Immuta Copilot
Last updated
Was this helpful?
Last updated
Was this helpful?
The Immuta copilot is a policy writing assistant that allows you to describe the data access you want to enforce in plain language, and then, copilot will create a draft Immuta subscription policy from that description for you to review. This can be extremely helpful for policy authors that do not understand the full list of:
Attributes users possess
Groups users belong to
Tags placed on tables and columns
Logic that can be used in Immuta subscription policies
Once copilot has created the draft subscription policy, the author can edit that policy directly in the Immuta subscription policy builder, stage it, or activate it.
For the best experience with copilot, you must already have a solid corpus of and , represented as attributes/groups, and tags, respectively. This is because co-pilot only considers those logical abstractions and not the physical users or table/column names when drafting the policy.
Currently copilot only supports drafting subscription policies.
From the Governance app, click Policies and Subscription Policies.
Click + Add Subscription Policy.
Click Open Copilot.
Enter the subscription policy description in the prompt.
Copilot will process and then suggest a draft subscription policy in the builder.
Immuta copilot is not designed to query or ship any of your actual data. It only leverages metadata, specifically attribute names, group names, and tag names, which should not be specific enough to contain PII. These are created into embeddings by the Claude embeddings model and indexed into your Immuta tenant.
Finally, Immuta copilot does not automatically apply any policy. Policies are proposed in draft form for human review before applying.
Copilot utilizes AWS Bedrock Anthropic Claude models. The that AWS, and external parties, including Anthropic, cannot access either the prompts or completions, and does not use them to train models. The AWS Bedrock user guide also states that prompts and completions are not stored.