Security and Compliance
Understand the authentication methods and audit features supported by the PostgreSQL integration to ensure you are meeting your organization's security and compliance needs
Immuta offers several features to provide security for your users and to prove compliance and monitor for anomalies.
Authentication
Registering the connection
The PostgreSQL integration supports the following authentication methods to register a connection:
Amazon Aurora and Amazon RDS deployments
Access using AWS IAM role (recommended): Immuta will assume this IAM role from Immuta's AWS account when interacting with the AWS API to perform any operations in your AWS account. This option allows you to provide Immuta with an IAM role from your AWS account that is granted a trust relationship with Immuta's IAM role.
Access using access key and secret access key: These credentials are used temporarily by Immuta to register the connection. The access key ID and secret access key provided must be for an AWS account with the permissions listed in the .
Identity providers for user authentication
The built-in Immuta IAM can be used as a complete solution for authentication and user entitlement. However, you can connect your existing identity management provider to Immuta to use that system for authentication and user entitlement instead.
Each of the supported identity providers includes a specific set of configuration options that enable Immuta to communicate with the IAM system and map the users, permissions, groups, and attributes into Immuta.
See the for a list of supported providers and details.
See the for details about user provisioning and mapping user accounts to Immuta.
Auditing and compliance
Immuta provides governance reports so that data owners and governors can monitor users' access to data and detect anomalies in behavior.
Immuta governance reports allow users with the GOVERNANCE Immuta permission to use a natural language builder to instantly create reports that delineate user activity across Immuta. These reports can be based on various entity types, including users, groups, projects, data sources, purposes, policy types, or connection types.
See the page for a list of report types and guidance.