Immuta Preview Features
  • Immuta Private Preview Features
  • Features
    • External Custom Policy Handler
    • Approve to Promote
    • OAuth Token Passthrough for Databricks Unity Catalog
  • Immuta Copilot
Powered by GitBook
On this page
  • How To Describe a Policy to Copilot
  • AI platform and data processing
  • Data protection

Was this helpful?

Export as PDF

Immuta Copilot

Immuta copilot is private preview and only available to select customers

The Immuta copilot is a policy writing assistant that allows you to describe the data access you want to enforce in plain language, and then, copilot will create a draft Immuta subscription policy from that description for you to review. This can be extremely helpful for policy authors that do not understand the full list of:

  • Attributes users possess

  • Groups users belong to

  • Tags placed on tables and columns

  • Logic that can be used in Immuta subscription policies

Once copilot has created the draft subscription policy, the author can edit that policy directly in the Immuta subscription policy builder, stage it, or activate it.

For the best experience with copilot, you must already have a solid corpus of facts about your users and facts about your data, represented as attributes/groups, and tags, respectively. This is because co-pilot only considers those logical abstractions and not the physical users or table/column names when drafting the policy.

Currently copilot only supports drafting subscription policies.

How To Describe a Policy to Copilot

  1. From the Governance app, click Policies and Subscription Policies.

  2. Click + Add Subscription Policy.

  3. Click Open Copilot.

  4. Enter the subscription policy description in the prompt.

  5. Copilot will process and then suggest a draft subscription policy in the builder.

AI platform and data processing

Data protection

Copilot utilizes AWS Bedrock Anthropic Claude models. The AWS Bedrock user guide indicates that AWS, and external parties, including Anthropic, cannot access either the prompts or completions, and does not use them to train models. The AWS Bedrock user guide also states that prompts and completions are not stored.

Immuta copilot is not designed to query or ship any of your actual data. It only leverages metadata, specifically attribute names, group names, and tag names, which should not be specific enough to contain PII. These are created into embeddings by the Claude embeddings model and indexed into your Immuta tenant.

Finally, Immuta copilot does not automatically apply any policy. Policies are proposed in draft form for human review before applying.

Last updated 29 days ago

Was this helpful?