Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
The Immuta CLI allows users to interact with their Immuta tenant using the command line to manage data sources, projects, policies, and purposes. This feature allows you to have all of your Immuta tenant information in a Git repository and use the CLI to sync your Immuta tenant with the files in your Git repository. To install the Immuta CLI, follow this installation guide.
You can navigate this section of documentation in two different ways: by workflow or by command.
The navigation is organized by major workflows you would use in Immuta. Each workflow contains relevant commands. Follow this chronological outline to find commands relevant to your workflow.
.
.
.
.
Below is a list of major commands available in the Immuta CLI. Click a command to navigate to its corresponding page that details subcommands, options, and arguments.
: Interact with your Immuta tenant to create data sources, projects, policies, and purposes.
: Make an authenticated Immuta API request. This command will let you hit any endpoint in the Immuta API, including . For example, immuta api /tag will hit the v1 endpoint to list tags. This allows you to use the immuta api command instead of something like Postman or cURL to interact with the V1 API.
: Clone all data sources, projects, purposes, and policies information into files.
immuta completion: Generate shell completion scripts.
immuta configure: Specify an Immuta tenant URL and API key to be saved to the Immuta configuration file.
immuta datasource: Manage data sources.
immuta policy: Manage Global Policies.
immuta project: Manage projects.
immuta purpose: Manage purposes.
immuta audit exportConfig: Manage the audit export.
This page details how to install the Immuta CLI and tab completions.
macOS CLI Binary Warning: When installing the macOS CLI binary, macOS displays the warning "could not verify that this app is free from malware" when the binary is run. Navigate to the Security & Privacy section in your System Preferences to allow the binary to be run.
Download the binary that corresponds to your operating system.
The latest stable binaries can be found here:
Linux x86_64 (amd64)
Linux ARMv8 (arm64)
The latest stable binaries can be found here:
Darwin x86_64 (amd64)
Darwin ARMv8 (arm64)
The latest stable binary can be found here: .
Download and add the binary to a directory in your system's $PATH as immuta.exe.
The SHA 256 checksum is available to verify the file at .
Required Immuta permission: CREATE_DATA_SOURCE
Run immuta configure.
Enter the URL of your Immuta tenant in the interactive prompt.
Enter in the interactive prompt:
Below is the configuration file that will be saved at ~/.immutacfg.yaml:
To generate shell completion scripts for Immuta CLI commands, run immuta completion [bash|zsh|fish|powershell]. You can opt to specify -h or --help for instructions on installing tab completions for Bash, Zsh, Fish, and PowerShell commands and flags.
Use the tabs below for specific instructions for each of these shells.
Install .
Add this to your ~/.bash_profile:
Generate an _immuta completion script and save it in your $fpath
The exact configuration file locations might vary based on your system. Make sure to restart your shell before you test whether completions are working.
Ensure that the following is present in your ~/.zshrc:
Generate an immuta.fish completion script:
Run immuta completion powershell | Out-String | Invoke-Expression.
To load completions for every new session, run:
Source this immuta.ps1 from your PowerShell profile.
curl -Lo immuta https://immuta-platform-artifacts.s3.amazonaws.com/cli/latest/immuta_cli_linux_amd64 && chmod +x immutacurl -Lo immuta https://immuta-platform-artifacts.s3.amazonaws.com/cli/latest/immuta_cli_linux_arm64 && chmod +x immutacurl -Lo immuta https://immuta-platform-artifacts.s3.amazonaws.com/cli/latest/immuta_cli_darwin_amd64 && chmod +x immutacurl -Lo immuta https://immuta-platform-artifacts.s3.amazonaws.com/cli/latest/immuta_cli_darwin_arm64 && chmod +x immutaautoload -U compinit
compinit -iimmuta completion fish > ~/.config/fish/completions/immuta.fishimmuta completion powershell > immuta.ps1$ immuta configure
? What is the url of the immuta instance you use?: https://your.instance.url.com/
? What is the api key of your immuta user account?: ***************************Updated the config at /Users/user/.immutacfg.yamldefault:
api_key: <apiKey>
host: https://your.immuta.url.comeval "$(immuta completion bash)"immuta completion zsh > /usr/local/share/zsh/site-functions/_immutaUse these audit export configuration commands to manage exporting your audit logs to S3 and ADLS Gen2, including intervals the events are exported and the S3 bucket or ADLS container they are exported to.
immuta audit exportConfig {command} <arguments> [flags]Inspect, disable, enable, and delete configurations for exporting your audit events to S3 and ADLS Gen2.
The Immuta Audit CLI supports a number of flags for every command.
--config string: Specifies the configuration file name and where it will be saved. (The default is $HOME/.immutacfg.yaml.)
-h, --help: Gets more information about the command.
-p, --profile string
This page details the immuta command, its subcommands and arguments, and the workflow for cloning a tenant and using the Immuta API.
immutaThis command allows you to manage your Immuta tenant by creating data sources, projects, policies, and purposes. The table below illustrates the immuta subcommands and arguments.
This page details the immuta policy command, its subcommands and arguments, and the workflow for creating, renaming, cloning, and deleting Global Policies.
immuta policyThis command allows you to list, save, delete, and rename Global Policies in your instance of Immuta. The table below illustrates subcommands and arguments.
clone
Clone and save all Global Policies to files.
filepath
delete
Delete a Global Policy by policy key.
policy key
list
List all Global Policy keys.
n/a
rename
Rename the Global Policy key.
new policy key
save
Create or update a Global Policy in Immuta.
filepath
Use these options to get more details about the policy command or any of its subcommands:
-h
--help
Add your policy information in a valid YAML file for the V2 API. Additional payload examples for creating policies can be found here:
Run immuta policy save <filepath> [--dryRun] [--reCertify], referencing the file you just created. The options you can specify include
-d or --dryRun: No updates will actually be made.
-h or --help: Get more information about the command.
--reCertify: If the certification has changed, someone will need to re-certify this policy on all impacted data sources.
The example below illustrates a user listing all policies and then creating a policy called data conditional masking.
Opt to list all policy keys to identify which policy you would like to rename by running immuta policy list. Options you can specify include
-h or --help: Get more information about the command.
-v or --verbose: Print response as JSON.
Rename the policy key by running immuta policy rename <old policy key> <new policy key>, enclosing the name of the policy key in quotation marks. Options you can specify to get more information about this command include -h or --help.
The example below illustrates a user renaming the data conditional masking policy key to Data Masking.
Clone and save all Global Policies to a file by running immuta policy clone <filepath>. Options you can specify include
--force: Overwrite existing output directory targets. If this flag is omitted, you will receive an error when the output directory exists and is not empty.
-h, --help: Get more information about the command.
-v or --verbose: Print response as JSON.
The example below illustrates cloning and saving all Global Policies to a policy folder. In this example, only one Global Policy existed: Test.
Opt to list all policy keys to determine which policy key you would like to delete by running immuta policy list. Options you can specify include
-h or --help: Get more information about the command.
-v or --verbose: Print response as JSON.
Delete a policy key by running immuta policy delete <policy key> [--dryRun]. Options you can specify include
-d or --dryRun: No updates will be made.
-h or --help: Get more information about the command.
The example below illustrates a user deleting the Data Masking policy.
name: Conditional Masking
policyKey: data conditional masking
type: data
actions:
- rules:
- type: Masking
config:
fields:
- type: columnTags
columnTag: Discovered.Passport
conditionalPredicate: "@columnTagged('Discovered.Country') = 'USA'"
maskingConfig:
type: Hash
circumstanceOperator: all
circumstances:
- type: columnTags
columnTag: Discovered.Passport
- type: columnTags
columnTag: Discovered.Country$ immuta policy list
New Column Added
$ immuta policy save ./test-policy.yml
{"dryRun":false,"creating":true,"updating":false,"policyId":4}
$ immuta policy list
New Column Added
data conditional masking$ immuta policy list
New Column Added
data conditional masking
$ immuta policy rename "data conditional masking" "Data Masking"
{"oldPolicyKey":"data conditional masking","newPolicyKey":"Data Masking"}
$ immuta policy list
Data Masking
New Column Added$ immuta policy clone ./your-file-path/policy-folder
Cloning all global policies...
Cloning: Test to Desktop/clone-policies/policy/Test.yaml$ immuta policy list
Data Masking
New Column Added
$ immuta policy delete "Data Masking" --dryRun
{"dryRun":true,"deleting":"Data Masking"}
$ immuta policy delete "Data Masking"
{"dryRun":false,"deleting":"Data Masking"}
$ immuta policy list
New Column Addedget <export configuration ID> [flags]: Gets an audit export configuration based on the provided ID. See example .
The ID of the export configuration.
-o, `--output json
list [flags]: Lists all export configurations.
Example: $ immuta audit exportConfig list
-o, `--output json
create <technology> [flags]: Configures a time interval and location to export your audit logs to. Options for <technology> are s3 and adls.
Example: $ immuta audit exportConfig create:s3 ./exportConfig.json
The filepath to the JSON or YAML file that configures the location and time interval for exporting your audit logs to S3 and ADLS Gen2.
-o, `- -output json
delete <export configuration ID> [flags]: Deletes an audit export configuration based on the provided ID.
Example: $ immuta audit exportConfig delete f7f9e289-f37b-4942-a18d-66d6de6e7cb2
The ID of the export configuration.
-o, `--output json
disable <export configuration ID> [flags]: Disables an audit export configuration based on the provided ID.
Example: $ immuta audit exportConfig disable f7f9e289-f37b-4942-a18d-66d6de6e7cb2
The ID of the export configuration.
-o, `--output json
enable <export configuration ID> [flags]: Enables an audit export configuration based on the provided ID.
Example: $ immuta audit exportConfig enable f7f9e289-f37b-4942-a18d-66d6de6e7cb2
The ID of the export configuration.
-o, `--output json
Make an authenticated Immuta API request.
endpoint
Clone all data sources, projects, purposes, and policies information into files.
directory path
Generate shell completion scripts for Immuta CLI commands.
bash, zsh, fish, or powershell
Specify an Immuta tenant URL and API key to be saved to the Immuta configuration file.
instance url and Immuta API key
Manage data sources.
list, delete, rename, and save
To view a list of the commands available in your current Immuta CLI version, run immuta with no additional arguments.
Options you can specify with the immuta command include
--config string: Specify the configuration file name and where it will be saved. (The default is $HOME/.immutacfg.yaml.)
-h or --help: Get more information about the command.
-p or --profile string: Specify the profile for what tenant or API the CLI will use.
Required Immuta permission: GOVERNANCE
If you have an Immuta tenant that was set up without using the API, you can use the immuta clone command to save all your data sources, projects, policies, and purposes as payloads:
This command will create valid V2 API YAML files for all your data sources, projects, policies, and purposes. Within these files, database passwords and user files (such as a BigQuery auth file) will be removed; instead passwords will appear as {{EnvVar "dbPass"}}. The CLI will then read the environment variable dbPass to fill in the password if you use the cloned payload to create or update a data source. File contents will appear as {{ReadFile "<filePath>"}}, and then the CLI will read the file at the path and replace the value when commands are run.
--force: Overwrite existing output directory targets. If this flag is omitted, you will receive an error when the output directory exists and is not empty.
-h or --help: Get details about the command.
Tags for data sources and projects are not returned.
Data sources will not have the sources field, so if these payloads are used in create commands, all possible tables will be created as data sources.
This command makes an authenticated HTTP(s) request to the Immuta API and prints the response. The default HTTP request method is GET, but POST is used if any parameters were added. You can override the method with --method:
-b, --body string: Unmodified string to be sent as payload body.
-d, --data key=value: Add a typed parameter in key=value format. The --data flag behaves like --raw-data, with type conversion based on the format of the value. Literal values, true, false, null, and integers are converted to appropriate JSON types. This will be sent in as the request payload.
--data-raw key=value: Add a string parameter in key=value format. The --data flag behaves like --raw-data, with type conversion based on the format of the value. Literal values, true, false, null, and integers are converted to appropriate JSON types. This will be sent in as the request payload.
-H, --header key:value: Add an HTTP request header in key:value format.
-h, --help: Get details about the command.
--input <filepath>: A raw request body may be passed from the outside via the file specified to use as body for the HTTP request. Pass in '-' for standard input.
-X, --method string: The HTTP method for the request (default GET).
-P, --path-param key=value: Add a string parameter in key=value format. Will replace {key} in the url with value.
-q, --query key=value: Add a string parameter in key=value format. The key value pairs are serialized into URL query parameters.
-t, --outputTemplate string: Format the response using a Go template. The provided Go template is rendered using the JSON data as input. For the syntax of Go templates, see .
The documentation below provides descriptions and examples of immuta api options.
This page details the immuta datasource command, its subcommands and arguments, and the workflow for creating, renaming, and deleting data sources.
immuta datasourceThis command allows you to list, save, delete, and rename data sources in your instance of Immuta. The table below illustrates subcommands and arguments.
Use these options to get more details about the datasource command or any of its subcommands:
-h
--help
immuta datasource saveRequired Immuta permission: CREATE_DATA_SOURCE
Add your remote database's connection information in a valid YAML file for the V2 API. Additional payload examples for creating data sources can :
Run immuta datasource save <filepath> [--wait int] [--dryRun], referencing the file you just created. The options you can specify include
-d or --dryRun: No updates will actually be made to the data source(s).
The following example illustrates a user saving an updated datasourceInfo.yaml file, first as a dry run and then by specifying that the data sources wait 5 seconds to be created.
immuta datasource renameRequirement: The global GOVERNANCE permission or be the data source owner
Run immuta datasource list keys to view a list of data source connection keys. Options you can specify include
-h or --help: Get more information about the command.
-v or --verbose
The following example illustrates a user renaming a data source connection key to demonstration.
immuta datasource deleteRequirement: The global GOVERNANCE permission or be the data source owner
This command will delete all data sources for the connection key you specify.
Run immuta datasource list keys to view a list of data source connection keys. Options you can specify include
-h or --help: Get more information about the command.
-v or --verbose
The following example illustrates a user deleting the demonstration connection key and all its data sources.
$ immuta audit exportConfig get f7f9e289-f37b-4942-a18d-66d6de6e7cb2
$
{
"id": "f7f9e289-f37b-4942-a18d-66d6de6e7cb2",
"interval": "EVERY_12_HOURS",
"enabled": true,
"endpointConfiguration": {
"__typename": "S3EndpointConfiguration",
"bucket": "your-s3-bucket",
"path": "hr-data",
"region": "us-east-1",
"accessKeyId": "accessKey"
},
"createdAt": "2022-10-23T23:03:11.466Z",
"createdBy": {
"name": "John Doe",
"identityProvider": "okta",
"id": "[email protected]",
"type": "USER"
},
"updatedAt": "2022-10-23T23:03:11.466Z",
"updatedBy": {
"name": "John Doe",
"identityProvider": "okta",
"id": "[email protected]",
"type": "USER"
}
}immuta clone <outputDirPath>immuta api <endPoint> [--method httpMethod] [--input <filePath>] [--body body] [--data key=value] [--raw-data key=value] [--header key:value] [--query key=value] [--path-param key=value] [--outputTemplate string]# list tags
$ immuta api tag
# list tags use query string to filter results
$ immuta api tag -q searchText=Discovered -q limit=10
# template the response using a Go template. This will print all tags new line separated.
$ immuta api tag -q limit=10 --template \
'{{range .}}{{.name}}{{"\n"}}{{end}}'
# Run column detection on specified table
$ immuta api dataSource/detectRemoteChanges -X PUT -d table=tableName -d schema=schemaName
# the above command is the same as
$ immuta api dataSource/detectRemoteChanges -X PUT --body '{"table": "tableName", "schema", "schemaName"}'
# set a user's current project - replace templated values in path
$ immuta api project/current/{projectId} -P projectId=1 -X POST
# the above command is the same as
$ immuta api project/current/1 -X POSTManage Global Policies.
list, delete, rename, and save
Manage projects.
list, delete, rename, and save
Manage purposes.
list, delete, and save
version
The version of the Immuta CLI.
n/a
-h or --help: Get more information about the command.
-w or --wait int: Specify how long to wait for data source creation.
To rename one of your data source connection keys, run immuta datasource rename <old connection key> <new connection key>. You can include the -h or --help options to get more information about this command.
Opt to view a list of the data sources in this connection key by running immuta datasource list sources <connection key>.
Run immuta datasource delete <connection key> [--dryRun] to delete all of these data sources. Options you can specify include
-d or --dryRun: No updates will actually be made.
-h or --help: Get more information about the command.
list keys
List all data source connection keys.
n/a
list sources
List all data sources for a given connection key.
connection key
save
Create or update all specified data sources in Immuta given connection information to the remote database.
filepath
delete
Delete all data sources for the given connection key.
connection key
rename
Rename the data source connection key.
connection key
Manage Data Sources
Usage:
immuta datasource [command]
Available Commands:
delete Delete all datasources for the given connection key
list List Data Source keys and sources
rename Rename the connection key
save Create/Update all specified data sources in Immuta given connection info to the remote data base
Flags:
-h, --help help for datasource
Global Flags:
--config string config file (default $HOME/.immutacfg.yaml)
-p, --profile string specifies the profile for what instance/api the cli will use (default "default")
Use "immuta datasource [command] --help" for more information about a command.connectionKey: 'a connection key'
connection:
ssl: true
port: 5432
hostname: immuta.db.com
database: public
schema: public
username: user
password: '{{EnvVar "myPassword"}}'
handler: Snowflake$ immuta datasource save test.yml --dryRun
{"dryRun":true,"creating":["Public Credit Accounts","Public Credit Transactions","Public Fake Medical Claims 2017","Public Uciml Census Income Enriched"],"updating":[],"deleting":[],"noChange":[],"detectionRunning":false,"tagsUpdated":false,"connectionString":null}
$ immuta datasource save test.yml --wait 5
{"dryRun":false,"creating":["Public Credit Accounts","Public Credit Transactions","Public Fake Medical Claims 2017","Public Uciml Census Income Enriched"],"updating":[],"deleting":[],"noChange":[],"detectionRunning":false,"tagsUpdated":false,"connectionString":"[email protected]:3306/public"}$ immuta datasource list keys
snowflake.demo-databases.your.url.com:3306/public/public
$ immuta datasource rename snowflake.demo-databases.your.url.com:3306/public/public demonstration
{"oldConnectionKey":"snowflake.demo-databases.your.url.com:3306/public/public","newConnectionKey":"demonstration"}
$ immuta datasource list keys
demonstration$ immuta datasource list keys
demonstration
$ immuta datasource delete demonstration
{"dryRun":false,"deleting":["Public Credit Transactions","Public Credit Accounts","Public Uciml Census Income Enriched","Public Fake Medical Claims 2017"]}
$ immuta datasource list sources demonstration
Error: status code: 404 message: The connection key "demonstration" was not foundThis page details the immuta project command, its subcommands and arguments, and the workflow for creating, renaming, and deleting projects.
immuta projectThis command allows you to list, save, delete, and rename projects in your instance of Immuta. The table below illustrates subcommands and arguments.
Use these options to get more details about the project command or any of its subcommands:
-h
--help
immuta project saveAdd your project information in a valid YAML file for the V2 API. Additional payload examples for creating projects can :
Run the following referencing the file you just created: immuta project save <filepath> [--dryRun] [--deleteWorkSpaceDataSources] The options you can specify include
--deleteWorkSpaceDataSources: Delete all data and the data sources associated with a project workspace when the workspace is deleted.
The example below illustrates a user listing all projects and then creating the project demo project.
immuta project renameOpt to list all project keys to identify which project you would like to rename by running immuta project list. Options you can specify include
-h or --help: Get more information about the command.
-v or --verbose
The example below illustrates a user renaming the demo project project key to data analytics team.
immuta project deleteOpt to list all project keys to determine which project key you would like to delete by running immuta project list. Options you can specify include
-h or --help: Get more information about the command.
-v or --verbose
The example below illustrates a user first disabling and then deleting the project Data Analytics Team.
This page details the immuta purpose command, its subcommands and arguments, and the workflow for creating and deleting purposes.
immuta purposeThis command allows you to list, save, and delete purposes in your instance of Immuta. The table below illustrates subcommands and arguments.
-d or --dryRun: No updates will be made.
-h or --help: Get more information about the command.
Rename the project key by running immuta project rename <old project key> <new project key>, enclosing the name of the project key in quotation marks. Options you can specify to get more information about this command include -h or --help.
Delete a project key by running immuta project delete <project key> [--dryRun] [--hardDelete, enclosing the project key in quotation marks. Options you can specify include
-d or --dryRun: No updates will be made.
--hardDelete: If this is set, it will delete everything related to the project in Immuta. If not set, it will only disable the project.
-h or --help: Get more information about the command.
delete
Delete a project by project key.
project key
list
List all project keys.
n/a
rename
Rename the project key.
new project key
save
Create or update a project in Immuta.
filepath
Manage Projects
Usage:
immuta project [command]
Available Commands:
delete Delete a project by project key
list List all policy keys
rename Rename the project key
save Create/Update a Project in Immuta
Flags:
-h, --help help for project
Global Flags:
--config string config file (default $HOME/.immutacfg.yaml)
-p, --profile string specifies the profile for what instance/api the cli will use (default "default")
Use "immuta project [command] --help" for more information about a command.name: Demo Project
projectKey: demo project
description: "Users need approval to join this project"
allowMaskedJoins: true
subscriptionPolicy:
type: approval
approvals:
- requiredPermission: GOVERNANCE
specificApproverRequired: false
- requiredPermission: ADMIN
specificApproverRequired: false$ immuta project list
Public
$ immuta project save test-project.yml
{"dryRun":false,"creating":true,"updating":false,"numberOfDataSourcesAdded":0,"numberOfDataSourcesRemoved":0,"creatingWorkspace":false,"deletingWorkspace":false,"projectId":3}
$ immuta project list
Public
demo project$ immuta project list
Public
demo project
$ immuta project rename "demo project" "Data Analytics Team"
{"oldProjectKey":"demo project","newProjectKey":"Data Analytics Team"}
$ immuta project list
Data Analytics Team
Public$ immuta project list
Data Analytics Team
Public
$ immuta project delete "Data Analytics Team"
{"dryRun":false,"deleting":"Data Analytics Team"}
$ immuta project list
Data Analytics Team
Public
$ immuta project delete "Data Analytics Team" --hardDelete
{"dryRun":false,"deleting":"Data Analytics Team"}
$ immuta project list
Publicdelete
Delete a purpose by name.
purpose name
list
List all purposes.
n/a
save
Create or update a purpose in Immuta.
filepath
Use these options to get more details about the purpose command or any of its subcommands:
-h
--help
Add your purpose information in a valid YAML file for the V2 API. Additional payload examples for creating purposes can be found here.
Run immuta purpose save <filepath> [--dryRun] [--reAcknowledge], referencing the file you just created. The options you can specify include
--reAcknowledge: Require all users of any projects using this purpose to re-acknowledge any updated acknowledgement statements.
-d or --dryRun: No updates will be made.
-h or --help: Get more information about the command.
The example below illustrates a user creating a purpose called Demo Purpose.
Opt to list all purposes to determine which purpose you would like to delete by running immuta purpose list. Options you can specify include
-h or --help: Get more information about the command.
-v or --verbose: Print response as JSON.
Delete a purpose by running immuta purpose delete <purpose name> [--dryRun], enclosing the purpose name in quotation marks. Options you can specify include
-d or --dryRun: No updates will be made.
-h or --help
The example below illustrates a user deleting the purpose Demo Purpose.
Manage Purposes
Usage:
immuta purpose [command]
Available Commands:
delete Delete a purpose by name
list List all purposes
save Create/update a purpose in Immuta
Flags:
-h, --help help for purpose
Global Flags:
--config string config file (default $HOME/.immutacfg.yaml)
-p, --profile string specifies the profile for what instance/api the cli will use (default "default")
Use "immuta purpose [command] --help" for more information about a command.name: Demo Purpose
acknowledgement: You promise not to share this data outside the project.
description: This project is only to be used for departmental data.$ immuta purpose list
Re-identification Prohibited
Re-identification Prohibited.CCPA
Re-identification Prohibited.Safe Harbor Method
Use Case Outside De-identification
$ immuta purpose save test-purpose.yml
{"dryRun":false,"creating":true,"updating":false,"purposeId":8}
$ immuta purpose list
Demo Purpose
Re-identification Prohibited
Re-identification Prohibited.CCPA
Re-identification Prohibited.Safe Harbor Method
Use Case Outside De-identification$ immuta purpose list
Demo Purpose
Re-identification Prohibited
Re-identification Prohibited.CCPA
Re-identification Prohibited.Safe Harbor Method
Use Case Outside De-identification
$ immuta purpose delete "Demo Purpose"
{"dryRun":false,"deleting":["Demo Purpose"]}
$ immuta purpose list
Re-identification Prohibited
Re-identification Prohibited.CCPA
Re-identification Prohibited.Safe Harbor Method
Use Case Outside De-identification