# Subscription Policies Advanced DSL Guide This page details how users can create more complex policies using functions and variables in the Advanced DSL policy builder than the subscription policy builder allows. 1. Click the :shield: **Policies** icon in the navigation menu. 2. Select the **Subscription Policies** tab. 3. Click **New subscription policy** and complete the **Policy name** field. 4. Select the type of subscription policy: 1. **Grant policy**: Subscribe users to the data source if they meet the conditions of the policy. 2. [**Guardrail policy**](#user-content-fn-1)[^1]: Prevent users from subscribing unless they meet the conditions of the policy. Some subscription levels listed below are unavailable for this policy type. 5. Select the access type you want to control: * **Read Access**: Control who can view the data source. * **Write Access**: Control who can view and modify data in the data source. 6. Select **Allow users with specific groups/attributes,** and then select **Create using Advanced DSL**. 7. Select the rules for your policy from the Advanced DSL options. For example, creating a @hasTagsAsAttribute('Department', 'dataSource') would subscribe all users who have an attribute that matches a tag on a data source to that data source. So users with the attribute `Department.Marketing` would be subscribed to data sources with the tag Marketing. 8. Check the **Require Manual Subscription** checkbox to turn off automatic subscription. Enabling this feature will require users to manually subscribe to the data source if they meet the policy. 9. If you would like to make your data source visible in the list of all data sources in the UI to all users, click the **Allow Data Source Discovery** checkbox. Otherwise, this data source will not be discoverable by users who do not meet the criteria established in the policy. 10. If you would like users to have the ability to request approval to the data source, even if they do not have the required attributes or traits, check the **Request Approval to Access** checkbox. This will require an approver with permissions to be set. 11. Select where this policy should be applied, **On data sources**, **When selected by data owners**, or **On all data sources** * If a user selects **On data sources** options include, **with columns tagged**, **with columns spelled like**, **in server**, and **created between**. 12. Click **Create Policy**. [^1]: This policy type is unavailable when authoring a local policy.