UAM Schema

Universal audit model (UAM) is Immuta's consistent structure for all Immuta system and user query audit logs. This reference guide provides example schemas of all the UAM events available in Immuta.

There are some parameter details throughout to help better understand the UAM schemas. But there are two important parameters to each event:

targetType: Informs the Immuta object that's the target of the action being audited. This will specify if it was a user, project, policy, etc. being affected by the action.
action: Informs the base action being performed on the target. This will specify if something was created, deleted, updated, etc.

To learn more about Immuta's audit, see the UAM reference page or view the examples below.

Events and descriptions

Immuta object

Events

API keys

ApiKeyCreated: An API key is created on the Immuta app settings page or from an Immuta user's profile page.
ApiKeyDeleted: An API key is deleted.

Attributes

AttributeApplied: An attribute is applied to a user or group.
AttributeRemoved: An attribute is removed from a user or group.

Configuration

ConfigurationUpdated: The Immuta configuration on the app settings page is updated.

Data sources

DatasourceAppliedToProject: A data source is added to a project.
DatasourceCatalogSynced: An external catalog and its tags are synced on a data source.
DatasourceCreated: A data source is created.
DatasourceDeleted: A data source is deleted.
DatasourceDisabled: A data source is disabled.
DatasourceGlobalPolicyApplied: A global policy is applied to a data source.
DatasourceGlobalPolicyConflictResolved: A policy conflict between two global policies on a data source is resolved.
DatasourceGlobalPolicyDisabled: A global policy is disabled on a data source.
DatasourceGlobalPolicyRemoved: A global policy is removed from a data source.
DatasourcePolicyCertificationExpired: The global policy certification on a data source is expired.
DatasourcePolicyCertified: A global policy is certified for a data source.
DatasourcePolicyDecertified: A global policy is decertified for a data source.
DatasourceRemovedFromProject: A data source is removed from a project.
DatasourceUpdated: A data source is updated.

Domains

DomainCreated: A domain is created.
DomainDataSourcesUpdated: Data sources are assigned to or removed from the domain.
DomainDeleted: A domain is deleted.
DomainPermissionsUpdated: A domain-specific permission is applied to or removed from a user or group.
DomainUpdated: A domain's details (name, description, settings etc.) are updated.

Global policies

GlobalPolicyApprovalRescinded (private preview): The approval for a global policy is rescinded with the approve to promote feature.
GlobalPolicyApproved (private preview): A global policy is approved with the approve to promote feature.
GlobalPolicyChangeRequested (private preview): A change to a global policy is requested with the approve to promote feature.
GlobalPolicyCreated: A global policy is created.
GlobalPolicyDeleted: A global policy is deleted.
GlobalPolicyPromoted (private preview): A global policy is promoted to production with the approve to promote feature.
GlobalPolicyReviewRequested (private preview): A review is requested for a global policy with the approve to promote feature.
GlobalPolicyUpdated: A global policy is updated.

Groups

GroupCreated: A group is created in Immuta by user actions in the UI or ingested from an external IAM.
GroupDeleted: A group is deleted in Immuta by user actions in the UI or from within an external IAM.
GroupMemberAdded: A user is added to a group in Immuta by user actions in the UI or from within an external IAM.
GroupMemberRemoved: A user is removed from a group in Immuta by user actions in the UI or from within an external IAM.
GroupUpdated: A group's details (email, name, description, etc.) are updated.

Identification

SDDClassifierCreated: An identifier is created.
SDDClassifierDeleted: An identifier is deleted.
SDDClassifierUpdated: An identifier is updated.

License

LicenseCreated: An Immuta license is created.
LicenseDeleted: An Immuta license is deleted.

Local policies

LocalPolicyCreated: A local policy is created on a data source.
LocalPolicyUpdated: A local policy is updated on a data source.

Permissions

PermissionApplied: A global permission is applied to a user.
PermissionRemoved: A global permission is removed from a user.

Projects

ProjectCreated: A project is created.
ProjectDeleted A project is deleted.
ProjectDisabled: A project is disabled.
ProjectPurposeApproved: A purpose is approved within a project.
ProjectPurposeDenied: A purpose is denied within a project.
ProjectPurposesAcknowledged: A user acknowledged a purpose within a project.
ProjectUpdated: A project is updated.

Purposes

PurposeDeleted: A purpose is deleted.
PurposeUpdated: A purpose is updated.
PurposeUpserted: A purpose is created.

Queries

DatabricksQuery: Available for Unity Catalog or Databricks Spark
SnowflakeQuery
TrinoQuery

Subscriptions

SubscriptionCreated: A user is subscribed to a data source or project.
SubscriptionDeleted: A user's subscription to a data source or project is removed.
SubscriptionRequestApproved: A user's request to subscribe to a data source or project is approved.
SubscriptionRequestDenied: A user's request to subscribe to a data source or project is denied.
SubscriptionRequested: A user requests to subscribe to a data source or project.
SubscriptionUpdated: A user's subscription to a data source or project is updated.

ApiKeyCreated event

Event: ApiKeyCreated
Legacy event: apiKey
Description: An API key is created on the Immuta app settings page or from an Immuta user's profile page.

{
    "relatedResources": [],
    "auditPayload": {
        "type": "ApiKeyCreatedAuditPayload",
        "apiKeyId": "1112158",
        "name": "T1",
        "version": 1
    },
    "action": "CREATE",
    "tenantId": "your-immuta-tenant.com",
    "actionStatus": "SUCCESS",
    "eventTimestamp": "2024-01-25T18:04:58.368Z",
    "actor": {
        "id": "[email protected]",
        "identityProvider": "bim",
        "profileId": "1",
        "type": "USER_ACTOR",
        "name": "Taylor Smith"
    },
    "targetType": "APIKEY",
    "id": "d9dc3cee-98d0-47d6-ba81-e0b38f9f4014",
    "receivedTimestamp": "2024-01-25T18:04:58.505Z",
    "actorIp": "xxx.xx.xx.xx",
    "targets": [],
    "requestId": "60c68659-ac83-5299-bf3e-14856178a0de",
    "sessionId": "9c553d7ace0aa3ee735fd3c14f737bc6"
}

ApiKeyDeleted event

Event: ApiKeyDeleted
Legacy event: apiKey
Description: An API key is deleted.

{
    "id": "fe47ddd1-fd22-4dcf-9648-83950a10ef34",
    "targetType": "APIKEY",
    "receivedTimestamp": "2024-01-25T18:08:28.891Z",
    "actor": {
        "type": "USER_ACTOR",
        "identityProvider": "bim",
        "id": "[email protected]",
        "profileId": "1",
        "name": "Taylor Smith"
    },
    "requestId": "220c7faa-7f56-5d8c-aa31-8ac2212b7707",
    "sessionId": "9c553d7ace0aa3ee735fd3c14f737bc6",
    "targets": [],
    "actorIp": "xxx.xx.xx.xx",
    "relatedResources": [],
    "auditPayload": {
        "type": "ApiKeyDeletedAuditPayload",
        "apiKeyId": "1112158",
        "version": 1
    },
    "eventTimestamp": "2024-01-25T18:08:21.319Z",
    "action": "DELETE",
    "actionStatus": "SUCCESS",
    "tenantId": "your-immuta-tenant.com"
}

AttributeApplied event

Event: AttributeApplied
Legacy events: accessUser and accessGroup
Description: An attribute is applied to a user or group.
Additional parameter details: targetType will specify whether the attribute was added to a USER or GROUP.

{
    "actorIp": "xxx.xx.xx.xx",
    "targets": [
        {
            "name": "Deepu Murty",
            "id": "[email protected]",
            "identityProvider": "bim",
            "profileId": "20",
            "type": "USER"
        }
    ],
    "requestId": "e45652cd-4d00-5def-8e8c-aca696822fc2",
    "sessionId": "cdbffff8804103418350947c6586712c",
    "actor": {
        "type": "USER_ACTOR",
        "profileId": "1",
        "id": "[email protected]",
        "identityProvider": "bim",
        "name": "Taylor Smith"
    },
    "id": "63f111a7-0835-4696-8fdb-188130c44fac",
    "targetType": "USER",
    "receivedTimestamp": "2023-09-13T14:36:02.926Z",
    "action": "ATTRIBUTE_APPLY",
    "tenantId": "your-immuta-tenant.com",
    "actionStatus": "SUCCESS",
    "eventTimestamp": "2023-09-13T14:36:02.688Z",
    "relatedResources": [
        {
            "values": ["Product"],
            "name": "Department",
            "id": "department",
            "type": "ATTRIBUTE"
        }
    ],
    "auditPayload": {
        "entityType": "USER",
        "type": "AttributeAppliedAuditPayload",
        "version": 1,
        "attributes": [
            {
                "values": ["Product"],
                "attribute": "Department"
            }
        ],
        "entityIdProvider": "bim",
        "entityId": "[email protected]"
    }
}

AttributeRemoved event

Event: AttributeRemoved
Legacy events: accessUser and accessGroup
Description: An attribute is removed from a user or group.
Additional parameter details: targetType will specify whether the attribute was removed from a USER or GROUP.

{
    "relatedResources": [
        {
            "values": ["UNCLASSIFIED"],
            "name": "classification",
            "id": "classification",
            "type": "ATTRIBUTE"
        }
    ],
    "auditPayload": {
        "type": "AttributeRemovedAuditPayload",
        "entityType": "USER",
        "version": 1,
        "attributes": [
            {
                "values": ["UNCLASSIFIED"],
                "attribute": "classification"
            }
        ],
        "entityIdProvider": "bim",
        "entityId": "[email protected]"
    },
    "action": "ATTRIBUTE_REMOVE",
    "actionStatus": "SUCCESS",
    "tenantId": "your-immuta-tenant.com",
    "eventTimestamp": "2024-02-20T19:46:50.259Z",
    "actor": {
        "profileId": "1",
        "id": "[email protected]",
        "identityProvider": "bim",
        "type": "USER_ACTOR",
        "name": "Taylor Smith"
    },
    "id": "0fd77c61-f08a-488c-9d10-c356ffea0d11",
    "targetType": "USER",
    "receivedTimestamp": "2024-02-20T19:46:50.426Z",
    "targets": [
        {
            "name": "Deepu Murty",
            "type": "USER",
            "id": "[email protected]",
            "identityProvider": "bim",
            "profileId": "20"
        }
    ],
    "actorIp": "xxx.xx.xx.xx",
    "requestId": "146ec771-ec2e-5f40-8551-1dbc38e64078",
    "sessionId": "893db38b8f1977fda75f60d168c4e74e"
}

ConfigurationUpdated event

Event: ConfigurationUpdated
Legacy event: configurationUpdate
Description: The Immuta configuration on the app settings page is updated.

{
    "eventTimestamp": "2023-12-04T18:38:25.801Z",
    "tenantId": "your-immuta-tenant.com",
    "actionStatus": "SUCCESS",
    "action": "CONFIGURATION_UPDATED",
    "auditPayload": {
        "version": 1,
        "type": "ConfigurationUpdatedAuditPayload",
        "changeSet": {
            "plugins": {
                "policy": {
                    "approveToPromote": {
                        "requiredApprovalCount": [
                            {
                                "newValue": 1,
                                "oldValue": 2
                            }
                        ]
                    }
                }
            }
        },
        "configurationId": "20"
    },
    "relatedResources": [],
    "sessionId": "aed83ab8b46affcb1169532dada92b72",
    "requestId": "c80f510f-3f55-5450-8dea-d5e243708686",
    "targets": [
        {
            "name": "20",
            "type": "CONFIGURATION",
            "id": "20"
        }
    ],
    "actorIp": "xxx.xx.xx.xx",
    "receivedTimestamp": "2023-12-04T18:38:26.039Z",
    "id": "3989e233-c791-43e9-813f-7738f4c8e26b",
    "targetType": "CONFIGURATION",
    "actor": {
        "identityProvider": "bim",
        "id": "[email protected]",
        "profileId": "1",
        "type": "USER_ACTOR",
        "name": "Taylor Smith"
    }
}

DatasourceAppliedToProject event

Event: DatasourceAppliedToProject
Legacy event: addToProject
Description: A data source is added to a project.

{
    "auditPayload": {
        "type": "DatasourceAppliedToProjectAuditPayload",
        "errors": [],
        "projectId": "2",
        "version": 1,
        "datasources": [
            {
                "id": "2",
                "name": "Public Case"
            }
        ]
    },
    "sessionId": "6b928653b1411078647a2764a72beca6",
    "targets": [
        {
            "projectKey": "HumanResources",
            "id": "2",
            "type": "PROJECT",
            "name": "Human Resources"
        }
    ],
    "action": "DATASOURCE_APPLY",
    "id": "8106b44f-cf56-4ca2-a111-641d0e80e6ff",
    "targetType": "PROJECT",
    "actionStatus": "SUCCESS",
    "relatedResources": [
        {
            "id": "2",
            "technology": "SNOWFLAKE",
            "type": "DATASOURCE",
            "name": "Public Case"
        }
    ],
    "actor": {
        "id": "[email protected]",
        "profileId": "1",
        "name": "Taylor Smith",
        "identityProvider": "bim",
        "type": "USER_ACTOR"
    },
    "eventTimestamp": "2023-10-13T14:08:20.427Z",
    "actorIp": "xxx.xx.xx.xx",
    "requestId": "8823f3f0-4e46-590c-bbb2-209cce750ff9",
    "tenantId": "your-immuta-tenant.com",
    "receivedTimestamp": "2023-10-13T14:08:20.660Z"
}

DatasourceCatalogSynced event

Event: DatasourceCatalogSynced
Legacy event: catalogUpdate
Description: An external catalog and its tags are synced on a data source.

{
    "tenantId": "your-immuta-tenant.com",
    "action": "CATALOG_SYNC",
    "actor": {
        "type": "USER_ACTOR",
        "identityProvider": "bim",
        "name": "Taylor Smith",
        "profileId": "1",
        "id": "[email protected]"
    },
    "targetType": "DATASOURCE",
    "actionStatus": "SUCCESS",
    "eventTimestamp": "2023-04-14T16:48:21.159Z",
    "id": "159d4299-fca5-47cb-aa6b-81d93bafa526",
    "targets": [
        {
            "id": "9",
            "name": "Public case",
            "technology": "SNOWFLAKE",
            "type": "DATASOURCE"
        }
    ],
    "relatedResources": [],
    "receivedTimestamp": "2023-04-14T16:48:21.209Z",
    "auditPayload": {
        "datasourceId": "9",
        "changes": {
            "before": {
                "catalogId": null,
                "documentation": null,
                "dictionary": [
                    {
                        "tags": [],
                        "columnName": "country"
                    },
                    {
                        "columnName": "date",
                        "tags": []
                    },
                    {
                        "tags": [],
                        "columnName": "fastest_qualifying"
                    },
                    {
                        "columnName": "location",
                        "tags": []
                    },
                    {
                        "columnName": "round",
                        "tags": []
                    },
                    {
                        "columnName": "winning_aircraft",
                        "tags": []
                    },
                    {
                        "tags": [],
                        "columnName": "winning_pilot"
                    }
                ],
                "tableTags": null,
                "description": null
            },
            "after": {
                "description": "",
                "tableTags": null,
                "dictionary": [
                    {
                        "columnName": "country",
                        "description": "",
                        "tags": []
                    },
                    {
                        "tags": [],
                        "description": "",
                        "columnName": "date"
                    },
                    {
                        "tags": [],
                        "columnName": "fastest_qualifying",
                        "description": ""
                    },
                    {
                        "tags": [],
                        "columnName": "location",
                        "description": ""
                    },
                    {
                        "columnName": "round",
                        "description": "",
                        "tags": []
                    },
                    {
                        "tags": [],
                        "description": "",
                        "columnName": "winning_aircraft"
                    },
                    {
                        "columnName": "winning_pilot",
                        "description": "",
                        "tags": []
                    }
                ],
                "catalogId": "immuta-product_engineering"
            }
        },
        "type": "DatasourceCatalogSyncedAuditPayload"
    }
}

DatasourceCreated event

Event: DatasourceCreated
Legacy event: dataSourceCreate
Description: A data source is created.

{
"id": "dc0b7313-ecc9-42f1-ba33-df0a1a753c08",
"action": "CREATE",
"actionStatus": "SUCCESS",
"actor": {
    "name": "Taylor Smith",
    "id": "[email protected]",
    "identityProvider": "bim",
    "profileId": "1",
    "type": "USER_ACTOR"
},
"tenantId": "your-immuta-tenant.com",
"targetType": "DATASOURCE",
"targets": [
    {
        "type": "DATASOURCE",
        "id": "102",
        "name": "Pgboss Job",
        "technology": "POSTGRESQL"
    }
],
"relatedResources": [
    {
        "type": "CONNECTION",
        "id": "4",
        "name": "data-source-connection-name",
        "connectionKey": "data-source-connection-key"
    }
],
"auditPayload": {
    "type": "DatasourceCreatedAuditPayload",
    "version": 1,
    "description": null,
    "documentation": null,
    "expiration": null,
    "columnDetectionEnabled": true,
    "disabled": false,
    "technology": "POSTGRESQL",
    "connectionId": "4",
    "table": "job",
    "schema": "pgboss",
    "sensitiveDataDiscoveryEnabled": true
},
"eventTimestamp": "2024-02-22T13:59:04.681Z",
"receivedTimestamp": "2024-02-22T13:59:04.715Z"
}

DatasourceDeleted event

Event: DatasourceDeleted
Legacy event: dataSourceDelete
Description: A data source is deleted.

{
"id": "1403b675-70f6-4833-ab4c-a7486c63f494",
"action": "DELETE",
"actionStatus": "SUCCESS",
"actor": {
    "name": "Taylor Smith",
    "id": "[email protected]",
    "identityProvider": "bim",
    "profileId": "1",
    "type": "USER_ACTOR"
},
"tenantId": "your-immuta-tenant.com",
"targetType": "DATASOURCE",
"targets": [
    {
        "type": "DATASOURCE",
        "id": "93",
        "name": "Audit",
        "technology": "POSTGRESQL"
    }
],
"relatedResources": [],
"auditPayload": {
    "type": "DatasourceDeletedAuditPayload",
    "version": 1,
    "datasourceId": "93",
    "name": "Audit",
    "technology": "POSTGRESQL"
},
"eventTimestamp": "2024-02-22T14:20:42.379Z",
"receivedTimestamp": "2024-02-22T14:20:42.392Z"
}

DatasourceDisabled event

Event: DatasourceDisabled
Legacy event: None
Description: A data source is disabled.

{
    "id": "a09b9bc3-3775-4496-87ec-b808cf649794",
    "sessionId": "0fcaaf9c074330b4b875746c2e52739c",
    "requestId": "153fe145-32a0-5c33-930d-c571c1d7748d",
    "action": "DISABLE",
    "actionStatus": "SUCCESS",
    "actor": {
        "name": "Taylor Smith",
        "id": "[email protected]",
        "identityProvider": "bim",
        "profileId": "1",
        "type": "USER_ACTOR"
    },
    "actorIp": "xxx.xx.xx.xx",
    "tenantId": "your-immuta-tenant.com",
    "targetType": "DATASOURCE",
    "targets": [
        {
            "type": "DATASOURCE",
            "id": "57",
            "name": "Activity",
            "technology": "POSTGRESQL"
        }
    ],
    "relatedResources": [],
    "auditPayload": {
        "type": "DatasourceDisabledAuditPayload",
        "version": 1,
        "datasourceId": "57",
        "name": "Activity",
        "technology": "POSTGRESQL"
    },
    "eventTimestamp": "2024-02-22T14:22:20.039Z",
    "receivedTimestamp": "2024-02-22T14:22:20.183Z"
}

DatasourceGlobalPolicyApplied event

Event: DatasourceGlobalPolicyApplied
Legacy event: globalPolicyApplied
Description: A global policy is applied to a data source.

{
    "receivedTimestamp": "2023-10-24T18:06:27.645Z",
    "auditPayload": {
        "conflict": null,
        "version": 1,
        "policy": {
            "actions": [
                {
                    "dataPolicyType": "MASKING",
                    "rules": [
                        {
                            "exceptions": null,
                            "type": "MASKING_HASH",
                            "fields": ["AWARD_ID"],
                            "ruleAppliedForUser": false
                        }
                    ],
                    "type": "DATA",
                    "global": false,
                    "rationale": null
                }
            ],
            "type": "DATA"
        },
        "type": "DatasourceGlobalPolicyAppliedAuditPayload"
    },
    "relatedResources": [
        {
            "policyKey": "Mask PII",
            "name": "Mask PII",
            "type": "GLOBAL_POLICY",
            "id": "7"
        }
    ],
    "id": "7f57d63a-5db8-412a-ad93-c6baa61384b3",
    "targetType": "DATASOURCE",
    "actor": {
        "profileId": "1",
        "identityProvider": "bim",
        "id": "[email protected]",
        "type": "USER_ACTOR",
        "name": "Taylor Smith"
    },
    "eventTimestamp": "2023-10-24T18:06:27.617Z",
    "tenantId": "your-immuta-tenant.com",
    "actionStatus": "SUCCESS",
    "targets": [
        {
            "id": "47",
            "type": "DATASOURCE",
            "technology": "SNOWFLAKE",
            "name": "Public case"
        }
    ],
    "action": "POLICY_APPLIED"
}

DatasourceGlobalPolicyConflictResolved event

Event: DatasourceGlobalPolicyConflictResolved
Legacy event: globalPolicyConflictResolved
Description: A policy conflict between two global policies on a data source is resolved.

{
    "actor": {
        "name": "Taylor Smith",
        "profileId": "1",
        "identityProvider": "bim",
        "id": "[email protected]",
        "type": "USER_ACTOR"
    },
    "id": "ac9c699a-aad0-4899-964c-279cd7eba125",
    "targetType": "DATASOURCE",
    "relatedResources": [],
    "auditPayload": {
        "type": "DatasourceGlobalPolicyConflictResolvedAuditPayload",
        "version": 1
    },
    "receivedTimestamp": "2023-10-24T18:34:04.330Z",
    "action": "POLICY_CONFLICT_RESOLVED",
    "targets": [
        {
            "name": "Public case",
            "technology": "SNOWFLAKE",
            "id": "47",
            "type": "DATASOURCE"
        }
    ],
    "actionStatus": "SUCCESS",
    "tenantId": "your-immuta-tenant.com",
    "eventTimestamp": "2023-10-24T18:34:04.301Z"
}

DatasourceGlobalPolicyDisabled event

Event: DatasourceGlobalPolicyDisabled
Legacy event: globalPolicyDisabled
Description: A global policy is disabled on a data source.

{
    "relatedResources": [
        {
            "id": "7",
            "type": "GLOBAL_POLICY",
            "name": "Mask PII",
            "policyKey": "mask pii"
        }
    ],
    "targetType": "DATASOURCE",
    "id": "4853154c-8825-4138-800d-913cbab56af6",
    "receivedTimestamp": "2023-10-24T18:13:25.004Z",
    "auditPayload": {
        "version": 1,
        "type": "DatasourceGlobalPolicyDisabledAuditPayload"
    },
    "actor": {
        "id": "[email protected]",
        "identityProvider": "bim",
        "profileId": "1",
        "type": "USER_ACTOR",
        "name": "Taylor Smith"
    },
    "eventTimestamp": "2023-10-24T18:13:24.975Z",
    "action": "POLICY_DISABLED",
    "targets": [
        {
            "id": "47",
            "type": "DATASOURCE",
            "name": "Public case",
            "technology": "SNOWFLAKE"
        }
    ],
    "actionStatus": "SUCCESS",
    "tenantId": "your-immuta-tenant.com"
}

DatasourceGlobalPolicyRemoved event

Event: DatasourceGlobalPolicyRemoved
Legacy event: globalPolicyRemoved
Description: A global policy is removed from a data source.

{
    "actor": {
        "name": "Taylor Smith",
        "type": "USER_ACTOR",
        "identityProvider": "bim",
        "id": "[email protected]",
        "profileId": "1"
    },
    "auditPayload": {
        "type": "DatasourceGlobalPolicyRemovedAuditPayload",
        "conflict": null,
        "policy": {
            "type": "DATA",
            "actions": [
                {
                    "dataPolicyType": "MASKING",
                    "rationale": null,
                    "global": false,
                    "type": "DATA",
                    "rules": [
                        {
                            "type": "MASKING_HASH",
                            "exceptions": null,
                            "ruleAppliedForUser": false,
                            "fields": ["PII"]
                        }
                    ]
                }
            ]
        },
        "version": 1
    },
    "receivedTimestamp": "2023-10-24T18:06:27.635Z",
    "id": "4a27ab2f-156e-4cff-a3bc-65184d74ccd5",
    "targetType": "DATASOURCE",
    "relatedResources": [
        {
            "policyKey": "mask pii",
            "name": "Mask PII",
            "id": "7",
            "type": "GLOBAL_POLICY"
        }
    ],
    "tenantId": "your-immuta-tenant.com",
    "actionStatus": "SUCCESS",
    "targets": [
        {
            "type": "DATASOURCE",
            "id": "47",
            "name": "Public case",
            "technology": "SNOWFLAKE"
        }
    ],
    "action": "POLICY_REMOVED",
    "eventTimestamp": "2023-10-24T18:06:27.617Z"
}

DatasourcePolicyCertificationExpired event

Event: DatasourcePolicyCertificationExpired
Legacy event: policyCertificationExpired
Description: The global policy certification on a data source is expired.

{
    "actionStatus": "SUCCESS",
    "tenantId": "your-immuta-tenant.com",
    "targets": [
        {
            "technology": "SNOWFLAKE",
            "name": "Public case",
            "type": "DATASOURCE",
            "id": "47"
        }
    ],
    "action": "DECERTIFY_POLICY",
    "eventTimestamp": "2023-10-16T19:49:25.365Z",
    "actor": {
        "type": "SYSTEM_ACCOUNT",
        "id": "immuta_system_account",
        "name": "Immuta System Account"
    },
    "auditPayload": {
        "expirationDate": "2023-10-16T19:49:25.365Z",
        "type": "DatasourcePolicyCertificationExpiredAuditPayload",
        "version": 1
    },
    "receivedTimestamp": "2023-10-16T19:49:25.387Z",
    "targetType": "DATASOURCE",
    "id": "aedc4025-d888-4407-b837-659dca4d0e80",
    "relatedResources": [
        {
            "type": "GLOBAL_POLICY",
            "id": "7",
            "policyKey": "mask pii",
            "name": "Mask PII"
        }
    ]
}

DatasourcePolicyCertified event

Event: DatasourcePolicyCertified
Legacy event: globalPolicyCertify
Description: A global policy is certified for a data source.

{
    "receivedTimestamp": "2023-10-03T18:35:32.666Z",
    "id": "04947a9b-0206-4c2d-bce0-0d969b68350b",
    "targetType": "DATASOURCE",
    "actor": {
        "type": "USER_ACTOR",
        "profileId": "1",
        "id": "[email protected]",
        "identityProvider": "bim",
        "name": "Taylor Smith"
    },
    "sessionId": "95ca3d7f5d3d2a2b82cecb3ff1051b63",
    "requestId": "bf443424-2e49-5a13-9009-8b527a3f65f3",
    "targets": [
        {
            "id": "44",
            "type": "DATASOURCE",
            "technology": "SNOWFLAKE",
            "name": "Public case"
        }
    ],
    "actorIp": "xxx.xx.xx.xx",
    "auditPayload": {
        "type": "DatasourcePolicyCertifiedAuditPayload",
        "columns": [
            {
                "name": "Full name",
                "tags": [
                    {
                        "deleted": false,
                        "id": "23",
                        "type": "TAG",
                        "context": "manual",
                        "source": "curated",
                        "name": "PII"
                    }
                ]
            }
        ],
        "certificationDate": "2023-10-03T18:35:32.607Z",
        "version": 1
    },
    "relatedResources": [
        {
            "type": "GLOBAL_POLICY",
            "id": "3",
            "name": "Mask PHI",
            "policyKey": "Mask PHI"
        }
    ],
    "eventTimestamp": "2023-10-03T18:35:32.484Z",
    "actionStatus": "SUCCESS",
    "tenantId": "your-immuta-tenant.com",
    "action": "POLICY_CERTIFY"
}

DatasourcePolicyDecertified event

Event: DatasourcePolicyDecertified
Legacy events: None
Description: A global policy is decertified for a data source.

{
    "actorIp": "xxx.xx.xx.xx",
    "targets": [
        {
            "id": "44",
            "type": "DATASOURCE",
            "technology": "SNOWFLAKE",
            "name": "Public case"
        }
    ],
    "requestId": "270aa26c-e424-53cf-af06-d290c8bfa308",
    "sessionId": "95ca3d7f5d3d2a2b82cecb3ff1051b63",
    "actor": {
        "identityProvider": "bim",
        "id": "[email protected]",
        "profileId": "1",
        "type": "USER_ACTOR",
        "name": "Taylor Smith"
    },
    "targetType": "DATASOURCE",
    "id": "31c902a8-5cbc-4171-baaa-2428080fac91",
    "receivedTimestamp": "2023-10-03T19:25:34.166Z",
    "action": "DECERTIFY_POLICY",
    "actionStatus": "SUCCESS",
    "tenantId": "your-immuta-tenant.com",
    "eventTimestamp": "2023-10-03T19:25:34.094Z",
    "relatedResources": [
        {
            "name": "Mask PII",
            "policyKey": "mask pii",
            "id": "7",
            "type": "GLOBAL_POLICY"
        }
    ],
    "auditPayload": {
        "version": 1,
        "type": "DatasourcePolicyDecertifiedAuditPayload",
        "decertificationDate": "2023-10-03T19:25:34.121Z"
    }
}

DatasourceRemovedFromProject event

Event: DatasourceRemovedFromProject
Legacy event: removeFromProject
Description: A data source is removed from a project.

{
    "id": "77de32df-1655-4618-b0bf-e6883483a151",
    "sessionId": "285574f9f1fd35b1fc7dba060e0786a2",
    "requestId": "e35f9736-f206-53fd-ab02-043bce216e52",
    "action": "DATASOURCE_REMOVE",
    "actionStatus": "SUCCESS",
    "actor": {
        "name": "Taylor Smith",
        "id": "[email protected]",
        "identityProvider": "bim",
        "profileId": "1",
        "type": "USER_ACTOR"
    },
    "actorIp": "xxx.xx.xx.xx",
    "tenantId": "your-immuta-tenant.com",
    "targetType": "PROJECT",
    "targets": [
        {
            "type": "PROJECT",
            "name": "Human Resources",
            "id": "13",
            "projectKey": "humanresources"
        }
    ],
    "relatedResources": [
        {
            "type": "DATASOURCE",
            "id": "54",
            "name": "Customers",
            "technology": "POSTGRESQL"
        }
    ],
    "auditPayload": {
        "type": "DatasourceRemovedFromProjectAuditPayload",
        "version": 1,
        "projectId": "13",
        "datasources": [
            {
                "id": "54",
                "name": "Customers"
            }
        ],
        "errors": []
    },
    "eventTimestamp": "2024-02-29T18:19:08.881Z",
    "receivedTimestamp": "2024-02-29T18:19:09.071Z"
}

DatasourceUpdated event

Event: DatasourceUpdated
Legacy events: dataSourceUpdate and dataSourceSave
Description: A data source is updated.

{
    "id": "d6e6115a-e508-4ace-83af-5b6da9a25884",
    "action": "UPDATE",
    "actionStatus": "SUCCESS",
    "actor": {
        "name": "Taylor Smith",
        "id": "[email protected]",
        "identityProvider": "bim",
        "profileId": "1",
        "type": "USER_ACTOR"
    },
    "tenantId": "your-immuta-tenant.com",
    "targetType": "DATASOURCE",
    "targets": [
        {
            "type": "DATASOURCE",
            "id": "66",
            "name": "Public case",
            "technology": "POSTGRESQL"
        }
    ],
    "relatedResources": [],
    "auditPayload": {
        "type": "DatasourceUpdatedAuditPayload",
        "version": 1,
        "name": "Public case",
        "description": null,
        "documentation": "New documentation to descripe the table.",
        "expiration": null,
        "columnDetectionEnabled": true,
        "disabled": false,
        "datasourceId": "66"
    },
    "eventTimestamp": "2024-02-22T14:24:45.048Z",
    "receivedTimestamp": "2024-02-22T14:24:45.069Z"
}

DomainCreated event

Event: DomainCreated
Legacy event: collectionCreated
Description: A domain is created.

{
    "sessionId": "227c3dbbbfe78ecd693c84979a930c22",
    "actionStatus": "SUCCESS",
    "targetType": "DOMAIN",
    "actorIp": "xxx.xx.xx.xx",
    "receivedTimestamp": "2023-12-20T20:01:03.651Z",
    "requestId": "460ce02b-30d5-5e68-bff0-b31e6ea44ba0",
    "id": "f99bc30e-13f6-4041-a0ad-20750a27519e",
    "actor": {
        "id": "[email protected]",
        "name": "Taylor Smith",
        "identityProvider": "bim",
        "profileId": "1",
        "type": "USER_ACTOR"
    },
    "action": "CREATE",
    "tenantId": "your-immuta-tenant.com",
    "auditPayload": {
        "domain": {
            "description": "A domain for financial data.",
            "name": "Finance Domain",
            "domainType": "DOMAIN",
            "id": "11e7011d-a365-4933-abcb-d5febc03d310"
        },
        "version": 1,
        "type": "DomainCreatedAuditPayload"
    },
    "relatedResources": [],
    "targets": [
        {
            "name": "Finance Domain",
            "domainType": "domain",
            "type": "DOMAIN",
            "id": "11e7011d-a365-4933-abcb-d5febc03d310"
        }
    ],
    "eventTimestamp": "2023-12-20T20:01:03.065Z"
}

DomainDataSourcesUpdated event

Event: DomainDataSourcesUpdated
Legacy events: collectionDataSourceAdded, collectionDataSourceRemoved, and collectionDataSourceUpdated
Description: Data sources are assigned to or removed from the domain.
Additional parameter details: auditPayload.updateType will specify whether the data source was added to or removed from the domain.

{
    "action": "MODIFY_DOMAIN",
    "tenantId": "your-immuta-tenant.com",
    "actionStatus": "SUCCESS",
    "targetType": "DOMAIN",
    "modifiedResourceType": "DATASOURCE",
    "actor": {
        "type": "USER_ACTOR",
        "profileId": "1",
        "identityProvider": "bim",
        "name": "Taylor Smith",
        "id": "[email protected]"
    },
    "id": "bef14718-5fa8-4891-bb9e-47f7a332a70b",
    "eventTimestamp": "2023-12-20T20:23:14.432Z",
    "auditPayload": {
        "updateType": "ADD",
        "version": 1,
        "type": "DomainDataSourcesUpdatedAuditPayload"
    },
    "receivedTimestamp": "2023-12-20T20:23:14.456Z",
    "relatedResources": [
        {
            "name": "Public case",
            "type": "DATASOURCE",
            "technology": "POSTGRESQL",
            "id": "381"
        }
    ],
    "targets": [
        {
            "id": "11e7011d-a365-4933-abcb-d5febc03d310",
            "name": "Finance Domain",
            "domainType": "domain",
            "type": "DOMAIN"
        }
    ]
}

DomainDeleted event

Event: DomainDeleted
Legacy event: collectionDeleted
Description: A domain is deleted.

{
    "relatedResources": [],
    "targets": [
        {
            "type": "DOMAIN",
            "name": "Finance Domain",
            "domainType": "DOMAIN",
            "id": "6eb5a6df-67d8-4de7-adbd-24eb7271eaea"
        }
    ],
    "auditPayload": {
        "version": 1,
        "domain": {
            "id": "6eb5a6df-67d8-4de7-adbd-24eb7271eaea",
            "name": "Finance Domain",
            "domainType": "DOMAIN"
        },
        "type": "DomainDeletedAuditPayload"
    },
    "eventTimestamp": "2023-12-20T20:21:13.981Z",
    "actor": {
        "id": "[email protected]",
        "identityProvider": "bim",
        "name": "Taylor Smith",
        "profileId": "1",
        "type": "USER_ACTOR"
    },
    "tenantId": "your-immuta-tenant.com",
    "action": "DELETE",
    "requestId": "7884603d-8911-5f33-a9a7-d8560eb49a89",
    "receivedTimestamp": "2023-12-20T20:21:14.077Z",
    "id": "3a82ceb6-6592-4ddf-9055-6920d87bba32",
    "actionStatus": "SUCCESS",
    "targetType": "DOMAIN",
    "sessionId": "227c3dbbbfe78ecd693c84979a930c22",
    "actorIp": "xxx.xx.xx.xx"
}

DomainPermissionsUpdated event

Event: DomainPermissionsUpdated
Legacy events: collectionPermissionGranted and collectionPermissionRevoked
Description: A domain-specific permission is applied to or removed from a user or group.
Additional parameter details: auditPayload.updateType will specify whether the permission was granted to or revoked from a user.

{
    "eventTimestamp": "2023-12-20T20:01:03.065Z",
    "relatedResources": [
        {
            "type": "USER",
            "name": "Taylor Smith",
            "identityProvider": "bim",
            "profileId": "1",
            "id": "[email protected]"
        },
        {
            "type": "USER",
            "profileId": "1",
            "name": "Taylor Smith",
            "identityProvider": "bim",
            "id": "[email protected]"
        }
    ],
    "targets": [
        {
            "name": "Finance Domain",
            "domainType": "domain",
            "type": "DOMAIN",
            "id": "11e7011d-a365-4933-abcb-d5febc03d310"
        }
    ],
    "auditPayload": {
        "updateType": "GRANT",
        "version": 1,
        "permissionUpdates": [
            {
                "permission": "MANAGE_POLICIES",
                "profileId": "1"
            }
        ],
        "type": "DomainPermissionsUpdatedAuditPayload"
    },
    "tenantId": "your-immuta-tenant.com",
    "action": "MODIFY_DOMAIN",
    "actor": {
        "identityProvider": "bim",
        "name": "Taylor Smith",
        "profileId": "1",
        "type": "USER_ACTOR",
        "id": "[email protected]"
    },
    "modifiedResourceType": "USER",
    "id": "377ee78b-74da-4466-bdc1-22d531c1f61c",
    "requestId": "460ce02b-30d5-5e68-bff0-b31e6ea44ba0",
    "receivedTimestamp": "2023-12-20T20:01:03.576Z",
    "actorIp": "xxx.xx.xx.xx",
    "sessionId": "227c3dbbbfe78ecd693c84979a930c22",
    "targetType": "DOMAIN",
    "actionStatus": "SUCCESS"
}

DomainUpdated event

Event: DomainUpdated
Legacy event: collectionUpdated
Description: A domain's details (name, description, settings etc.) are updated.

{
    "id": "d61d6ac9-2897-4d34-84f3-16181ddb9212",
    "sessionId": "adba345c6949d7f7761367c0769b983d",
    "requestId": "9a64147e-5b57-5905-9e7c-54b5a5c461c8",
    "action": "UPDATE",
    "actionStatus": "SUCCESS",
    "actor": {
        "name": "Taylor Smith",
        "id": "[email protected]",
        "identityProvider": "bim",
        "profileId": "1",
        "type": "USER_ACTOR"
    },
    "actorIp": "xxx.xx.xx.xx",
    "tenantId": "your-immuta-tenant.com",
    "targetType": "DOMAIN",
    "targets": [
        {
            "type": "DOMAIN",
            "id": "69347b14-1cda-41e1-9186-e85853158299",
            "name": "Finance Domain v2",
            "domainType": "domain"
        }
    ],
    "relatedResources": [],
    "auditPayload": {
        "type": "DomainUpdatedAuditPayload",
        "modifiedFields": [
            "name",
            "description"
        ],
        "domain": {
            "id": "69347b14-1cda-41e1-9186-e85853158299",
            "name": "Finance Domain v2",
            "description": "Only use for finance tables."
        },
        "version": 1
    },
    "eventTimestamp": "2023-12-12T18:26:29.618Z",
    "receivedTimestamp": "2023-12-12T18:26:32.472Z"
}

GlobalPolicyApprovalRescinded event

Event: GlobalPolicyApprovalRescinded
Legacy event: globalPolicyApprovalRescinded
Description: The approval for a global policy is rescinded with the approve to promote feature (private preview).

{
    "targets": [
        {
            "id": "12",
            "type": "GLOBAL_POLICY",
            "name": "Mask PII",
            "policyKey": "mask pii"
        }
    ],
    "actorIp": "xxx.xx.xx.xx",
    "sessionId": "c6eb428b869864f798f17fd7d5d0215a",
    "requestId": "10a78dee-6181-52dd-8b68-5461b6172e40",
    "actor": {
        "name": "Deepu Murty",
        "profileId": "999111223",
        "identityProvider": "bim",
        "id": "[email protected]",
        "type": "USER_ACTOR"
    },
    "receivedTimestamp": "2023-11-03T18:23:25.966Z",
    "id": "5ff5640f-4fc3-4634-a0e2-c625e0ffb447",
    "targetType": "GLOBAL_POLICY",
    "tenantId": "your-immuta-tenant.com",
    "actionStatus": "SUCCESS",
    "action": "GLOBAL_POLICY_APPROVAL_RESCINDED",
    "eventTimestamp": "2023-11-03T18:23:25.861Z",
    "auditPayload": {
        "comment": "This policy isn't ready for production. Please mask PII.",
        "type": "GlobalPolicyApprovalRescindedAuditPayload",
        "approvalRequestId": "2",
        "version": 1
    },
    "relatedResources": []
}

GlobalPolicyApproved event

Event: GlobalPolicyApproved
Legacy event: globalPolicyApproved
Description: A global policy is approved with the approve to promote feature (private preview).

{
    "auditPayload": {
        "comment": "This policy looks good for production.",
        "approvalRequestId": "2",
        "type": "GlobalPolicyApprovedAuditPayload",
        "version": 1
    },
    "relatedResources": [],
    "tenantId": "your-immuta-tenant.com",
    "actionStatus": "SUCCESS",
    "action": "GLOBAL_POLICY_APPROVED",
    "eventTimestamp": "2023-11-03T18:22:12.040Z",
    "actor": {
        "name": "Deepu Murty",
        "type": "USER_ACTOR",
        "id": "[email protected]",
        "identityProvider": "bim",
        "profileId": "999111223"
    },
    "receivedTimestamp": "2023-11-03T18:22:12.153Z",
    "id": "271dc5ff-b23e-4da6-8066-91a35fda02e4",
    "targetType": "GLOBAL_POLICY",
    "targets": [
        {
            "name": "Mask PII",
            "policyKey": "mask pii",
            "type": "GLOBAL_POLICY",
            "id": "12"
        }
    ],
    "actorIp": "xxx.xx.xx.xx",
    "sessionId": "c6eb428b869864f798f17fd7d5d0215a",
    "requestId": "50863cf9-6a8a-5299-89e2-200771eab62c"
}

GlobalPolicyChangeRequested event

Event: GlobalPolicyChangeRequested
Legacy event: globalPolicyChangeRequested
Description: A change to a global policy is requested with the approve to promote feature (private preview).

{
    "eventTimestamp": "2023-11-03T18:20:16.483Z",
    "action": "GLOBAL_POLICY_CHANGE_REQUESTED",
    "tenantId": "your-immuta-tenant.com",
    "actionStatus": "SUCCESS",
    "relatedResources": [],
    "auditPayload": {
        "approvalRequestId": "1",
        "type": "GlobalPolicyChangeRequestedAuditPayload",
        "comment": "Please add additional controls on personal data.",
        "version": 1
    },
    "requestId": "4afc86e6-dee6-5756-b02e-b22e92d237c4",
    "sessionId": "be1e7a02ba2a5e65a6848c752ee0838b",
    "targets": [
        {
            "name": "Mask PII",
            "policyKey": "mask pii",
            "type": "GLOBAL_POLICY",
            "id": "12"
        }
    ],
    "actorIp": "xxx.xx.xx.xx",
    "id": "77277757-331a-4a13-ba21-cbfeab01d47f",
    "targetType": "GLOBAL_POLICY",
    "receivedTimestamp": "2023-11-03T18:20:16.581Z",
    "actor": {
        "profileId": "999111223",
        "id": "[email protected]",
        "identityProvider": "bim",
        "type": "USER_ACTOR",
        "name": "Deepu Murty"
    }
}

GlobalPolicyCreated event

Event: GlobalPolicyCreated
Legacy event: globalPolicyCreate
Description: A global policy is created.

{
    "targetType": "GLOBAL_POLICY",
    "id": "aac7cb75-c6ec-48ed-a11e-f6d8bf29dfe6",
    "relatedResources": [],
    "actor": {
        "id": "[email protected]",
        "profileId": "1",
        "identityProvider": "bim",
        "name": "Taylor Smith",
        "type": "USER_ACTOR"
    },
    "actionStatus": "SUCCESS",
    "sessionId": "517a11643dcdbba0b5ba30d49ee7a334",
    "auditPayload": {
        "type": "GlobalPolicyCreatedAuditPayload",
        "policy": {
            "type": "DATA",
            "actions": [
                {
                    "type": "DATA",
                    "rules": [
                        {
                            "type": "MASKING_HASH",
                            "columnCondition": {
                                "type": "TAG",
                                "tags": ["Testing"]
                            },
                            "exceptions": null
                        }
                    ],
                    "dataPolicyType": "MASKING",
                    "rationale": null
                }
            ],
            "circumstance": {
                "conditions": [
                    {
                        "type": "TAG",
                        "tagType": "COLUMN",
                        "tag": "Testing"
                    }
                ],
                "operator": "any",
                "type": "CONDITIONAL"
            }
        }
    },
    "targets": [
        {
            "policyKey": "mask pii",
            "type": "GLOBAL_POLICY",
            "name": "Mask PII",
            "id": "5"
        }
    ],
    "action": "CREATE",
    "eventTimestamp": "2023-05-10T18:29:39.438Z",
    "actorIp": "xxx.xx.xx.xx",
    "requestId": "2b126931-7a15-5678-99c4-11f0c5b40365",
    "receivedTimestamp": "2023-05-10T18:29:39.636Z",
    "tenantId": "your-immuta-tenant.com"
}

GlobalPolicyDeleted event

Event: GlobalPolicyDeleted
Legacy event: globalPolicyDelete
Description: A global policy is deleted.

{
    "requestId": "12674fb7-4b90-5500-906f-7277a240e0f8",
    "eventTimestamp": "2023-09-13T19:42:53.029Z",
    "actorIp": "xxx.xx.xx.xx",
    "tenantId": "your-immuta-tenant.com",
    "receivedTimestamp": "2023-09-13T19:42:53.157Z",
    "id": "d8cb76a2-516d-41f7-98d9-1cb616b759a4",
    "targetType": "GLOBAL_POLICY",
    "actionStatus": "SUCCESS",
    "actor": {
        "name": "Taylor Smith",
        "identityProvider": "bim",
        "type": "USER_ACTOR",
        "id": "[email protected]",
        "profileId": "1"
    },
    "relatedResources": [],
    "auditPayload": {
        "version": 1,
        "policy": {
            "actions": [
                {
                    "subscriptionPolicyType": "AUTOMATIC",
                    "type": "SUBSCRIPTION",
                    "rationale": null,
                    "accessGrant": "READ"
                }
            ],
            "type": "SUBSCRIPTION",
            "circumstance": {
                "type": "WHEN_SELECTED"
            }
        },
        "type": "GlobalPolicyDeletedAuditPayload"
    },
    "sessionId": "2d48cc8df46b3b3eedf543f4192b6726",
    "action": "DELETE",
    "targets": [
        {
            "policyKey": "mask pii",
            "type": "GLOBAL_POLICY",
            "name": "Mask PII",
            "id": "6"
        }
    ]
}

GlobalPolicyPromoted event

Event: GlobalPolicyPromoted
Legacy event: globalPolicyPromoted
Description: A global policy is promoted to production with the approve to promote feature (private preview).

{
    "sessionId": "89fc6c8f7b6e04d9b9d4f720dbd84890",
    "requestId": "6abef8eb-6acb-5364-9a88-7479b03227cf",
    "actorIp": "xxx.xx.xx.xx",
    "targets": [
        {
            "name": "Mask PII",
            "policyKey": "maks pii",
            "type": "GLOBAL_POLICY",
            "id": "12"
        }
    ],
    "receivedTimestamp": "2023-11-08T14:57:36.465Z",
    "targetType": "GLOBAL_POLICY",
    "id": "990f260b-eef6-4eed-8f71-f48c8e9b88cb",
    "actor": {
        "name": "Taylor Smith",
        "identityProvider": "bim",
        "id": "[email protected]",
        "profileId": "1",
        "type": "USER_ACTOR"
    },
    "eventTimestamp": "2023-11-08T14:57:36.387Z",
    "tenantId": "your-immuta-tenant.com",
    "actionStatus": "SUCCESS",
    "action": "GLOBAL_POLICY_PROMOTED",
    "auditPayload": {
        "type": "GlobalPolicyPromotedAuditPayload",
        "policyName": "Mask PII",
        "version": 1,
        "policyId": "12"
    },
    "relatedResources": []
}

GlobalPolicyReviewRequested event

Event: GlobalPolicyReviewRequested
Legacy event: globalPolicyReviewRequested
Description: A review is requested for a global policy with the approve to promote feature (private preview).

{
    "targetType": "GLOBAL_POLICY",
    "id": "a26fa653-e545-4a34-9488-d7f1b92379d0",
    "receivedTimestamp": "2023-11-03T18:16:30.588Z",
    "actor": {
        "name": "Taylor Smith",
        "type": "USER_ACTOR",
        "profileId": "1",
        "identityProvider": "bim",
        "id": "[email protected]"
    },
    "requestId": "9a03030a-09ef-5d2b-abea-b65305901e9b",
    "sessionId": "1f468d12a437bceb59b71054d6ad8bf8",
    "actorIp": "xxx.xx.xx.xx",
    "targets": [
        {
            "name": "Mask PII",
            "policyKey": "mask pii",
            "type": "GLOBAL_POLICY",
            "id": "12"
        }
    ],
    "relatedResources": [],
    "auditPayload": {
        "type": "GlobalPolicyReviewRequestedAuditPayload",
        "approvalRequestId": "1",
        "version": 1
    },
    "eventTimestamp": "2023-11-03T18:16:30.281Z",
    "action": "GLOBAL_POLICY_REVIEW_REQUESTED",
    "tenantId": "your-immuta-tenant.com",
    "actionStatus": "SUCCESS"
}

GlobalPolicyUpdated event

Event: GlobalPolicyUpdated
Legacy event: globalPolicyUpdate
Description: A global policy is updated.

{
    "tenantId": "your-immuta-tenant.com",
    "receivedTimestamp": "2023-10-24T18:06:21.278Z",
    "eventTimestamp": "2023-10-24T18:06:21.155Z",
    "actorIp": "xxx.xx.xx.xx",
    "requestId": "c2554ade-fbea-54b4-bfa5-a652d8a34309",
    "actionStatus": "SUCCESS",
    "relatedResources": [],
    "actor": {
        "type": "USER_ACTOR",
        "name": "Taylor Smith",
        "identityProvider": "bim",
        "profileId": "1",
        "id": "[email protected]"
    },
    "id": "f2346f5b-07b3-4f71-a0e1-9635e3b7cacc",
    "targetType": "GLOBAL_POLICY",
    "targets": [
        {
            "id": "7",
            "policyKey": "mask pii",
            "type": "GLOBAL_POLICY",
            "name": "Mask PII"
        }
    ],
    "action": "UPDATE",
    "auditPayload": {
        "version": 1,
        "policy": {
            "circumstance": {
                "type": "WHEN_SELECTED"
            },
            "actions": [
                {
                    "dataPolicyType": "MASKING",
                    "type": "DATA",
                    "rules": [
                        {
                            "type": "MASKING_HASH",
                            "columnCondition": {
                                "tags": ["AuditTesting"],
                                "type": "TAG"
                            },
                            "exceptions": null
                        }
                    ],
                    "rationale": null
                }
            ],
            "type": "DATA",
            "certification": {
                "label": "Personal information certification",
                "tags": ["AuditTesting"],
                "description": "I certify that I understand this data source contains personally identifiable information and will use the data appropriately and responsibly to the company policies."
            }
        },
        "type": "GlobalPolicyUpdatedAuditPayload"
    },
    "sessionId": "1a8a16c58f29172d9a59224030617184"
}

GroupCreated event

Event: GroupCreated
Legacy event: accessGroup
Description: A group is created in Immuta by user actions in the UI or ingested from an external IAM.

{
    "sessionId": "c3e76e5f809b74fabe0975bcac5e0fca",
    "auditPayload": {
        "version": 1,
        "groupIdProvider": "bim",
        "name": "HR",
        "groupId": "6",
        "type": "GroupCreatedAuditPayload"
    },
    "action": "CREATE",
    "targets": [
        {
            "id": "6",
            "identityProvider": "bim",
            "name": "HR",
            "type": "GROUP"
        }
    ],
    "targetType": "GROUP",
    "id": "24b9bce7-e255-47ed-8aa1-fefde19be539",
    "relatedResources": [],
    "actor": {
        "type": "USER_ACTOR",
        "identityProvider": "bim",
        "name": "Taylor Smith",
        "profileId": "1",
        "id": "[email protected]"
    },
    "actionStatus": "SUCCESS",
    "eventTimestamp": "2023-12-19T21:18:23.711Z",
    "actorIp": "xxx.xx.xx.xx",
    "requestId": "a37ee299-cc6b-531b-8af1-891d853af995",
    "receivedTimestamp": "2023-12-19T21:18:24.040Z",
    "tenantId": "your-immuta-tenant.com"
}

GroupDeleted event

Event: GroupDeleted
Legacy event: accessGroup
Description: A group is deleted in Immuta by user actions in the UI or from within an external IAM.

{
    "actorIp": "xxx.xx.xx.xx",
    "eventTimestamp": "2023-12-19T21:18:25.891Z",
    "requestId": "92e7ba98-144b-502d-beae-48ceb865cdcf",
    "receivedTimestamp": "2023-12-19T21:18:26.161Z",
    "tenantId": "your-immuta-tenant.com",
    "sessionId": "60e86f7be389dc21b11bdc4a5b6d6974",
    "auditPayload": {
        "name": "HR",
        "groupIdProvider": "bim",
        "groupId": "6",
        "type": "GroupDeletedAuditPayload",
        "version": 1
    },
    "targets": [
        {
            "id": "6",
            "type": "GROUP",
            "name": "HR",
            "identityProvider": "bim"
        }
    ],
    "action": "DELETE",
    "targetType": "GROUP",
    "id": "45efee34-2147-4ea9-bc3f-9f88addaaa2a",
    "relatedResources": [],
    "actor": {
        "identityProvider": "bim",
        "name": "Taylor Smith",
        "type": "USER_ACTOR",
        "id": "[email protected]",
        "profileId": "1"
    },
    "actionStatus": "SUCCESS"
}

GroupMemberAdded event

Event: GroupMemberAdded
Legacy event: accessGroup
Description: A user is added to a group in Immuta by user actions in the UI or from within an external IAM.

{
    "sessionId": "5ff64ed8fe0a194b074415a73d4f9201",
    "id": "93e2dade-fd6f-4c13-8274-e9dd843bb990",
    "actorIp": "xxx.xx.xx.xx",
    "tenantId": "your-immuta-tenant.com",
    "targets": [
        {
            "name": "HR",
            "id": "3",
            "identityProvider": "bim",
            "type": "GROUP"
        }
    ],
    "receivedTimestamp": "2024-01-17T13:32:15.929Z",
    "actionStatus": "SUCCESS",
    "eventTimestamp": "2024-01-17T13:32:15.755Z",
    "relatedResources": [
        {
            "type": "USER",
            "identityProvider": "bim",
            "name": "Deepu Murty",
            "id": "[email protected]",
            "profileId": "999111223"
        }
    ],
    "targetType": "GROUP",
    "actor": {
        "identityProvider": "bim",
        "type": "USER_ACTOR",
        "profileId": "1",
        "id": "[email protected]",
        "name": "Taylor Smith"
    },
    "action": "MEMBER_ADD",
    "auditPayload": {
        "type": "GroupMemberAddedAuditPayload",
        "version": 1,
        "userIdProvider": "bim",
        "groupId": "3",
        "userId": "[email protected]"
    },
    "requestId": "e12e42ab-5ba5-54f4-9ff9-61e27c131d6d"
}

GroupMemberRemoved event

Event: GroupMemberRemoved
Legacy event: accessGroup
Description: A user is removed from a group in Immuta by user actions in the UI or from within an external IAM.

{
    "targetType": "GROUP",
    "receivedTimestamp": "2024-01-17T13:27:04.061Z",
    "actionStatus": "SUCCESS",
    "relatedResources": [],
    "eventTimestamp": "2024-01-17T13:27:03.841Z",
    "auditPayload": {
        "groupId": "3",
        "version": 1,
        "type": "GroupMemberRemovedAuditPayload"
    },
    "requestId": "73a295d1-504a-507c-ba6d-9a72f2b34b16",
    "actor": {
        "identityProvider": "bim",
        "type": "USER_ACTOR",
        "profileId": "1",
        "id": "[email protected]",
        "name": "Taylor Smith"
    },
    "action": "MEMBER_REMOVE",
    "actorIp": "xxx.xx.xx.xx",
    "targets": [
        {
            "id": "3",
            "name": "HR",
            "type": "GROUP",
            "identityProvider": "bim"
        }
    ],
    "tenantId": "your-immuta-tenant.com",
    "sessionId": "5ff64ed8fe0a194b074415a73d4f9201",
    "id": "5201799f-2472-4b9d-ba5c-db32e06a0bfa"
}

GroupUpdated event

Event: GroupUpdated
Legacy event: accessGroup
Description: A group's details (email, name, description, etc.) are updated.

{
    "targetType": "GROUP",
    "actionStatus": "SUCCESS",
    "relatedResources": [],
    "eventTimestamp": "2023-12-19T21:18:32.490Z",
    "receivedTimestamp": "2023-12-19T21:18:32.767Z",
    "requestId": "09ecbab3-803e-5eff-bc15-b07fcf57260b",
    "auditPayload": {
        "name": "Human Resources Department",
        "groupIdProvider": "bim",
        "groupId": "8",
        "version": 1,
        "type": "GroupUpdatedAuditPayload"
    },
    "action": "UPDATE",
    "actor": {
        "profileId": "1",
        "id": "[email protected]",
        "name": "Taylor Smith",
        "identityProvider": "bim",
        "type": "USER_ACTOR"
    },
    "tenantId": "your-immuta-tenant.com",
    "targets": [
        {
            "type": "GROUP",
            "identityProvider": "bim",
            "name": "Human Resources Department",
            "id": "8"
        }
    ],
    "actorIp": "xxx.xx.xx.xx",
    "id": "f4cd509d-587e-4bc4-9c0f-87ca6e122d1a",
    "sessionId": "320b8c29c32ce2407b00e0de98546528"
}

LicenseCreated event

Event: LicenseCreated
Legacy event: licenseCreate
Description: An Immuta license is created.

{
    "id": "c1a74870-ff01-43bf-8b2e-928b6fccb6ae",
    "sessionId": "bdf4e26e67f4e3ceeb93705b639f8768",
    "requestId": "4c48deb8-4e4d-5705-be82-fae9e165967a",
    "action": "CREATE",
    "actionStatus": "SUCCESS",
    "actor": {
        "name": "Taylor Smith",
        "id": "[email protected]",
        "identityProvider": "bim",
        "profileId": "1",
        "type": "USER_ACTOR"
    },
    "actorIp": "xxx.xx.xx.xx",
    "tenantId": "your-immuta-tenant.com",
    "targetType": "LICENSE",
    "targets": [
        {
            "type": "LICENSE",
            "id": "2",
            "name": "2"
        }
    ],
    "relatedResources": [],
    "auditPayload": {
        "type": "LicenseCreatedAuditPayload",
        "version": 1,
        "licenseKey": "a-unique-license-key"
    },
    "eventTimestamp": "2024-03-08T18:34:30.028Z",
    "receivedTimestamp": "2024-03-08T18:34:30.475Z"
}

LicenseDeleted event

Event: LicenseDeleted
Legacy event: licenseDelete
Description: An Immuta license is deleted.

{
    "id": "e7a22a3c-8b08-48e7-a648-3b6946b085e4",
    "sessionId": "0c52d87dd0437dd90b48bfd66e7cf3dd",
    "requestId": "50c29e76-6f24-5a66-9acb-1c298496377e",
    "action": "DELETE",
    "actionStatus": "SUCCESS",
    "actor": {
        "name": "Taylor Smith",
        "id": "[email protected]",
        "identityProvider": "bim",
        "profileId": "1",
        "type": "USER_ACTOR"
    },
    "actorIp": "xxx.xx.xx.xx",
    "tenantId": "your-immuta-tenant.com",
    "targetType": "LICENSE",
    "targets": [
        {
            "type": "LICENSE",
            "id": "2",
            "name": "2"
        }
    ],
    "relatedResources": [],
    "auditPayload": {
        "type": "LicenseDeletedAuditPayload",
        "version": 1,
        "id": "2"
    },
    "eventTimestamp": "2024-03-08T18:38:12.382Z",
    "receivedTimestamp": "2024-03-08T18:38:12.457Z"
}

LocalPolicyCreated event

Event: LocalPolicyCreated
Legacy event: policyHandlerCreate
Description: A local policy is created on a data source.

{
    "targetType": "LOCAL_POLICY",
    "actionStatus": "SUCCESS",
    "eventTimestamp": "2023-10-13T18:16:19.643Z",
    "relatedResources": [
        {
            "id": "129",
            "name": "Public case",
            "type": "DATASOURCE",
            "technology": "POSTGRESQL"
        }
    ],
    "receivedTimestamp": "2023-10-13T18:16:19.680Z",
    "auditPayload": {
        "type": "LocalPolicyCreatedAuditPayload",
        "policy": {
            "actions": [
                {
                    "rationale": null,
                    "rules": [
                        {
                            "exceptions": null,
                            "type": "MASKING_K_ANONYMIZATION",
                            "fields": ["c_birth_year", "c_birth_month", "c_birth_day"],
                            "kLevel": 8,
                            "ruleAppliedForUser": false
                        }
                    ],
                    "type": "DATA",
                    "global": false,
                    "dataPolicyType": "MASKING"
                }
            ],
            "type": "DATA"
        },
        "version": 1
    },
    "action": "CREATE",
    "actor": {
        "name": "Taylor Smith",
        "id": "[email protected]",
        "profileId": "1",
        "type": "USER_ACTOR",
        "identityProvider": "bim"
    },
    "tenantId": "your-immuta-tenant.com",
    "targets": [
        {
            "type": "LOCAL_POLICY",
            "name": "4",
            "id": "4",
            "datasource": {
                "id": "129",
                "name": "Public case",
                "type": "DATASOURCE",
                "technology": "POSTGRESQL"
            }
        }
    ],
    "id": "761a4044-1dec-4b9b-815f-d83c056ff61e"
}

LocalPolicyUpdated event

Event: LocalPolicyUpdated
Legacy event: policyHandlerUpdate
Description: A local policy is updated on a data source.

{
    "id": "c8066842-4c90-4b12-a108-232c93a5fe63",
    "targets": [],
    "tenantId": "your-immuta-tenant.com",
    "action": "UPDATE",
    "actor": {
        "profileId": "1",
        "name": "Taylor Smith",
        "id": "[email protected]",
        "identityProvider": "bim",
        "type": "USER_ACTOR"
    },
    "auditPayload": {
        "version": 1,
        "policyHandlerUpdateAction": "UPDATE",
        "policy": {
            "actions": [
                {
                    "subscriptionPolicyType": "AUTOMATIC",
                    "rationale": null,
                    "type": "SUBSCRIPTION",
                    "accessGrant": "READ",
                    "global": false,
                    "ruleAppliedForUser": true
                }
            ],
            "type": "SUBSCRIPTION"
        },
        "policyUpdateType": "SUBSCRIPTION",
        "type": "LocalPolicyUpdatedAuditPayload"
    },
    "actionStatus": "SUCCESS",
    "eventTimestamp": "2024-02-07T19:26:54.447Z",
    "relatedResources": [
        {
            "id": "1124",
            "name": "Public case",
            "technology": "SNOWFLAKE",
            "type": "DATASOURCE"
        }
    ],
    "receivedTimestamp": "2024-02-07T19:26:54.478Z",
    "targetType": "LOCAL_POLICY"
}

PermissionApplied event

Event: PermissionApplied
Legacy event: accessUser
Description: A global permission is applied to a user.

{
    "id": "d18cbe70-a620-4ae4-a82a-a24249832e12",
    "sessionId": "86d602c9d57fcc55e103ee7a5fa650dc",
    "requestId": "749dd9dd-e06f-5781-ad7e-91c002ed5043",
    "action": "PERMISSION_APPLY",
    "actionStatus": "SUCCESS",
    "actor": {
        "name": "Taylor Smith",
        "id": "[email protected]",
        "identityProvider": "bim",
        "profileId": "1",
        "type": "USER_ACTOR"
    },
    "actorIp": "xxx.xx.xx.xx",
    "tenantId": "your-immuta-tenant.com",
    "targetType": "USER",
    "targets": [
        {
            "name": "Deepu Murty",
            "id": "[email protected]",
            "identityProvider": "bim",
            "profileId": "999111223",
            "type": "USER"
        }
    ],
    "relatedResources": [
        {
            "name": "GOVERNANCE",
            "id": "GOVERNANCE",
            "type": "PERMISSION"
        }
    ],
    "auditPayload": {
        "type": "PermissionAppliedAuditPayload",
        "version": 1
    },
    "eventTimestamp": "2024-01-09T20:18:53.451Z",
    "receivedTimestamp": "2024-01-09T20:18:53.578Z"
}

PermissionRemoved event

Event: PermissionRemoved
Legacy event: accessUser
Description: A global permission is removed from a user.

{
    "id": "51481c15-e40d-419d-b510-bd8c47028069",
    "sessionId": "86d602c9d57fcc55e103ee7a5fa650dc",
    "requestId": "bd789b1a-580f-5d59-a6e0-d805a1464114",
    "action": "PERMISSION_REMOVE",
    "actionStatus": "SUCCESS",
    "actor": {
        "name": "Taylor Smith",
        "id": "[email protected]",
        "identityProvider": "bim",
        "profileId": "1",
        "type": "USER_ACTOR"
    },
    "actorIp": "xxx.xx.xx.xx",
    "tenantId": "your-immuta-tenant.com",
    "targetType": "USER",
    "targets": [
        {
            "name": "Deepu Murty",
            "id": "[email protected]",
            "identityProvider": "bim",
            "profileId": "999111223",
            "type": "USER"
        }
    ],
    "relatedResources": [
        {
            "name": "CREATE_PROJECT",
            "id": "CREATE_PROJECT",
            "type": "PERMISSION"
        },
        {
            "name": "GOVERNANCE",
            "id": "GOVERNANCE",
            "type": "PERMISSION"
        }
    ],
    "auditPayload": {
        "type": "PermissionRemovedAuditPayload",
        "version": 1
    },
    "eventTimestamp": "2024-01-09T20:22:02.326Z",
    "receivedTimestamp": "2024-01-09T20:22:02.451Z"
}

ProjectCreated event

Event: ProjectCreated
Legacy event: projectCreate
Description: A project is created.

{
    "action": "CREATE",
    "tenantId": "your-immuta-tenant.com",
    "actor": {
        "type": "USER_ACTOR",
        "identityProvider": "bim",
        "name": "Taylor Smith",
        "profileId": "1",
        "id": "[email protected]"
    },
    "eventTimestamp": "2023-09-13T13:43:04.225Z",
    "auditPayload": {
        "equalization": null,
        "projectKey": "hr",
        "purposes": [],
        "disabled": false,
        "type": "ProjectCreatedAuditPayload",
        "datasources": [],
        "allowMaskedJoins": false,
        "stagedPurposes": [],
        "projectId": "6",
        "version": 1,
        "name": "HR",
        "description": null,
        "tags": [],
        "documentation": "# A project for all internal employee data for HR use."
    },
    "targets": [
        {
            "id": "6",
            "type": "PROJECT",
            "projectKey": "hr",
            "name": "HR"
        }
    ],
    "relatedResources": [],
    "actorIp": "xxx.xx.xx.xx",
    "sessionId": "cdbffff8804103418350947c6586712c",
    "actionStatus": "SUCCESS",
    "targetType": "PROJECT",
    "id": "8d6da097-b5d8-4f19-8737-9c1d8e453f93",
    "receivedTimestamp": "2023-09-13T13:43:04.515Z",
    "requestId": "49b37341-83d2-576c-a560-29b224654c4e"
}

ProjectDeleted event

Event: ProjectDeleted
Legacy event: projectDelete
Description: A project is deleted.

{
    "auditPayload": {
        "projectId": "2",
        "projectKey": "hr",
        "type": "ProjectDeletedAuditPayload",
        "name": "HR"
    },
    "requestId": "47ea1ce0-6464-54e3-8e0c-f7afaccd75a0",
    "actor": {
        "profileId": "1",
        "id": "[email protected]",
        "name": "Taylor Smith",
        "identityProvider": "bim",
        "type": "USER_ACTOR"
    },
    "action": "DELETE",
    "targetType": "PROJECT",
    "receivedTimestamp": "2023-04-14T16:07:13.416Z",
    "relatedResources": [],
    "eventTimestamp": "2023-04-14T16:07:12.647Z",
    "actionStatus": "SUCCESS",
    "actorIp": "127.0.0.1",
    "tenantId": "your-immuta-tenant.com",
    "targets": [
        {
            "name": "HR",
            "id": "2",
            "type": "PROJECT",
            "projectKey": "hr"
        }
    ],
    "sessionId": "635b928a3ba5001076f2ca6da4328be0",
    "id": "37350b53-6e39-4ff9-bdb8-300df04aa1e0"
}

ProjectDisabled event

Event: ProjectDisabled
Legacy events: None
Description: A project is disabled.

{
    "id": "d890dfb0-72ed-4c29-8a06-68ba5868a1ca",
    "sessionId": "dda1a16c5446bc2309df1e37d8483e2c",
    "tenantId": "your-immuta-tenant.com",
    "targets": [
        {
            "name": "HR",
            "id": "7",
            "projectKey": "hr",
            "type": "PROJECT"
        }
    ],
    "actorIp": "xxx.xx.xx.xx",
    "action": "DISABLE",
    "actor": {
        "profileId": "1",
        "id": "[email protected]",
        "name": "Taylor Smith",
        "identityProvider": "bim",
        "type": "USER_ACTOR"
    },
    "requestId": "ff7875f4-07ff-5349-a321-d9e59aaf97b5",
    "auditPayload": {
        "type": "ProjectDisabledAuditPayload",
        "projectKey": "hr",
        "version": 1,
        "projectId": "7",
        "name": "HR"
    },
    "actionStatus": "SUCCESS",
    "relatedResources": [],
    "eventTimestamp": "2023-12-23T13:32:57.895Z",
    "receivedTimestamp": "2023-12-23T13:32:58.072Z",
    "targetType": "PROJECT"
}

ProjectPurposeApproved event

Event: ProjectPurposeApproved
Legacy event: projectPurposeApprove
Description: A purpose is approved within a project.

{
    "targetType": "PROJECT",
    "receivedTimestamp": "2023-12-19T17:23:31.075Z",
    "eventTimestamp": "2023-12-19T17:23:17.425Z",
    "relatedResources": [
        {
            "type": "PURPOSE",
            "name": "NoiseReduced.Small",
            "id": "14"
        }
    ],
    "actionStatus": "SUCCESS",
    "auditPayload": {
        "purposeId": "14",
        "projectId": "2",
        "version": 1,
        "type": "ProjectPurposeApprovedAuditPayload"
    },
    "requestId": "ab8dcd0c-49d3-57ec-83a9-09516a9cc919",
    "actor": {
        "name": "Taylor Smith",
        "id": "[email protected]",
        "profileId": "1",
        "type": "USER_ACTOR",
        "identityProvider": "bim"
    },
    "action": "PURPOSE_APPROVE",
    "actorIp": "xxx.xx.xx.xx",
    "targets": [
        {
            "id": "2",
            "name": "HR",
            "type": "PROJECT",
            "projectKey": "hr"
        }
    ],
    "tenantId": "your-immuta-tenant.com",
    "sessionId": "ed785f4e8bffe89a43f815dd66a3c401",
    "id": "681e743c-0674-4e1f-bbc6-f64ac1b404bc"
}

ProjectPurposeDenied event

Event: ProjectPurposeDenied
Legacy event: projectPurposeDeny
Description: A purpose is denied within a project.

{
    "action": "PURPOSE_DENY",
    "actor": {
        "identityProvider": "bim",
        "type": "USER_ACTOR",
        "profileId": "1",
        "name": "Taylor Smith",
        "id": "[email protected]"
    },
    "requestId": "3a186491-f497-567c-8715-49a1e6b37077",
    "auditPayload": {
        "version": 1,
        "projectId": "11",
        "purposeId": "6",
        "type": "ProjectPurposeDeniedAuditPayload"
    },
    "relatedResources": [
        {
            "name": "Activities",
            "id": "6",
            "type": "PURPOSE"
        }
    ],
    "eventTimestamp": "2023-12-19T17:30:29.543Z",
    "actionStatus": "SUCCESS",
    "receivedTimestamp": "2023-12-19T17:30:32.388Z",
    "targetType": "PROJECT",
    "id": "f32dfb5e-f865-4c17-a25e-7ea37d568c03",
    "sessionId": "ed785f4e8bffe89a43f815dd66a3c401",
    "targets": [
        {
            "type": "PROJECT",
            "projectKey": "hr",
            "name": "HR",
            "id": "11"
        }
    ],
    "tenantId": "your-immuta-tenant.com",
    "actorIp": "xxx.xx.xx.xx"
}

ProjectPurposesAcknowledged event

Event: ProjectPurposesAcknowledged
Legacy event: acknowledgePurposes
Description: A user acknowledged a purpose within a project.

{
    "requestId": "ea287df8-2fd2-57c2-86c3-cdb421ec3f64",
    "auditPayload": {
        "purposes": [
            {
                "id": "5",
                "name": "Re-identification Prohibited.Expert Determination",
                "acknowledgement": "I agree to use the data associated with this project for the stated purpose of the project, and for that purpose only, as listed in the project's homepage, and to refrain from sharing that data outside of the project or Immuta, unless the data recipient is required to adhere to a data sharing protocol specifying relevant security arrangements.\n\nI acknowledge that combining the project data (and derivations thereof) with other data, including data produced in different projects or under different utility adjustments within the same project, can undermine the expert determination, and is therefore outside its scope.\n\nI also agree not to re-identify or take any steps to re-identify the individuals whose health information is contained in the data sources attached to the project. In the event that these individuals have been identified or that I discover risks that I believe could lead to their identification, I agree to immediately notify the project owner or governance team and take immediate action to address and mitigate such risks. I further agree to refrain from contacting any individuals who might be identified."
            }
        ],
        "subscriptionId": "8",
        "type": "ProjectPurposesAcknowledgedAuditPayload",
        "version": 1,
        "projectId": "2"
    },
    "action": "PURPOSE_ACKNOWLEDGE",
    "actor": {
        "id": "[email protected]",
        "name": "Taylor Smith",
        "profileId": "1",
        "type": "USER_ACTOR",
        "identityProvider": "bim"
    },
    "targetType": "PROJECT",
    "eventTimestamp": "2023-10-13T14:12:18.083Z",
    "relatedResources": [
        {
            "id": "5",
            "name": "Re-identification Prohibited.Expert Determination",
            "type": "PURPOSE"
        }
    ],
    "actionStatus": "SUCCESS",
    "receivedTimestamp": "2023-10-13T14:12:18.216Z",
    "tenantId": "your-immuta-tenant.com",
    "targets": [
        {
            "id": "2",
            "name": "HR",
            "type": "PROJECT",
            "projectKey": "hr"
        }
    ],
    "actorIp": "xxx.xx.xx.xx",
    "id": "d21f9673-7b96-4bbe-abca-8d0aaec67c87",
    "sessionId": "6b928653b1411078647a2764a72beca6"
}

ProjectUpdated event

Event: ProjectUpdated
Legacy event: projectPurposeDeny
Description: A project is updated.

{
    "sessionId": "6b928653b1411078647a2764a72beca6",
    "id": "b39e1295-bcd6-4117-8551-e2663a2541cb",
    "actorIp": "xxx.xx.xx.xx",
    "tenantId": "your-immuta-tenant.com",
    "targets": [
        {
            "id": "1",
            "name": "HR",
            "projectKey": "hr",
            "type": "PROJECT"
        }
    ],
    "receivedTimestamp": "2023-10-13T13:07:36.937Z",
    "eventTimestamp": "2023-10-13T13:07:36.626Z",
    "relatedResources": [],
    "actionStatus": "SUCCESS",
    "targetType": "PROJECT",
    "actor": {
        "type": "USER_ACTOR",
        "identityProvider": "bim",
        "id": "[email protected]",
        "name": "Taylor Smith",
        "profileId": "1"
    },
    "action": "UPDATE",
    "auditPayload": {
        "equalization": null,
        "type": "ProjectUpdatedAuditPayload",
        "projectId": "1",
        "version": 1
    },
    "requestId": "e162dd46-11d1-544b-af68-d71d4e033af5"
}

PurposeDeleted event

Event: PurposeDeleted
Legacy event: purposeDelete
Description: A purpose is deleted.

{
"id": "eafa29d6-d61f-4aab-a958-106f25bbfa0b",
"sessionId": "e3e0aba1e69c06dbf64710c889b3f2d8",
"requestId": "f5ef5320-2237-56cb-bc56-929a5e6f8299",
"action": "DELETE",
"actionStatus": "SUCCESS",
"actor": {
    "name": "Taylor Smith",
    "id": "[email protected]",
    "identityProvider": "bim",
    "profileId": "1",
    "type": "USER_ACTOR"
},
"actorIp": "xxx.xx.xx.xx",
"tenantId": "your-immuta-tenant.com",
"targetType": "PURPOSE",
"targets": [
    {
    "type": "PURPOSE",
    "id": "1",
    "name": "Human resources use"
    }
],
"relatedResources": [],
"auditPayload": {
    "id": "1",
    "name": "Human resources use"
},
"eventTimestamp": "2024-04-18T18:25:40.623Z",
"receivedTimestamp": "2024-04-18T18:25:40.864Z",
"type": "PurposeDeleted",
"version": "1.0.0"
}

PurposeUpdated event

Event: PurposeUpdated
Legacy event: purposeUpdate
Description: A purpose is updated.

{
"id": "eafa29d6-d61f-4aab-a958-106f25bbfa0b",
"sessionId": "e3e0aba1e69c06dbf64710c889b3f2d8",
"requestId": "f5ef5320-2237-56cb-bc56-929a5e6f8299",
"action": "UPDATE",
"actionStatus": "SUCCESS",
"actor": {
    "name": "Taylor Smith",
    "id": "[email protected]",
    "identityProvider": "bim",
    "profileId": "1",
    "type": "USER_ACTOR"
},
"actorIp": "xxx.xx.xx.xx",
"tenantId": "your-immuta-tenant.com",
"targetType": "PURPOSE",
"targets": [
    {
    "type": "PURPOSE",
    "id": "1",
    "name": "Human resources use"
    }
],
"relatedResources": [],
"auditPayload": {
    "type": "PurposeUpdatedAuditPayload",
    "description": "The data covered by the purpose should only be used by users within HR who will use this data for human resources purposes.",
    "name": "Human resources use",
    "acknowledgement": "I agree to use this data for internal human resources needs.",
    "subpurposes": []
},
"eventTimestamp": "2024-04-18T18:25:40.623Z",
"receivedTimestamp": "2024-04-18T18:25:40.864Z",
"type": "PurposeUpdated",
"version": "1.0.0"
}

PurposeUpserted event

Event: PurposeUpserted
Legacy event: purposeCreate
Description: A purpose is created.

{
"id": "eafa29d6-d61f-4aab-a958-106f25bbfa0b",
"sessionId": "e3e0aba1e69c06dbf64710c889b3f2d8",
"requestId": "f5ef5320-2237-56cb-bc56-929a5e6f8299",
"action": "UPSERT",
"actionStatus": "SUCCESS",
"actor": {
    "name": "Taylor Smith",
    "id": "[email protected]",
    "identityProvider": "bim",
    "profileId": "1",
    "type": "USER_ACTOR"
},
"actorIp": "xxx.xx.xx.xx",
"tenantId": "your-immuta-tenant.com",
"targetType": "PURPOSE",
"targets": [
    {
    "type": "PURPOSE",
    "id": "1",
    "name": "Human resources use"
    }
],
"relatedResources": [],
"auditPayload": {
    "type": "PurposeUpsertedAuditPayload",
    "description": "The data covered by the purpose should only be used by users within HR who will use this data for human resources purposes.",
    "name": "Human resources use",
    "acknowledgement": "I agree to use this data for internal human resources needs.",
    "subpurposes": []
},
"eventTimestamp": "2024-04-18T18:25:40.623Z",
"receivedTimestamp": "2024-04-18T18:25:40.864Z",
"type": "PurposeUpserted",
"version": "1.0.0"
}

SDDClassifierCreated event

Event: SDDClassifierCreated
Legacy event: sddClassifierCreated
Description: An identifier is created.
Additional parameter details:
- auditPayload.config.columnNameRegex: For column name regex identifiers, the regex to match against column names.
- auditPayload.config.values: For dictionary identifiers, the values within the dictionary to match against column values.
- auditPayload.config.regex: For regex identifiers, the regex to match against column values.

{
    "receivedTimestamp": "2023-12-22T20:37:08.243Z",
    "actor": {
        "type": "USER_ACTOR",
        "name": "Taylor Smith",
        "identityProvider": "bim",
        "id": "[email protected]",
        "profileId": "1"
    },
    "actorIp": "xxx.xx.xx.xx",
    "sessionId": "a21eddce1c9c1e18443ae04437e7c9c0",
    "action": "CREATE",
    "eventTimestamp": "2023-12-22T20:37:08.009Z",
    "actionStatus": "SUCCESS",
    "tenantId": "your-immuta-tenant.com",
    "targetType": "SDD_CLASSIFIER",
    "id": "b4aaefc0-2880-41cb-b3af-26f2fb83fd1f",
    "requestId": "f741e950-0a72-5c8a-8e18-5bd7af7d3d92",
    "auditPayload": {
        "displayName": "My Column Name Regex Rule",
        "name": "MY_COLUMN_NAME_REGEX_RULE",
        "classifierId": "73",
        "config": {
            "columnNameRegex": "salary",
            "tags": [
                {
                    "id": "22402",
                    "name": "Discovered.column-name-regex-salary",
                    "type": "TAG",
                    "source": "curated"
                }
            ]
        },
        "version": 1,
        "type": "SDDClassifierCreatedAuditPayload"
    },
    "relatedResources": [
        {
            "id": "22402",
            "name": "Discovered.column-name-regex-salary",
            "type": "TAG",
            "source": "curated"
        }
    ],
    "targets": [
        {
            "name": "MY_COLUMN_NAME_REGEX_RULE",
            "id": "73",
            "type": "SDD_CLASSIFIER"
        }
    ]
}

SDDClassifierDeleted event

Event: SDDClassifierDeleted
Legacy event: sddClassifierDeleted
Description: An identifier is deleted.

{
    "id": "253cf57a-7fe7-4be8-bdd8-9d2f8860bb21",
    "targetType": "SDD_CLASSIFIER",
    "actionStatus": "SUCCESS",
    "tenantId": "your-immuta-tenant.com",
    "relatedResources": [],
    "auditPayload": {
        "classifierId": "69",
        "name": "MY_DICTIONARY_RULE",
        "version": 1,
        "type": "SDDClassifierDeletedAuditPayload"
    },
    "requestId": "29e410fc-bdbe-528c-aaa0-6b75c42ad618",
    "actorIp": "xxx.xx.xx.xx",
    "receivedTimestamp": "2023-12-18T23:09:33.882Z",
    "actor": {
        "type": "USER_ACTOR",
        "id": "[email protected]",
        "name": "Taylor Smith",
        "identityProvider": "bim",
        "profileId": "1"
    },
    "eventTimestamp": "2023-12-18T23:09:33.792Z",
    "action": "DELETE",
    "sessionId": "78fe82a7524125f911881de1721cfca4"
}

SDDClassifierUpdated event

Event: SDDClassifierUpdated
Legacy event: sddClassifierUpdated
Description: An identifier is updated.
Additional parameter details:
- auditPayload.config.columnNameRegex: For column name regex identifiers, the regex to match against column names.
- auditPayload.config.values: For dictionary identifiers, the values within the dictionary to match against column values.
- auditPayload.config.regex: For regex identifiers, the regex to match against column values.

{
    "id": "4cae883b-9236-4052-a41a-893e3a734285",
    "sessionId": "3541001fcfa1e1e3dd7c26398cdfd3c6",
    "requestId": "e75761e9-c778-5e38-9933-f9ffd4192cb3",
    "action": "UPDATE",
    "actionStatus": "SUCCESS",
    "actor": {
        "name": "Taylor Smith",
        "id": "[email protected]",
        "identityProvider": "bim",
        "profileId": "1",
        "type": "USER_ACTOR"
    },
    "actorIp": "xxx.xx.xx.xx",
    "tenantId": "your-immuta-tenant.com",
    "targetType": "SDD_CLASSIFIER",
    "targets": [
        {
            "type": "SDD_CLASSIFIER",
            "id": "68",
            "name": "Email identifier"
        }
    ],
    "relatedResources": [
        {
            "type": "TAG",
            "name": "Discovered.Passport",
            "id": "8",
            "source": "curated"
        }
    ],
    "auditPayload": {
        "type": "SDDClassifierUpdatedAuditPayload",
        "version": 1,
        "classifierId": "68",
        "name": "Email identifier",
        "displayName": "A really cool new identifier updated",
        "config": {
            "tags": [
                {
                    "type": "TAG",
                    "name": "Discovered.Passport",
                    "id": "8",
                    "source": "curated"
                }
            ],
            "columnNameRegex": "^[A-Z_0-9]+$"
        }
    },
    "eventTimestamp": "2024-03-08T19:07:57.304Z",
    "receivedTimestamp": "2024-03-08T19:07:57.409Z"
}

SubscriptionCreated event

Event: SubscriptionCreated
Legacy events: dataSourceSubscription and projectSubscription
Description: A user is subscribed to a data source or project.
Additional parameter details: auditPayload.modelType will specify whether the user was subscribed to a DATASOURCE or PROJECT.

{
    "actor": {
        "id": "[email protected]",
        "profileId": "1",
        "name": "Taylor Smith",
        "identityProvider": "bim",
        "type": "USER_ACTOR"
    },
    "actionStatus": "SUCCESS",
    "targetType": "SUBSCRIPTION",
    "tenantId": "your-immuta-tenant.com",
    "action": "CREATE",
    "relatedResources": [
        {
            "id": "9",
            "name": "Public case",
            "type": "DATASOURCE",
            "technology": "SNOWFLAKE"
        },
        {
            "type": "USER",
            "name": "Taylor Smith",
            "identityProvider": "bim",
            "profileId": "1",
            "id": "[email protected]"
        }
    ],
    "targets": [
        {
            "subscriber": {
                "type": "USER",
                "identityProvider": "bim",
                "name": "Taylor Smith",
                "profileId": "1",
                "id": "[email protected]"
            },
            "model": {
                "id": "9",
                "type": "DATASOURCE",
                "technology": "SNOWFLAKE",
                "name": "Public case"
            },
            "id": "13",
            "type": "SUBSCRIPTION",
            "name": "13"
        }
    ],
    "auditPayload": {
        "modelType": "DATASOURCE",
        "subscriberId": "1",
        "subscriberType": "USER",
        "modelId": "9",
        "role": "OWNER",
        "isEntitlementsPolicyOverride": false,
        "type": "SubscriptionCreatedAuditPayload",
        "status": "APPROVED"
    },
    "receivedTimestamp": "2023-04-14T16:48:21.198Z",
    "eventTimestamp": "2023-04-14T16:48:21.159Z",
    "id": "1a0f362a-f1fd-417e-85c6-0fa7751a887e"
}

SubscriptionDeleted event

Event: SubscriptionUpdated
Legacy events: dataSourceSubscription and projectSubscription
Description: A user's subscription to a data source or project is removed.
Additional parameter details: auditPayload.modelType will specify whether the user's subscription was removed from a DATASOURCE or PROJECT.

{
    "sessionId": "d8f9584665be06ae1a8e3b881c2eb635",
    "targetType": "SUBSCRIPTION",
    "actionStatus": "SUCCESS",
    "actorIp": "xxx.xx.xx.xx",
    "receivedTimestamp": "2023-04-28T17:25:15.268Z",
    "requestId": "495a22d6-bea0-5758-a8a3-7f5cc3d7b8d6",
    "id": "b6d2108e-fe93-4f05-a347-cb84c51fa528",
    "actor": {
        "id": "[email protected]",
        "identityProvider": "bim",
        "name": "Taylor Smith",
        "profileId": "1",
        "type": "USER_ACTOR"
    },
    "action": "DELETE",
    "tenantId": "your-immuta-tenant.com",
    "auditPayload": {
        "subscriptionId": "28",
        "subscriberType": "USER",
        "subscriberId": "20",
        "modelType": "DATASOURCE",
        "type": "SubscriptionDeletedAuditPayload",
        "modelId": "15",
        "denialReason": "Subscription policy removed"
    },
    "targets": [
        {
            "type": "SUBSCRIPTION",
            "name": "28",
            "subscriber": {
                "id": "[email protected]",
                "type": "USER",
                "identityProvider": "bim",
                "name": "Taylor Smith",
                "profileId": "20"
            },
            "model": {
                "id": "15",
                "name": "Public case",
                "technology": "DATABRICKS",
                "type": "DATASOURCE"
            },
            "id": "28"
        }
    ],
    "relatedResources": [
        {
            "type": "DATASOURCE",
            "technology": "DATABRICKS",
            "name": "Public case",
            "id": "15"
        },
        {
            "id": "[email protected]",
            "type": "USER",
            "profileId": "20",
            "name": "Taylor Smith",
            "identityProvider": "bim"
        }
    ],
    "eventTimestamp": "2023-04-28T17:25:14.837Z"
}

SubscriptionRequestApproved event

Event: SubscriptionUpdated
Legacy events: dataSourceSubscription and projectSubscription
Description: A user's request to subscribe to a data source or project is approved.
Additional parameter details: targets.model.type will specify whether the subscription was approved for a DATASOURCE or PROJECT.

{
    "id": "f6162acd-f66c-4316-8e55-92bc89f03ab0",
    "sessionId": "17c01a6d5413eadaa831a1ccec2ce823",
    "requestId": "201d39f9-44b2-5346-bd0b-ef587651e2ce",
    "action": "SUBSCRIPTION_REQUEST_APPROVE",
    "actionStatus": "SUCCESS",
    "actor": {
        "name": "Taylor Smith",
        "id": "[email protected]",
        "identityProvider": "bim",
        "profileId": "1",
        "type": "USER_ACTOR"
    },
    "actorIp": "xxx.xx.xx.xx",
    "tenantId": "your-immuta-tenant.com",
    "targetType": "SUBSCRIPTION",
    "targets": [
        {
            "type": "SUBSCRIPTION",
            "id": "10",
            "name": "10",
            "model": {
                "type": "DATASOURCE",
                "id": "8",
                "name": "Public case",
                "technology": "STARBURST_TRINO"
            },
            "subscriber": {
                "name": "Deepu Murty",
                "id": "[email protected]",
                "identityProvider": "bim",
                "profileId": "13",
                "type": "USER"
            }
        }
    ],
    "relatedResources": [
        {
            "type": "DATASOURCE",
            "id": "8",
            "name": "Public case",
            "technology": "STARBURST_TRINO"
        },
        {
            "name": "Deepu Murty",
            "id": "[email protected]",
            "identityProvider": "bim",
            "profileId": "13",
            "type": "USER"
        }
    ],
    "auditPayload": {
        "type": "SubscriptionRequestApprovedAuditPayload",
        "version": 1,
        "subscriptionId": "10",
        "status": "APPROVED",
        "approverPermissions": ["OWNER"]
    },
    "eventTimestamp": "2024-03-08T15:53:54.800Z",
    "receivedTimestamp": "2024-03-08T15:53:54.922Z"
}

SubscriptionRequestDenied event

Event: SubscriptionUpdated
Legacy events: dataSourceSubscription and projectSubscription
Description: A user's request to subscribe to a data source or project is denied.
Additional parameter details: auditPayload.modelType will specify whether the user's subscription was denied for a DATASOURCE or PROJECT.

{
    "targets": [
        {
            "type": "SUBSCRIPTION",
            "name": "127",
            "subscriber": {
                "profileId": "13",
                "identityProvider": "bim",
                "name": "Deepu Murty",
                "type": "USER",
                "id": "[email protected]"
            },
            "model": {
                "id": "1",
                "projectKey": "HR",
                "name": "HR",
                "type": "PROJECT"
            },
            "id": "127"
        }
    ],
    "relatedResources": [
        {
            "id": "1",
            "type": "PROJECT",
            "name": "HR",
            "projectKey": "HR"
        },
        {
            "profileId": "13",
            "identityProvider": "bim",
            "name": "Deepu Murty",
            "type": "USER",
            "id": "[email protected]"
        }
    ],
    "auditPayload": {
        "subscriberId": "13",
        "subscriberType": "USER",
        "subscriptionId": "127",
        "modelType": "PROJECT",
        "type": "SubscriptionRequestDeniedAuditPayload",
        "modelId": "1",
        "denialReason": "Not part of the appropriate department",
        "version": 1,
        "approverPermissions": ["OWNER"]
    },
    "eventTimestamp": "2024-02-23T19:53:09.004Z",
    "actor": {
        "type": "USER_ACTOR",
        "profileId": "1",
        "identityProvider": "bim",
        "name": "Taylor Smith",
        "id": "[email protected]"
    },
    "tenantId": "your-immuta-tenant.com",
    "action": "SUBSCRIPTION_REQUEST_DENY",
    "requestId": "fcaf22c8-82ad-58d6-9443-ade4863ee11e",
    "receivedTimestamp": "2024-02-23T19:53:09.153Z",
    "id": "a3ed191a-6e8b-4429-a596-cbe1263695c8",
    "sessionId": "9040b6cf4b2368534dab8735038453c7",
    "targetType": "SUBSCRIPTION",
    "actionStatus": "SUCCESS",
    "actorIp": "xxx.xx.xx.xx"
}

SubscriptionRequested event

Event: SubscriptionRequested
Legacy events: dataSourceSubscription and projectSubscription
Description: A user requests to subscribe to a data source or project.
Additional parameter details: auditPayload.modelType will specify whether the user requested to subscribe to a DATASOURCE or PROJECT.

{
    "auditPayload": {
        "status": "PENDING",
        "version": 1,
        "modelId": "75",
        "type": "SubscriptionRequestedAuditPayload",
        "modelType": "DATASOURCE",
        "subscriberType": "USER",
        "subscriberId": "13",
        "subscriptionId": "126"
    },
    "targets": [
        {
            "name": "Public case",
            "technology": "POSTGRESQL",
            "type": "DATASOURCE",
            "id": "75"
        }
    ],
    "relatedResources": [
        {
            "id": "126",
            "subscriber": {
                "type": "USER",
                "name": "Deepu Murty",
                "identityProvider": "bim",
                "profileId": "13",
                "id": "[email protected]"
            },
            "model": {
                "id": "75",
                "name": "Public case",
                "type": "DATASOURCE",
                "technology": "POSTGRESQL"
            },
            "name": "126",
            "type": "SUBSCRIPTION"
        },
        {
            "type": "USER",
            "profileId": "13",
            "identityProvider": "bim",
            "name": "Deepu Murty",
            "id": "[email protected]"
        }
    ],
    "eventTimestamp": "2024-02-23T19:51:24.669Z",
    "actor": {
        "type": "USER_ACTOR",
        "profileId": "13",
        "name": "Deepu Murty",
        "identityProvider": "bim",
        "id": "[email protected]"
    },
    "action": "SUBSCRIPTION_REQUESTED",
    "tenantId": "your-immuta-tenant.com",
    "receivedTimestamp": "2024-02-23T19:51:24.810Z",
    "requestId": "e1de955f-b233-5d37-a964-d5851b769dd4",
    "id": "8bd099da-2082-4447-aa9f-961319593a4c",
    "sessionId": "6ba328eafcbf736223a47b5ef3662f34",
    "targetType": "DATASOURCE",
    "actionStatus": "SUCCESS",
    "actorIp": "xxx.xx.xx.xx"
}

SubscriptionUpdated event

Event: SubscriptionUpdated
Legacy events: dataSourceSubscription and projectSubscription
Description: A user's subscription to a data source or project is updated.
Additional parameter details: targets.model.type will specify whether the subscription was updated on a DATASOURCE or PROJECT.

{
    "actor": {
        "type": "USER_ACTOR",
        "profileId": "1",
        "identityProvider": "bim",
        "name": "Taylor Smith",
        "id": "[email protected]"
    },
    "tenantId": "your-immuta-tenant.com",
    "action": "UPDATE",
    "relatedResources": [
        {
            "name": "Public case",
            "type": "DATASOURCE",
            "technology": "DATABRICKS",
            "id": "17"
        },
        {
            "name": "Deepu Murty",
            "identityProvider": "bim",
            "profileId": "999111223",
            "type": "USER",
            "id": "[email protected]"
        }
    ],
    "targets": [
        {
            "subscriber": {
                "name": "Deepu Murty",
                "identityProvider": "bim",
                "profileId": "999111223",
                "type": "USER",
                "id": "[email protected]"
            },
            "model": {
                "name": "Public case",
                "technology": "DATABRICKS",
                "type": "DATASOURCE",
                "id": "17"
            },
            "id": "64",
            "type": "SUBSCRIPTION",
            "name": "64"
        }
    ],
    "auditPayload": {
        "subscriptionId": "64",
        "role": "OWNER",
        "version": 1,
        "type": "SubscriptionUpdatedAuditPayload"
    },
    "eventTimestamp": "2023-05-16T20:24:04.360Z",
    "actionStatus": "SUCCESS",
    "targetType": "SUBSCRIPTION",
    "sessionId": "8c81a018617a6aa8501597dd2c57c9c6",
    "actorIp": "xxx.xx.xx.xx",
    "requestId": "b7a717f9-7187-5889-a715-2f00ab63b160",
    "receivedTimestamp": "2023-05-16T20:24:04.475Z",
    "id": "24f5184c-ee43-40d4-8606-7dabcfb9ce23"
}

TagApplied event

Event: TagApplied
Legacy event: tagAdded
Description: A tag is applied to a data source or column.

{
    "id": "b10a0dd9-1a09-4e93-a6cd-0cd232a275a0",
    "sessionId": "0fcaaf9c074330b4b875746c2e52739c",
    "requestId": "e45f1d89-69cf-5ae6-b33a-fbc94b147d7a",
    "action": "TAG_APPLY",
    "actionStatus": "SUCCESS",
    "actor": {
        "name": "Taylor Smith",
        "id": "[email protected]",
        "identityProvider": "bim",
        "profileId": "1",
        "type": "USER_ACTOR"
    },
    "actorIp": "xxx.xx.xx.xx",
    "tenantId": "your-immuta-tenant.com",
    "targetType": "DATASOURCE",
    "targets": [
        {
            "type": "DATASOURCE",
            "id": "27",
            "name": "Public case",
            "technology": "POSTGRESQL"
        }
    ],
    "relatedResources": [
        {
            "type": "TAG",
            "name": "Discovered",
            "id": "451",
            "source": "curated",
            "context": "manual"
        }
    ],
    "auditPayload": {
        "type": "TagAppliedAuditPayload",
        "version": 1,
        "appliedTags": [
            {
                "targetName": "Public case",
                "targetType": "DATASOURCE",
                "tags": [
                    {
                        "type": "TAG",
                        "name": "Discovered",
                        "id": "451",
                        "source": "curated",
                        "context": "manual"
                    }
                ]
            }
        ]
    },
    "eventTimestamp": "2024-02-22T14:39:01.342Z",
    "receivedTimestamp": "2024-02-22T14:39:01.514Z"
}

TagCreated event

Event: TagCreated
Legacy event: tagCreated
Description: A tag is created.

{
    "id": "7605ac37-fa98-4cf8-a736-cbed84af2d6c",
    "sessionId": "0fcaaf9c074330b4b875746c2e52739c",
    "requestId": "3a32672b-5b26-5e4b-914e-bb7217d02e43",
    "action": "CREATE",
    "actionStatus": "SUCCESS",
    "actor": {
        "name": "Taylor Smith",
        "id": "[email protected]",
        "identityProvider": "bim",
        "profileId": "1",
        "type": "USER_ACTOR"
    },
    "actorIp": "xxx.xx.xx.xx",
    "tenantId": "your-immuta-tenant.com",
    "targetType": "TAG",
    "targets": [
        {
            "type": "TAG",
            "name": "First name",
            "id": "452",
            "source": "curated"
        }
    ],
    "relatedResources": [],
    "auditPayload": {
        "type": "TagCreatedAuditPayload",
        "version": 1,
        "tags": [
            {
                "id": "452",
                "name": "First name",
                "source": "curated",
                "type": "TAG"
            }
        ]
    },
    "eventTimestamp": "2024-02-22T14:39:50.845Z",
    "receivedTimestamp": "2024-02-22T14:39:50.918Z"
}

TagDeleted event

Event: TagDeleted
Legacy event: tagDeleted
Description: A tag is deleted.

{
    "id": "5e2e04df-0abb-4af9-bed6-a0b037777732",
    "sessionId": "0fcaaf9c074330b4b875746c2e52739c",
    "requestId": "de982c4f-ec8c-56e6-9d20-34fdcc2114f4",
    "action": "DELETE",
    "actionStatus": "SUCCESS",
    "actor": {
        "name": "Taylor Smith",
        "id": "[email protected]",
        "identityProvider": "bim",
        "profileId": "1",
        "type": "USER_ACTOR"
    },
    "actorIp": "xxx.xx.xx.xx,"
    "tenantId": "your-immuta-tenant.com",
    "targetType": "TAG",
    "targets": [
        {
            "type": "TAG",
            "name": "Last name",
            "id": "452",
            "source": "curated"
        }
    ],
    "relatedResources": [],
    "auditPayload": {
        "type": "TagDeletedAuditPayload",
        "version": 1,
        "name": "Last name",
        "deleteHierarchy": false,
        "tags": [
            {
                "id": "452",
                "name": "Last name",
                "source": "curated",
                "type": "TAG"
            }
        ]
    },
    "eventTimestamp": "2024-02-22T14:44:50.986Z",
    "receivedTimestamp": "2024-02-22T14:44:51.067Z"
}

TagRemoved event

Event: TagRemoved
Legacy event: tagRemoved
Description: A tag is removed from a data source or column.

{
    "id": "5a090fe2-382e-4e80-8b95-a9ed243da8f4",
    "sessionId": "0fcaaf9c074330b4b875746c2e52739c",
    "requestId": "509c475c-d00c-5895-af79-87563ed090ce",
    "action": "TAG_REMOVE",
    "actionStatus": "SUCCESS",
    "actor": {
        "name": "Taylor Smith",
        "id": "[email protected]",
        "identityProvider": "bim",
        "profileId": "1",
        "type": "USER_ACTOR"
    },
    "actorIp": "xxx.xx.xx.xx",
    "tenantId": "your-immuta-tenant.com",
    "targetType": "DATASOURCE",
    "targets": [
        {
            "type": "DATASOURCE",
            "id": "27",
            "name": "Public case",
            "technology": "POSTGRESQL"
        }
    ],
    "relatedResources": [
        {
            "type": "TAG",
            "name": "Discovered",
            "id": "1",
            "source": "curated"
        }
    ],
    "auditPayload": {
        "type": "TagRemovedAuditPayload",
        "version": 1,
        "removedTags": [
            {
                "targetName": "Public case",
                "targetType": "DATASOURCE",
                "tags": [
                    {
                        "type": "TAG",
                        "name": "Discovered",
                        "id": "1",
                        "source": "curated"
                    }
                ]
            }
        ]
    },
    "eventTimestamp": "2024-02-22T14:44:29.943Z",
    "receivedTimestamp": "2024-02-22T14:44:30.077Z"
}

TagUpdated event

Event: TagUpdated
Legacy event: tagUpdated
Description: A tag is updated.

{
    "id": "cdc9d4f5-f960-487c-a5cf-22059492a806",
    "sessionId": "0fcaaf9c074330b4b875746c2e52739c",
    "requestId": "0a8e084f-354f-51b0-998d-e5aa0455b223",
    "action": "UPDATE",
    "actionStatus": "SUCCESS",
    "actor": {
        "name": "Taylor Smith",
        "id": "[email protected]",
        "identityProvider": "bim",
        "profileId": "1",
        "type": "USER_ACTOR"
    },
    "actorIp": "xxx.xx.xx.xx",
    "tenantId": "your-immuta-tenant.com",
    "targetType": "TAG",
    "targets": [
        {
            "type": "TAG",
            "name": "TestTagUpdate",
            "id": "452",
            "source": "curated"
        }
    ],
    "relatedResources": [],
    "auditPayload": {
        "type": "TagUpdatedAuditPayload",
        "version": 1,
        "rootTag": "First_name",
        "deleteHierarchy": false,
        "tags": [
            {
                "id": "452",
                "name": "First name",
                "source": "curated",
                "type": "TAG"
            }
        ]
    },
    "eventTimestamp": "2024-02-22T14:40:08.449Z",
    "receivedTimestamp": "2024-02-22T14:40:08.563Z"
}

UserAuthenticated event

Event: UserAuthenticated
Legacy event: authenticate
Description: A user signs in to Immuta.
Additional parameter details: authenticationMethod possible values include
- OAuth: The user authenticated using the 3rd party authentication OAuth.
- OpenId: The user authenticated using the 3rd party authentication OpenId.
- SAML: The user authenticated using the 3rd party authentication SAML.
- apiKey: The user authenticated or impersonated using an API key. The user is running API calls and did not sign in to the UI.
- password: The user authenticated with username and password.

{
    "requestId": "0aaf4825-f245-582a-935d-312b15adbf3e",
    "auditPayload": {
        "type": "UserAuthenticatedAuditPayload",
        "authenticationMethod": "apiKey"
    },
    "action": "AUTHENTICATE",
    "actor": {
        "id": "postgres_system",
        "name": "Immuta System Account",
        "type": "SYSTEM_ACCOUNT"
    },
    "targetType": "USER",
    "relatedResources": [],
    "eventTimestamp": "2023-03-03T01:47:36.225Z",
    "actionStatus": "SUCCESS",
    "receivedTimestamp": "2023-03-03T01:47:36.319Z",
    "tenantId": "your-immuta-tenant.com",
    "targets": [],
    "actorIp": "xxx.xx.xx.xx",
    "id": "5683bb3d-226a-4140-b3d9-2c3db22cf1fb",
    "sessionId": "73396d16b9330d28a68dbf171948ace3"
}

UserCloned event

Event: UserCloned
Legacy event: accessUser
Description: A user is cloned.

{
    "id": "8f64a4e9-cfae-4166-94a0-3899d6d6fbf5",
    "sessionId": "efb381c4e05844332a87ae265c3225dc",
    "requestId": "243bf98c-bb2e-58b7-8842-1d997137cccb",
    "action": "CLONE",
    "actionStatus": "SUCCESS",
    "actor": {
        "name": "Taylor Smith",
        "id": "[email protected]",
        "identityProvider": "bim",
        "profileId": "1",
        "type": "USER_ACTOR"
    },
    "actorIp": "xxx.xx.xx.xx",
    "tenantId": "your-immuta-tenant.com",
    "targetType": "USER",
    "targets": [
        {
            "name": "Clone of [email protected] (awaiting first login)",
            "id": "[email protected]",
            "identityProvider": "bim",
            "profileId": "999111236",
            "type": "USER"
        },
        {
            "name": "Clone of [email protected] (awaiting first login)",
            "id": "[email protected]",
            "identityProvider": "bim",
            "profileId": "999111237",
            "type": "USER"
        }
    ],
    "relatedResources": [
        {
            "name": "Taylor Smith",
            "id": "[email protected]",
            "identityProvider": "bim",
            "profileId": "999111228",
            "type": "USER"
        }
    ],
    "auditPayload": {
        "type": "UserClonedAuditPayload",
        "version": 1,
        "failedUserIds": [],
        "newUserIds": ["[email protected]", "[email protected]"],
        "clonedUserId": "[email protected]",
        "clonedUserIamProvider": "bim"
    },
    "eventTimestamp": "2024-01-05T19:07:29.141Z",
    "receivedTimestamp": "2024-01-05T19:07:29.364Z"
}

UserCreated event

Event: UserCreated
Legacy event: accessUser
Description: A user is created.

{
    "id": "f6d2443e-1a08-4e38-8a4b-ec938334e217",
    "action": "CREATE",
    "actionStatus": "SUCCESS",
    "actor": {
        "name": "Immuta System Account",
        "id": "immuta_system_account",
        "type": "SYSTEM_ACCOUNT"
    },
    "tenantId": "your-immuta-tenant.com",
    "targetType": "USER",
    "targets": [
        {
            "name": "Deepu Murty",
            "id": "[email protected]",
            "identityProvider": "okta",
            "profileId": "999111251",
            "type": "USER"
        }
    ],
    "relatedResources": [],
    "auditPayload": {
        "type": "UserCreatedAuditPayload",
        "version": 1,
        "name": "Deepu Murty",
        "email": "[email protected]"
    },
    "eventTimestamp": "2024-02-01T13:16:26.541Z",
    "receivedTimestamp": "2024-02-01T13:16:26.564Z"
}

UserDeleted event

Event: UserDeleted
Legacy event: accessUser
Description: A user is deleted.

{
    "id": "5e359dbf-414e-4bc2-90fe-66534d728a02",
    "sessionId": "fc63e473565c823682f2b1a517c71355",
    "requestId": "610ff95c-dfc1-5ac0-a1a7-07a065c13c48",
    "action": "DELETE",
    "actionStatus": "SUCCESS",
    "actor": {
        "name": "Taylor Smith",
        "id": "[email protected]",
        "identityProvider": "bim",
        "profileId": "1",
        "type": "USER_ACTOR"
    },
    "actorIp": "xxx.xx.xx.xx",
    "tenantId": "your-immuta-tenant.com",
    "targetType": "USER",
    "targets": [],
    "relatedResources": [],
    "auditPayload": {
        "type": "UserDeletedAuditPayload",
        "version": 1,
        "userId": "[email protected]",
        "userIdProvider": "okta"
    },
    "eventTimestamp": "2024-01-31T15:41:25.000Z",
    "receivedTimestamp": "2024-01-31T15:41:27.150Z"
}

UserLogout event

Event: UserLogout
Legacy events: None
Description: A user logs out of Immuta.
Additional parameter details:
- authenticationMethod possible values include
  - OAuth: The user authenticated using the 3rd party authentication OAuth.
  - OpenId: The user authenticated using the 3rd party authentication OpenId.
  - SAML: The user authenticated using the 3rd party authentication SAML.
  - apiKey: The user authenticated or impersonated using an API key.
  - password: The user authenticated with username and password.
- logoutReason possible values include
  - EXPIRATION: The user was logged out because the token expired.
  - IDP_INITIATED: The IdP initiated the logout.
  - USER_LOGOUT_TRIGGERED: The user manually logged out.

{
    "sessionId": "0d8de090f542620a09cc0bf2cd103371",
    "id": "bd7713b7-a40a-4905-a5cf-68df2ed10c58",
    "actionStatusReason": null,
    "actorIp": "xxx.xx.xx.xx",
    "targets": [
        {
            "name": "Taylor Smith",
            "id": "[email protected]",
            "profileId": "1",
            "type": "USER",
            "identityProvider": "bim"
        }
    ],
    "tenantId": "your-immuta-tenant.com",
    "receivedTimestamp": "2024-02-08T15:51:54.660Z",
    "actionStatus": "SUCCESS",
    "relatedResources": [],
    "eventTimestamp": "2022-07-28T03:52:03.790Z",
    "targetType": "USER",
    "actor": {
        "type": "USER_ACTOR",
        "identityProvider": "bim",
        "name": "Taylor Smith",
        "id": "[email protected]",
        "profileId": "1"
    },
    "action": "LOGOUT",
    "auditPayload": {
        "logoutReason": "EXPIRATION",
        "authenticationMethod": "password",
        "impersonatedId": "[email protected]",
        "impersonatedIdProvider": "bim",
        "type": "UserLogoutAuditPayload",
        "version": 1
    },
    "requestId": "myRequestId"
}

UserOneTimeTokenCreated event

Event: UserOneTimeTokenCreated
Legacy event: accessUser
Description: A sign-in token is created for a user.

{
    "id": "8ddf5e1e-637f-444b-9575-7ef0cd135136",
    "sessionId": "aadf12cfbd5af292da1075f83b97716d",
    "requestId": "76b6cc50-532f-5bfc-8d71-f19befd0e93e",
    "action": "NEW_TOKEN",
    "actionStatus": "SUCCESS",
    "actor": {
        "name": "Taylor Smith",
        "id": "[email protected]",
        "identityProvider": "bim",
        "profileId": "1",
        "type": "USER_ACTOR"
    },
    "actorIp": "xxx.xx.xx.xx",
    "tenantId": "your-immuta-tenant.com",
    "targetType": "USER",
    "targets": [
        {
            "name": "Deepu Murty",
            "id": "[email protected]",
            "identityProvider": "bim",
            "profileId": "999111235",
            "type": "USER"
        }
    ],
    "relatedResources": [],
    "auditPayload": {
        "type": "UserOneTimeTokenCreatedAuditPayload",
        "version": 1
    },
    "eventTimestamp": "2024-01-22T19:57:56.319Z",
    "receivedTimestamp": "2024-01-22T19:57:56.394Z"
}

UserPasswordUpdated event

Event: UserPasswordUpdated
Legacy event: accessUser
Description: A user's password is updated.

{
    "actor": {
        "type": "USER_ACTOR",
        "id": "[email protected]",
        "name": "Taylor Smith",
        "identityProvider": "bim",
        "profileId": "1"
    },
    "sessionId": "8aa5dfb94afa9bde135f6208f5290ca1",
    "requestId": "77e80707-f5c8-5238-bf70-bd71c81200e8",
    "actionStatus": "SUCCESS",
    "actorIp": "xxx.xx.xx.xx",
    "eventTimestamp": "2023-12-22T21:27:51.255Z",
    "id": "bd6b42e9-61c1-4ea0-a19a-ec38163a85a2",
    "tenantId": "your-immuta-tenant.com",
    "targets": [
        {
            "type": "USER",
            "id": "[email protected]",
            "name": "Deepu Murty",
            "identityProvider": "bim",
            "profileId": "999111226"
        }
    ],
    "action": "PASSWORD_UPDATE",
    "auditPayload": {
        "type": "UserPasswordUpdatedAuditPayload",
        "version": 1
    },
    "targetType": "USER",
    "relatedResources": [],
    "receivedTimestamp": "2023-12-22T21:27:51.394Z"
}

UserUpdated event

Event: UserUpdated
Legacy event: externalUserIdChanged
Description: A user's details are updated.

{
    "id": "94179969-7dae-4b1c-a14f-de80573f841a",
    "sessionId": "b2b2ab5eabaac606e171fdcc3a042c32",
    "requestId": "d3b7e572-8c5f-535d-be51-3715fa181160",
    "action": "UPDATE",
    "actionStatus": "SUCCESS",
    "actor": {
        "name": "Taylor Smith",
        "id": "[email protected]",
        "identityProvider": "bim",
        "profileId": "1",
        "type": "USER_ACTOR"
    },
    "actorIp": "xxx.xx.xx.xx",
    "tenantId": "your-immuta-tenant.com",
    "targetType": "USER",
    "targets": [
        {
            "name": "Deepu Murty",
            "id": "[email protected]",
            "identityProvider": "bim",
            "profileId": "6",
            "type": "USER"
        }
    ],
    "relatedResources": [],
    "auditPayload": {
        "type": "UserUpdatedAuditPayload",
        "version": 1,
        "userId": "[email protected]",
        "userIdProvider": "bim",
        "externalUserIds": [],
        "disabled": false
    },
    "eventTimestamp": "2024-02-08T15:46:25.949Z",
    "receivedTimestamp": "2024-02-08T15:46:26.167Z"
}

WebhookCreated event

Event: WebhookCreated
Legacy event: webhookCreate
Description: A webhook is created.

{
    "targets": [
        {
            "name": "ProjectCreateMonitorHook",
            "type": "WEBHOOK",
            "id": "12"
        }
    ],
    "actionStatus": "SUCCESS",
    "receivedTimestamp": "2023-10-19T14:15:38.160Z",
    "actorIp": "xxx.xx.xx.xx",
    "id": "5faed0d0-ff64-4c86-87eb-193c04d6e5f2",
    "auditPayload": {
        "type": "WebhookCreatedAuditPayload",
        "version": 1,
        "webhooks": [
            {
                "id": "12",
                "name": "ProjectCreateMonitorHook",
                "actionType": "TRIGGERED",
                "global": false,
                "url": "https://hooks.slack.com/triggers/your-id",
                "notificationType": [
                    "projectUpdated"
                ]
            }
        ]
    },
    "requestId": "6cfccb1c-e828-5b4b-a971-e7a02bb0aea7",
    "relatedResources": [],
    "action": "CREATE",
    "tenantId": "your-immuta-tenant.com",
    "targetType": "WEBHOOK",
    "actor": {
        "identityProvider": "bim",
        "name": "Taylor Smith",
        "type": "USER_ACTOR",
        "profileId": "1",
        "id": "[email protected]"
    },
    "eventTimestamp": "2023-10-19T14:15:38.074Z",
    "sessionId": "f29b217886b7c5fd0efee59d5f53b866"
}

WebhookDeleted event

Event: WebhookDeleted
Legacy event: webhookDelete
Description: A webhook is deleted.

{
    "id": "0f89c84c-ce64-49e7-a08e-8cac34b5b820",
    "actorIp": "xxx.xx.xx.xx",
    "auditPayload": {
        "name": "ProjectCreateMonitorHook",
        "webhookId": "12",
        "type": "WebhookDeletedAuditPayload",
        "version": 1
    },
    "targets": [
        {
            "id": "12",
            "name": "ProjectCreateMonitorHook",
            "type": "WEBHOOK"
        }
    ],
    "actionStatus": "SUCCESS",
    "receivedTimestamp": "2023-10-19T14:20:50.152Z",
    "tenantId": "your-immuta-tenant.com",
    "targetType": "WEBHOOK",
    "actor": {
        "id": "[email protected]",
        "profileId": "1",
        "type": "USER_ACTOR",
        "name": "Taylor Smith",
        "identityProvider": "bim"
    },
    "sessionId": "302c4af6b147b6bfe8bed550030f6594",
    "eventTimestamp": "2023-10-19T14:20:50.077Z",
    "requestId": "ffe61b45-cb8b-5a96-83cb-5d366c735558",
    "action": "DELETE",
    "relatedResources": []
}

Last updated 6 months ago

Was this helpful?