Manage Data and Subscription Policies
Policy API reference guide
The policy
endpoint allows you to manage and review policies in Immuta. This page outlines the endpoint and its request and response parameters.
Policy workflow
Create and manage policies
POST or PUT
/policy/handler/{dataSourceId}
Create a global policy with a specified entity type
POST
/policy/global
Create a global policy with a given entityType
.
Body parameters
type
string
The type of policy. Accepted values are subscription
or data
.
Yes
name
string
The name of the policy that will be displayed in the Immuta UI.
Yes
template
boolean
Specifies whether or not this policy should be available as a template.
No
actions.type
string
The type of policy. Accepted value is subscription
.
Yes
actions.subscriptionType
The type of subscription policy. Accepted values are , , , , or .
Required when type
is subscription.
actions.description
string
The description of the policy.
No
actions.shareResponsibility
boolean
When true
the subscription policy will merge with other subscription policies on the data source with OR.
When , and user-provided values for this attribute will be ignored.
No
actions.allowDiscovery
boolean
When true
, users can see the data source in the Immuta UI, even if they do not have the attributes and groups specified by the policy.
No
actions.accessGrant
The type of access the user is granted. Accepted values are READ
or WRITE
.
No
actions.exceptions.operator
Specifies how to combine the conditions of the policy. Accepted valued are AND
or OR
.
No
actions.exceptions.conditions.type
Specifies the type of entitlement to include in the exception. Accepted values are groups
or authorizations
.
No
actions.exceptions.conditions.type.group
The group to allow to subscribe to the data source.
Required when actions.exceptions.conditions.type is groups
.
actions.exceptions.conditions.type.authorization.auth
The attribute key to allow to subscribe to the data source.
Required when actions.exceptions.conditions.type is authorizations
.
actions.exceptions.conditions.type.authorization.value
The attribute value to allow to subscribe to the data source.
Required when actions.exceptions.conditions.type is authorizations
.
actions.automaticSubscription
boolean
When true
, users will be automatically subscribed to the data source without having to take action.
Yes
staged
boolean
When true
, the policy is not active or enforced on any data sources.
No
circumstances.type
string
Specifies how to determine whether or not to apply the policy to the data source. For example, you could specify to apply the policy to data sources that have specific tags or to data sources created during a certain time period. Accepted values are columnRegex
, columnTags
, domains
, , server
, tags
, or time
.
circumstances.columnRegex.regex
string
The regular expression that identifies how column names are spelled.
Required when circumstances.type is columnRegex
.
circumstances.columnRegex.caseInsensitive
boolean
When true
, the regex will ignore the casing of column names.
No
circumstances.server
string
Specifies the server that contains the data sources the policy should be applied to.
Required when circumstances.type is server
.
circumstances.startDate
string
Specifies to apply policies to data sources created on or after this date and before the endDate
.
Required when circumstances.type is time
.
circumstances.endDate
string
Specifies to apply policies to data sources created before this data and after the startDate
.
No
circumstances.tag.name
string
The name of the tag on the data source.
Required when circumstances.type is tags
.
circumstances.tag.displayName
string
The display name of the tag on the data source.
No
circumstances.tag.hasLeafNodes
boolean
When true
, indicates the tag on the data source has child tags.
No
circumstances.columnTag.name
string
The name of the tag.
Required when circumstances.type is columnTags
.
circumstances.columnTag.displayName
string
The display name of the tag.
No
circumstances.columnTag.hasLeafNodes
boolean
When true
, indicates the tag has child tags.
No
circumstances.domains.id
string
The unique identifier of the domain.
Required when circumstances.type is domains
and circumstances.domains.name is not provided.
circumstances.domains.name
string
The name of the domain.
Required when circumstances.type is domains
and circumstances.domains.id is not provided.
circumstances.operator
string
Specifies how multiple circumstances of the policy will be combined with each other. When circumstances.type is domains
, this value must be AND
.
Yes
Request example
This example request creates a Global Policy (saved in the example-payload.json
file) in the Immuta tenant.
curl \
--request POST \
--header "Content-Type: application/json" \
--header "Authorization: Bearer dea464c07bd07300095caa8" \
--data @example-payload.json \
https://demo.immuta.com/policy/global
Request payload example
{
"type": "subscription",
"name": "HR data policy",
"template": true,
"certification": null,
"actions": [
{
"type": "subscription",
"subscriptionType": "policy",
"description": null,
"": true,
"allowDiscovery": false,
"accessGrant": "READ",
"exceptions": {
"operator": "and",
"conditions": [
{
"type": "groups",
"group": {
"name": "HR"
}
}
]
},
"automaticSubscription": true
}
],
"staged": false,
"circumstances": null
}
Response example
{
"policyKey": "HR data policy",
"name": "HR data policy",
"type": "subscription",
"template": true,
"staged": false,
"systemGenerated": false,
"deleted": false,
"certification": null,
"actions": [
{
"type": "subscription",
"exceptions": {
"operator": "and",
"conditions": [
{
"type": "groups",
"group": {
"name": "HR"
}
}
]
},
"accessGrant": "READ",
"description": null,
"allowDiscovery": false,
"subscriptionType": "policy",
"shareResponsibility": true,
"automaticSubscription": true
}
],
"circumstances": null,
"metadata": null,
"clonedFrom": null,
"createdBy": 2,
"protected": false,
"id": 24,
"createdAt": "2025-04-21T19:09:17.884Z",
"updatedAt": "2025-04-21T19:09:17.884Z",
"createdByName": "Taylor",
"ownerRestrictions": null
}
Create or update a policy for a specific data source
POST
or PUT
/policy/handler/{dataSourceId}
Create (POST) or update (PUT) a policy for the specified data source.
Query parameters
dataSourceId
integer
The ID of the data source.
Yes
jsonPolicies
array[object]
An array of JSON rules objects.
Yes
Response parameters
id
integer
The policy handler ID.
url
string
The URL of the Immuta tenant.
dataSourceId
integer
The ID of the data source the policy is applied to.
createdBy
integer
The ID of the user who created the policy.
ca
string
The certificate authority.
jsonPolicies
array[object]
Policy metadata, including the policy type
(visibility
, masking
, time
, minimization
, exemption
, external
, prerequisite
, customWhere
, showRowsNever
, or rowOrObjectRestriction
), rules
, and description
.
rules
string
The conditions of the policy.
createdAt
timestamp
The date the policy was created.
updatedAt
timestamp
The date the policy was modified.
Request example
This example request applies the policy specified in the payload to the data source with the ID 2
.
curl \
--request POST \
--header "Content-Type: application/json" \
--header "Authorization: Bearer dea464c07bd07300095caa8" \
--data @example-payload.json \
https://demo.immuta.com/policy/handler/2
Request payload example
{
"jsonPolicies": [{
"type": "masking",
"rules": [{
"type": "masking",
"config": {
"fields": ["amount"],
"maskingConfig": {
"type": "Consistent Value",
"metadata": {
"constant": null
}
}
},
"exceptions": null
}],
"createdAt": "2021-09-20T20:03:18.001Z",
"createdBy": 2,
"description": null
}, {
"type": "masking",
"rules": [{
"type": "masking",
"config": {
"fields": ["geo_latitude"],
"maskingConfig": {
"type": "Consistent Value",
"metadata": {}
}
},
"exceptions": null
}],
"createdAt": "2021-09-20T20:02:02.213Z",
"createdBy": 2,
"description": null
}, {
"type": "prerequisite",
"rules": [{
"type": "prerequisite",
"exceptions": null,
"config": {
"qualifications": {
"operator": "and",
"conditions": [{
"type": "purposes",
"value": "Re-identification Prohibited"
}]
}
}
}],
"description": ""
}],
"dataSourcePolicyHandler": {
"handlerId": 26,
"visibilitySchema": {
"fields": []
}
}
}
Response example
{
"id": 42,
"dataSourceId": 2,
"createdBy": 2,
"ca": ["-----BEGIN CERTIFICATE-----\ncertificatedata\n-----END CERTIFICATE-----"],
"jsonPolicies": [
{
"type": "masking",
"rules": [
{
"type": "masking",
"config": {
"fields": [
"amount"
],
"maskingConfig": {
"type": "Consistent Value",
"metadata": {
"constant": null
}
}
},
"exceptions": null
}
],
"createdAt": "2021-09-20T20:03:18.001Z",
"createdBy": 2,
"description": null
},
{
"type": "masking",
"rules": [
{
"type": "masking",
"config": {
"fields": [
"geo_latitude"
],
"maskingConfig": {
"type": "Consistent Value",
"metadata": {}
}
},
"exceptions": null
}
],
"createdAt": "2021-09-20T20:02:02.213Z",
"createdBy": 2,
"description": null
},
{
"type": "prerequisite",
"rules": [
{
"type": "prerequisite",
"config": {
"qualifications": {
"operator": "and",
"conditions": [
{
"type": "purposes",
"value": "Re-identification Prohibited"
}
]
}
},
"exceptions": null
}
],
"createdAt": "2021-09-20T20:05:35.925Z",
"createdBy": 2,
"description": null
}
],
"createdAt": "2021-09-21T18:49:34.021Z",
"updatedAt": "2021-09-21T18:49:34.021Z"
}
Apply a global policy to a data source
Note: Global policies that contain the condition "with columns tagged" or "on all data sources" will automatically apply to relevant data sources when the policy is created. The endpoint detailed below can be used to apply Global Policies that contain the condition "when selected by data owners," as these policies are not automatically applied to data sources.
POST
/policy/global/applyPolicy
Apply the Global Policy to the specified data source.
Query parameters
payload
array
Contains Global Policy and data source metadata.
Yes
Payload parameters
policyID
integer
The ID of the Global Policy.
Yes
dataSourceID
integer
The ID of the data source to apply the policy to.
Yes
merged
boolean
Default false
.
Yes
Response parameters
None. When successful, no message will display.
Request example
This example request applies the specified Global Policy to the specified data source (saved in the example-payload.json
file) in the Immuta tenant.
curl \
--request POST \
--header "Content-Type: application/json" \
--header "Authorization: Bearer dea464c07bd07300095caa8" \
--data @example-payload.json \
https://demo.immuta.com/policy/global/applyPolicy
Request payload example
The following payload will apply the Global Policy with the ID 1
to the data source with ID 1
.
{
"policyId": 1,
"dataSourceId": 1,
"merged": false
}
Update a global policy
PUT
/policy/global/{policyId}
Update the specified policy.
Query parameters
policyID
integer
The ID of the Global Policy you want to update.
Yes
payload
array
Contains Global Policy and metadata.
Yes
Payload parameters
See the Create a global policy with a specified entity type section for payload details.
Response parameters
When successful, the response returns the body of the request payload.
Request example
This example request updates the specified Global Policy (8
) with changes to the metadata saved in the example-payload.json
file.
curl \
--request PUT \
--header "Content-Type: application/json" \
--header "Authorization: Bearer dea464c07bd07300095caa8" \
--data @example-payload.json \
https://demo.immuta.com/policy/global/8
Request payload example
In this payload, the user updated the description
attribute to update the policy.
{
"id": 8,
"policyKey": "Mask Passports",
"name": "Mask Passport",
"type": "data",
"template": false,
"staged": false,
"systemGenerated": false,
"deleted": false,
"certification": {
"tags": ["Discovered.Passport"],
"text": "This certifies that all columns containing passports in this data source have been tagged appropriately.",
"label": "Certified"
},
"actions": [{
"type": "masking",
"rules": [{
"type": "masking",
"config": {
"fields": [{
"name": "Discovered.Passport",
"source": "curated",
"hasLeafNodes": false,
"displayName": "Discovered > Passport"
}],
"maskingConfig": {
"type": "Consistent Value",
"metadata": {}
}
},
"exceptions": null
}],
"description": "This policy masks all passports for data sources with columns tagged Discovered.Passport."
}],
"circumstances": [{
"type": "columnTags",
"operator": "or",
"columnTag": {
"name": "Discovered.Passport",
"hasLeafNodes": false,
"displayName": "Discovered > Passport"
}
}],
"metadata": null,
"clonedFrom": null,
"createdBy": 2,
"createdAt": "2021-09-21T18:35:48.615Z",
"updatedAt": "2021-09-21T18:41:36.054Z",
"createdByName": "Katie",
"ownerRestrictions": null
}
Response example
{
"id": 6,
"policyKey": "mask-passports",
"name": "Mask Passports",
"type": "data",
"template": false,
"createdBy": 2,
"createdByName": "Kate",
"createdAt": "2021-09-14",
"updatedAt": "2021-09-15",
"actions": [
{
"type": "masking",
"rules": [
{
"type": "masking",
"exceptions": null,
"config": {
"fields": [
{
"name": "Discovered.Passport",
"hasLeafNodes": false,
"source": "curated"
}
],
"maskingConfig": {
"type": "Consistent Value",
"metadata": {}
}
}
}
],
"description": "This policy masks all passports for data sources with columns tagged Discovered.Passport."
}
],
"circumstances": [
{
"operator": "or",
"type": "columnTags",
"columnTag": {
"name": "Discovered.Passport",
"hasLeafNodes": false
}
}
],
"clonedFrom": 0,
"staged": false,
"systemGenerated": false,
"deleted": false,
"certification": {
"label": "string",
"text": "string",
"tags": [
"string"
],
"recertify": false
}
}
Review policies
GET
/policy/global/appliedTo/{policyId}
GET
/policy/dataSourcePolicies/{dataSourceId}
Search for policies
POST
/policy/search
Searches for specified policies.
Query parameters
body
array[object]
Facets of the policy to search by, including the rule type, where the policy applies, exceptions, and policy circumstances.
No
type
string
The type of policy to search for: data
or subscription
.
No
scope
string
Indicates whether the policy is global
or local
.
No
size
integer
Pages results by default; size
is the number of results to return per page.
No
offset
integer
Used in combination with size
to fetch pages.
No
sortField
string
Indicates which field to sort the policies by: name
, createdBy
, createdAt
, state
, isNotApplied
, or scope
.
No
sortOrder
string
Indicates whether to sort policies in ascending or descending order: asc
or desc
.
No
searchText
string
Searches text; this will filter policies by name.
No
countOnly
boolean
When true
, will only return the number of policies found in the search.
No
mode
string
Attribute options include similarPolicies
, impactedUsers
, or impactedDataSources
.
No
excludedPolicies
array[integer]
Global Policy IDs to exclude.
No
Response parameters
Count
integer
The number of policies found that match the search criteria.
Hits
array
Policy metadata, including the name, scope, type, and data sources it applies to.
Request example
This example request searches for a Global Policy that contains the text mask
in Immuta.
curl \
--request POST \
--header "Content-Type: application/json" \
--header "Authorization: Bearer dea464c07bd07300095caa8" \
https://demo.immuta.com/policy/search?scope=global&searchText=mask
Response example
{
"count": 1,
"hits": [{
"name": "Mask Passports",
"createdBy": "Katie",
"state": "active",
"isNotApplied": false,
"scope": "global",
"type": "data",
"globalPolicyId": 8,
"policyId": null,
"dataSourceId": null,
"createdAt": "2021-09-21T18:35:48.615Z",
"detailLabels": {
"ruleType": ["masking"],
"tags": ["Discovered.Passport"]
},
"enforcedOn": {
"count": 1,
"hits": [{
"id": 1,
"name": "Public Credit Accounts"
}]
}
}]
}
Find policies by policy ID
GET
/policy/global/{policyId}
Find the policy with the specified ID.
Query parameters
policyId
integer
The ID of the Global Policy.
Yes
Response parameters
The response returns a policy object. See the Create a global policy with a specified entity type section for descriptions.
Request example
This example request returns the Global Policy with the ID 1
.
curl \
--request GET \
--header "Content-Type: application/json" \
--header "Authorization: Bearer dea464c07bd07300095caa8" \
https://demo.immuta.com/policy/global/1
Response example
{
"id": 1,
"policyKey": "New Column Added",
"name": "New Column Added",
"type": "data",
"template": false,
"staged": false,
"systemGenerated": true,
"deleted": false,
"certification": null,
"actions": [
{
"type": "masking",
"rules": [
{
"type": "masking",
"config": {
"fields": [
{
"name": "New",
"source": "curated",
"hasLeafNodes": false
}
],
"maskingConfig": {
"type": "Consistent Value",
"metadata": {
"constant": null
}
}
},
"exceptions": null
}
],
"description": null
}
],
"circumstances": [
{
"type": "columnTags",
"operator": "or",
"columnTag": {
"name": "New",
"hasLeafNodes": false
}
}
],
"metadata": null,
"clonedFrom": null,
"createdBy": 1,
"createdAt": "2021-09-09T13:47:03.448Z",
"updatedAt": "2021-09-16T14:10:05.694Z",
"createdByName": "Immuta System Account",
"ownerRestrictions": null
}
Find policies by entity type
GET
/policy/global
Find the policy with the specified entity type.
Query parameters
offset
integer
Used in combination with size
to fetch pages.
No
size
integer
Pages results by default; size
is the number of results to return per page.
No
sortField
string
Indicates which field to sort the policies by: name
or createdAt
. Default createdAt
.
No
sortOrder
string
Indicates whether to sort policies in ascending or descending order: asc
or desc
. Default desc
.
No
searchText
string
Searches text; this will filter policies by name
.
No
type
string
The type of policy to search for: data
or subscription
.
No
scope
string
Indicates whether the policy is global
or local
.
No
nameOnly
boolean
When true
, only returns the policy name, type, and ID.
No
templates
boolean
When true
, returns templates only. When false
, returns non-templates only. When omitted, returns both.
No
Response parameters
name
string
The name of the policy.
id
integer
The policy ID.
type
string
The type of policy: data
or subscription
.
hits
array
Policy metadata, including the name
, scope
, type
, and dataSources
it applies to.
Request example
This example request returns the name, type, and ID of all policies.
curl \
--request GET \
--header "Content-Type: application/json" \
--header "Authorization: Bearer dea464c07bd07300095caa8" \
https://demo.immuta.com/policy/global?nameOnly=true
Response example
[
{
"name": "Mask Passports",
"id": 6,
"type": "data"
},
{
"name": "New Column Added",
"id": 1,
"type": "data"
}
]
Find the number of data sources a specified policy applies to
GET
/policy/global/appliedTo/{policyId}
Find the number of data sources the specified policy applies to.
Query parameters
policyId
integer
The ID of the Global Policy.
Yes
Response parameters
count
integer
The number of data sources the policy applies to.
Request example
This example request returns the number of data sources the Global Policy with the ID 6
applies to.
curl \
--request GET \
--header "Content-Type: application/json" \
--header "Authorization: Bearer dea464c07bd07300095caa8" \
https://demo.immuta.com/policy/global/appliedTo/6
Response example
{
"count": 1
}
Get the policy information for a specific data source
GET
/policy/dataSourcePolicies/{dataSourceId}
Get the policy information for the specified data source.
Query parameters
dataSourceId
integer
The ID of the data source.
Yes
retrieveAll
boolean
When false
, filters out any custom domain-specific language rules.
No
excludeGlobal
boolean
When true
, filters out any policy actions driven by a Global Policy.
No
Response parameters
body
array
Contains policy metadata, including the policy type
, rules
, exceptions
, and date of creation.
Request example
This example request returns the information of policies applied to the data source with the ID 2
.
curl \
--request GET \
--header "Content-Type: application/json" \
--header "Authorization: Bearer dea464c07bd07300095caa8" \
https://demo.immuta.com/policy/dataSourcePolicies/2
Response example
[
{
"type": "masking",
"rules": [
{
"type": "masking",
"config": {
"fields": [
"amount"
],
"maskingConfig": {
"type": "Consistent Value",
"metadata": {
"constant": null
}
}
},
"exceptions": null
}
],
"createdAt": "2021-09-20T20:03:18.001Z",
"createdBy": 2,
"description": null
},
{
"type": "masking",
"rules": [
{
"type": "masking",
"config": {
"fields": [
"geo_latitude"
],
"maskingConfig": {
"type": "Consistent Value",
"metadata": {}
}
},
"exceptions": null
}
],
"createdAt": "2021-09-20T20:02:02.213Z",
"createdBy": 2,
"description": null
},
{
"type": "prerequisite",
"rules": [
{
"type": "prerequisite",
"config": {
"qualifications": {
"operator": "and",
"conditions": [
{
"type": "purposes",
"value": "Re-identification Prohibited"
}
]
}
},
"exceptions": null
}
],
"createdAt": "2021-09-20T20:05:35.925Z",
"createdBy": 2,
"description": null
}
]
Get the differences between two policy versions
GET
/policy/diff/{dataSourceId}
Get the differences between two policy handler versions.
Query parameters
dataSourceId
integer
The ID of the data source.
Yes
previousHandlerId
integer
The ID of the previous policy.
No
currentHandlerId
integer
The ID of the current policy.
No
Response parameters
current
array
Contains policy metadata of the current policy, including the policy type
, rules
, exceptions
, and date of creation.
previous
array
Contains policy metadata of the previous policy, including the policy type
, rules
, exceptions
, and date of creation.
hasChanges
boolean
When true
, indicates the policy was changed.
Request example
This example request returns the information of policies applied to the data source with the ID 3
.
curl \
--request GET \
--header "Content-Type: application/json" \
--header "Authorization: Bearer dea464c07bd07300095caa8" \
https://demo.immuta.com/policy/diff/3?currentHandlerId=47&previousHandlerId=46
Response example
{
"current": [{
"type": "rowOrObjectRestriction",
"rules": [{
"type": "visibility",
"config": {
"predicate": "(`city` in (@groups()))",
"qualifications": {
"operator": "and",
"conditions": [{
"type": "groups",
"field": "city"
}]
}
},
"exceptions": null
}],
"createdAt": "2021-09-28T18:46:00.868Z",
"createdBy": 2,
"description": null
}],
"previous": [{
"type": "rowOrObjectRestriction",
"rules": [{
"type": "visibility",
"config": {
"predicate": "(`city` in (@groups()))",
"qualifications": {
"operator": "and",
"conditions": [{
"type": "groups",
"field": "city"
}]
}
},
"exceptions": null
}],
"createdAt": "2021-09-28T18:46:00.868Z",
"createdBy": 2,
"description": null
}],
"hasChanges": false
}
Get the policy handler metadata for a specific data source
GET
/policy/handler/{dataSourceId}
Get the policy handler metadata for a specific data source.
Query parameters
dataSourceId
integer
The ID of the data source.
Yes
Response parameters
hits
array
Policy metadata, including the name
, scope
, rules
, and policy type
.
Request example
This example request returns the policy handler metadata for policies applied to the data source with the ID 1
.
curl \
--request GET \
--header "Content-Type: application/json" \
--header "Authorization: Bearer dea464c07bd07300095caa8" \
https://demo.immuta.com/policy/handler/1
Response example
{
"id": 44,
"dataSourceId": 1,
"rules": "rule masking_0_0 { when { model_0_0 : MaskingModel ; } then { Masked(model_0_0, 0, 0) } } rule masking_5_0 { when { model_5_0 : MaskingModel ; } then { Masked(model_5_0, 5, 0) } } rule masking_6_0 { when { model_6_0 : MaskingModel ; } then { Masked(model_6_0, 6, 0) } }",
"jsonPolicies": [
{
"type": "masking",
"rules": [
{
"type": "masking",
"config": {
"fields": [
"email"
],
"maskingConfig": {
"type": "Consistent Value",
"metadata": {
"constant": null
}
}
},
"exceptions": null
}
],
"createdAt": "2021-09-21T19:27:27.589Z",
"createdBy": 2,
"description": null
},
{
"type": "masking",
"rules": [
{
"type": "masking",
"config": {
"fields": [
"email"
],
"maskingConfig": {
"type": "Consistent Value",
"metadata": {}
}
},
"exceptions": null
}
],
"global": {
"id": 0,
"tag": "Discovered.Passport",
"name": "string",
"reason": "test",
"staged": false,
"deleted": false,
"conflict": "existingMasking",
"disabled": true,
"metadata": {
"HEDReportVersion": "string",
"certificationExpirationInterval": "string"
},
"template": false,
"createdAt": "2021-09-14T00:00:00.000Z",
"createdBy": "Katie",
"policyKey": "string",
"updatedAt": "2021-09-14T00:00:00.000Z",
"clonedFrom": 0,
"certification": true,
"createdByName": "Katie",
"changedOnApply": [],
"systemGenerated": false,
"ownerRestrictions": null
},
"description": null
},
{
"type": "masking",
"rules": [
{
"type": "masking",
"config": {
"fields": [
"last_name"
],
"maskingConfig": {
"type": "Consistent Value",
"metadata": {}
}
},
"exceptions": null
}
],
"global": {
"id": 0,
"tag": "Discovered.Passport",
"name": "string",
"reason": "test",
"staged": false,
"deleted": false,
"conflict": null,
"disabled": true,
"metadata": {
"HEDReportVersion": "string",
"certificationExpirationInterval": "string"
},
"template": false,
"createdAt": "2021-09-14T00:00:00.000Z",
"createdBy": "Katie",
"policyKey": "string",
"updatedAt": "2021-09-14T00:00:00.000Z",
"clonedFrom": 0,
"certification": true,
"createdByName": "Katie",
"changedOnApply": [],
"systemGenerated": false,
"ownerRestrictions": null
},
"description": null
},
{
"type": "masking",
"rules": [
{
"type": "masking",
"config": {
"fields": [
"ssn"
],
"maskingConfig": {
"type": "Consistent Value",
"metadata": {}
}
},
"exceptions": null
}
],
"global": {
"id": 0,
"tag": "Discovered.Passport",
"name": "string",
"reason": "test",
"staged": false,
"deleted": false,
"conflict": null,
"disabled": true,
"metadata": {
"HEDReportVersion": "string",
"certificationExpirationInterval": "string"
},
"template": false,
"createdAt": "2021-09-14T00:00:00.000Z",
"createdBy": "Katie",
"policyKey": "string",
"updatedAt": "2021-09-14T00:00:00.000Z",
"clonedFrom": 0,
"certification": true,
"createdByName": "Katie",
"changedOnApply": [],
"systemGenerated": false,
"ownerRestrictions": null
},
"description": null
},
{
"type": "masking",
"rules": [
{
"type": "masking",
"config": {
"fields": [
"email"
],
"maskingConfig": {
"type": "Consistent Value",
"metadata": {}
}
},
"exceptions": null
}
],
"global": {
"id": 8,
"tag": "Discovered.Passport",
"name": "Mask Passports",
"reason": null,
"staged": false,
"deleted": false,
"conflict": "existingMasking",
"disabled": true,
"metadata": null,
"template": false,
"createdAt": "2021-09-21T18:35:48.615Z",
"createdBy": "Katie",
"policyKey": "Mask Passport",
"updatedAt": "2021-09-21T18:41:54.299Z",
"clonedFrom": null,
"certification": true,
"createdByName": "Katie",
"changedOnApply": [],
"systemGenerated": false,
"ownerRestrictions": null
},
"description": "This policy masks all passports for data sources with columns tagged Discovered.Passport."
},
{
"type": "masking",
"rules": [
{
"type": "masking",
"config": {
"fields": [
"last_name"
],
"maskingConfig": {
"type": "Consistent Value",
"metadata": {}
}
},
"exceptions": null
}
],
"global": {
"id": 8,
"tag": "Discovered.Passport",
"name": "Mask Passport",
"reason": null,
"staged": false,
"deleted": false,
"conflict": null,
"disabled": false,
"metadata": null,
"template": false,
"createdAt": "2021-09-21T18:35:48.615Z",
"createdBy": "Katie",
"policyKey": "Mask Passport",
"updatedAt": "2021-09-21T18:41:54.299Z",
"clonedFrom": null,
"certification": true,
"createdByName": "Katie",
"changedOnApply": [],
"systemGenerated": false,
"ownerRestrictions": null
},
"description": "This policy masks all passports for data sources with columns tagged Discovered.Passport."
},
{
"type": "masking",
"rules": [
{
"type": "masking",
"config": {
"fields": [
"ssn"
],
"maskingConfig": {
"type": "Consistent Value",
"metadata": {}
}
},
"exceptions": null
}
],
"global": {
"id": 8,
"tag": "Discovered.Passport",
"name": "Mask Passport",
"reason": null,
"staged": false,
"deleted": false,
"conflict": null,
"disabled": false,
"metadata": null,
"template": false,
"createdAt": "2021-09-21T18:35:48.615Z",
"createdBy": "Katie",
"policyKey": "Mask Passports",
"updatedAt": "2021-09-21T18:41:54.299Z",
"clonedFrom": null,
"certification": true,
"createdByName": "Katie",
"changedOnApply": [],
"systemGenerated": false,
"ownerRestrictions": null
},
"description": "This policy masks all passports for data sources with columns tagged Discovered.Passport."
}
],
"createdAt": "2021-09-21T19:27:27.977Z",
"updatedAt": "2021-09-21T19:27:27.977Z"
}
Delete a global policy
DELETE
/policy/global/{policyId}
Delete the specified Global Policy.
Query parameters
policyId
integer
The ID of the policy.
Yes
Response parameters
The response returns a policy object of the policy that was deleted. See the Create a global policy with a specified entity type section for descriptions.
Request example
The following request deletes the Global Policy with ID 6
.
curl \
--request DELETE \
--header "Content-Type: application/json" \
--header "Authorization: Bearer dea464c07bd07300095caa8" \
https://demo.immuta.com/policy/global/6
Response example
{
"id": 6,
"policyKey": "mask-passports",
"name": "Mask Passports",
"type": "data",
"template": false,
"staged": false,
"systemGenerated": false,
"deleted": false,
"certification": {
"tags": [
"string"
],
"text": "string",
"label": "string"
},
"actions": [
{
"type": "masking",
"rules": [
{
"type": "masking",
"config": {
"fields": [
{
"name": "Discovered.Passport",
"source": "curated",
"hasLeafNodes": false
}
],
"maskingConfig": {
"type": "Consistent Value",
"metadata": {}
}
},
"exceptions": null
}
],
"description": "This policy masks all passports for data sources with columns tagged Discovered.Passport."
}
],
"circumstances": [
{
"type": "columnTags",
"operator": "or",
"columnTag": {
"name": "Discovered.Passport",
"hasLeafNodes": false
}
}
],
"metadata": null,
"clonedFrom": 0,
"createdBy": 2,
"createdAt": "2021-09-14T00:00:00.000Z",
"updatedAt": "2021-09-15T18:46:17.661Z",
"createdByName": "Katie",
"ownerRestrictions": null
}
Last updated
Was this helpful?