Skip to content

Admin export

Source code Sample XLSX file

The admin export package allows you to export administrative information from Atlan. This includes:

  • users
  • groups
  • personas
  • purposes
  • policies

Use cases

  • Backup or take snapshots of administrative configuration
  • Report on or summarize administrative settings, slicing and dicing via spreadsheet

Configuration

Scope

  • Objects to include: select the objects you want to include in your export.
  • Include out-of-the-box policies: Atlan includes a number of policies out-of-the-box that control base functionality. You do not have access to make any changes to these, so will generally be extra noise to export them. However, but if requested, these could be helpful in debugging complex permissions.

Delivery

  • Export via: the results will always be downloadable from the workflow.

    If a direct download from the workflow is all you require, you can leave this default selected.

    The results will also be emailed to the list of addresses provided.

    • Email address(es): enter a list of email addresses, comma-separated, where you want the results to be sent as an attachment.

    The results will also be uploaded to the object storage location provided.

    • Prefix (path) the directory (path) within the object store into which to upload the exported file.
    • Object key (filename) the object key (filename), including its extension, within the object store and prefix.

    • Cloud object store the object store into which to upload the results.

      • AWS access key: your AWS access key.
      • AWS secret key: your AWS secret key.
      • Region: your AWS region.
      • Bucket: your AWS bucket.

      Reusing Atlan's backing S3 store

      When your Atlan tenant is deployed in AWS, you can leave all of these blank to reuse the backing store of Atlan itself.

      • Project ID: the ID of your GCP project.
      • Servive account JSON: your service account credentials, as JSON.
      • Bucket your GCS bucket.

      Reusing Atlan's backing GCS store

      When your Atlan tenant is deployed in GCP, you can leave all of these blank to reuse the backing store of Atlan itself.

      • Azure client ID: the unique application (client) ID assigned to your app by Azure AD when the app was registered.
      • Azure client secret: your Azure client secret (it's actual value, not its identifier).
      • Azure tenant ID: the unique identifier of the Azure Active Directory instance.
      • Storage account name: name of your storage account.
      • Container: your ADLS container.

      Reusing Atlan's backing ADLS store

      When your Atlan tenant is deployed in Azure, you can leave all of these blank to reuse the backing store of Atlan itself.

What it does

The objects that match the supplied input criteria will be extracted into a single Excel file (workbook), each type in its own separate worksheet (tab). Each row will contain a single record for a single object of the type defined by the worksheet.

Detailed information on the columns in the Excel file produced, by worksheet:

Users

Username

Username of the user represented on this row.

First name

First name of the user represented on this row.

Last name

Last name of the user represented on this row.

Email address

Email address of the user represented on this row.

Groups

Groups the user is assigned to.

Created

Date and time when the user was invited to Atlan.

Enabled

Whether the user is allowed to login (true) or their account is currently deactivated (false).

Last login

Date and time when the user last logged in to Atlan.

Personas

List of personas the user is assigned to, whether directly or via a group. Each personas is separated by a newline, within the same cell.

Groups

Group name

Name of the group represented on this row, as the name appears in the Atlan UI.

Internal name

Name of the group represented on this row, as it must be specified when used programmatically.

Number of users

Number of users who are assigned to this group.

Default

Whether the group will be assigned to newly invited users by default (true) or not (false).

Created at

Date and time when the group was created.

Created by

User who created the group.

Updated at

Date and time when the group was last updated.

Updated by

User who last updated the group.

Personas

Persona name

Name of the persona represented on this row.

Description

Explanation given to this persona (if any).

Users

Users who are assigned to this persona. Each user will be separated by a newline within the same cell.

Groups

Groups who are assigned to this persona. Each group will be separated by a newline within the same cell.

Metadata policies

Number of metadata policies associated with this persona.

Data policies

Number of data policies associated with this persona.

Glossary policies

Number of glossary policies associated with this persona.

Domain policies

Number of domain policies associated with this persona.

Connections

Connections controlled by the policies on this persona, either through the metadata or data policies (or both). Each connection will be separated by a newline within the same cell.

Glossaries

Glossaries controlled by the glossary policies on this persona. Each glossary will be separated by a newline within the same cell.

Domains

Domains controlled by the domain policies on this persona. Each domain will be separated by a newline within the same cell.

Purposes

Purpose name

Name of the purpose represented on this row.

Description

Explanation given to this purpose (if any).

Tags

Tags controlled by this purpose. Each tag will be separated by a newline within the same cell.

Metadata policies

Number of metadata policies associated with this purpose.

Data policies

Number of data policies associated with this purpose.

Groups

Groups to which the policies are applied. Each group will be separated by a newline within the same cell.

Users

Users to which the policies are applied. Each user will be separated by a newline within the same cell.

Policies

Policy name

Name of the policy represented on this row.

Description

Explanation given to this policy (if any).

Parent type

Type of parent access control mechanism that owns the policy, for example Persona or Purpose.

Parent name

Name of the parent (persona or purpose) that owns the policy.

Kind

Kind of policy represented on this row, for example metadata, data, glossary or domain.

Type

Type of policy represented on this row, for example allow or deny.

Resources

Resources the policy controls. Each resource will be separated by a newline within the same cell.

How it works

Runs a search for each object type requested, then lists them out into an Excel file:

  • Translates connection qualified names into meaningful connection name and type
  • Translates glossary qualified names into the name of each glossary
  • Translates Atlan tag names into human-readable tag names
  • Translates epoch-style timestamps into human-readable dates and times