use these options to get more details about the sdd run
command or any of its subcommands:
-h
--help
Run immuta sdd run <dataSourceName> [flags]
, naming the data source you want to run SDD on. The options you can specify include
-d
, --dryRun
: No updates will actually be made.
-f
, --force
: Do not prompt for confirmation when attempting to run SDD on all data sources.
-h
or --help
: Get more information about the command.
-o
or --output json | yaml
: Specify the output format.
--outputTemplate string
: Format the response using a Go template.
-t
, --outputTemplate string
: Run SDD with this framework. This flag can only be used with the dryRun
flag.
-w
, --wait int
: The number of seconds to wait for the SDD job(s) to finish. Default is until the SDD job(s) finish (default -1).
The example below illustrates a user running SDD on a single data source.
Run immuta sdd run
. The options you can specify include
-d
, --dryRun
: No updates will actually be made.
-f
, --force
: Do not prompt for confirmation when attempting to run SDD on all data sources.
-h
or --help
: Get more information about the command.
-o
or --output json | yaml
: Specify the output format.
--outputTemplate string
: Format the response using a Go template.
-t
, --outputTemplate string
: Run SDD with this framework. This flag can only be used with the dryRun
flag.
-w
, --wait int
: The number of seconds to wait for the SDD job(s) to finish. Default is until the SDD job(s) finish (default -1).
Confirm that you want to run SDD on all data sources.
This page details the immuta project
command, its subcommands and arguments, and the workflow for creating, renaming, and deleting projects.
immuta project
This command allows you to list, save, delete, and rename projects in your instance of Immuta. The table below illustrates subcommands and arguments.
Use these options to get more details about the project
command or any of its subcommands:
-h
--help
immuta project save
Run the following referencing the file you just created: immuta project save <filepath> [--dryRun] [--deleteWorkSpaceDataSources]
The options you can specify include
--deleteWorkSpaceDataSources
: Delete all data and the data sources associated with a project workspace when the workspace is deleted.
-d
or --dryRun
: No updates will be made.
-h
or --help
: Get more information about the command.
The example below illustrates a user listing all projects and then creating the project demo project
.
immuta project rename
Opt to list all project keys to identify which project you would like to rename by running immuta project list
. Options you can specify include
-h
or --help
: Get more information about the command.
-v
or --verbose
: Print response as JSON.
Rename the project key by running immuta project rename <old project key> <new project key>
, enclosing the name of the project key in quotation marks. Options you can specify to get more information about this command include -h
or --help
.
The example below illustrates a user renaming the demo project
project key to data analytics team
.
immuta project delete
Opt to list all project keys to determine which project key you would like to delete by running immuta project list
. Options you can specify include
-h
or --help
: Get more information about the command.
-v
or --verbose
: Print response as JSON.
Delete a project key by running immuta project delete <project key> [--dryRun] [--hardDelete
, enclosing the project key in quotation marks. Options you can specify include
-d
or --dryRun
: No updates will be made.
--hardDelete
: If this is set, it will delete everything related to the project in Immuta. If not set, it will only disable the project.
-h
or --help
: Get more information about the command.
The example below illustrates a user first disabling and then deleting the project Data Analytics Team
.
get <export configuration ID> [flags]
: Gets an audit export configuration based on the provided ID. See example .
Add your purpose information in a valid YAML file for the V2 API. Additional payload examples for creating purposes can .
Add your project information in a valid YAML file for the V2 API. Additional payload examples for creating projects can :
delete
Delete a purpose by name.
purpose name
list
List all purposes.
n/a
save
Create or update a purpose in Immuta.
filepath
delete
Delete a project by project key.
project key
list
List all project keys.
n/a
rename
Rename the project key.
new project key
save
Create or update a project in Immuta.
filepath
This page details the immuta policy
command, its subcommands and arguments, and the workflow for creating, renaming, cloning, and deleting Global Policies.
immuta policy
This command allows you to list, save, delete, and rename Global Policies in your instance of Immuta. The table below illustrates subcommands and arguments.
clone
Clone and save all Global Policies to files.
filepath
delete
Delete a Global Policy by policy key.
policy key
list
List all Global Policy keys.
n/a
rename
Rename the Global Policy key.
new policy key
save
Create or update a Global Policy in Immuta.
filepath
Use these options to get more details about the policy
command or any of its subcommands:
-h
--help
immuta policy save
Add your policy information in a valid YAML file for the V2 API. Additional payload examples for creating policies can be found here:
Run immuta policy save <filepath> [--dryRun] [--reCertify]
, referencing the file you just created. The options you can specify include
-d
or --dryRun
: No updates will actually be made.
-h
or --help
: Get more information about the command.
--reCertify
: If the certification has changed, someone will need to re-certify this policy on all impacted data sources.
The example below illustrates a user listing all policies and then creating a policy called data conditional masking
.
immuta policy rename
Opt to list all policy keys to identify which policy you would like to rename by running immuta policy list
. Options you can specify include
-h
or --help
: Get more information about the command.
-v
or --verbose
: Print response as JSON.
Rename the policy key by running immuta policy rename <old policy key> <new policy key>
, enclosing the name of the policy key in quotation marks. Options you can specify to get more information about this command include -h
or --help
.
The example below illustrates a user renaming the data conditional masking
policy key to Data Masking
.
immuta policy clone
Clone and save all Global Policies to a file by running immuta policy clone <filepath>
. Options you can specify include
--force
: Overwrite existing output directory targets. If this flag is omitted, you will receive an error when the output directory exists and is not empty.
-h
, --help
: Get more information about the command.
-v
or --verbose
: Print response as JSON.
The example below illustrates cloning and saving all Global Policies to a policy
folder. In this example, only one Global Policy existed: Test
.
immuta policy delete
Opt to list all policy keys to determine which policy key you would like to delete by running immuta policy list
. Options you can specify include
-h
or --help
: Get more information about the command.
-v
or --verbose
: Print response as JSON.
Delete a policy key by running immuta policy delete <policy key> [--dryRun]
. Options you can specify include
-d
or --dryRun
: No updates will be made.
-h
or --help
: Get more information about the command.
The example below illustrates a user deleting the Data Masking
policy.