Skip to content

Metadata Policy Helper

The metadata policy helper package creates metadata policies with patterns not supported by the UI.

Additional patterns will be added to the package based on data teams need.

Configuration

Warning

The user that sets up the workflow in Atlan must a connection admin on the connection where the policy is added.

Looker Folder

Create a policy with all Looker dashboards belonging to one or more Looker folders.

  • Persona name: name of the persona where the policy is created/updated.
  • Policy name: name of the policy to be created/updated.
  • Looker Connection: connection on which to apply the policy.
  • Looker folder identifier: whether the folders are identified by Name or ID, default: Name
  • Looker folders: list of Looker folders (Names or IDs based on what toggled as Looker folders identifier) separated by @@@. E.g. Folder 1@@@Folder 2
  • Policy permissions: set of permissions to be applied to the policy:
    • Assets Read: view an asset's activity log, custom metadata, and SQL queries
    • Assets Update: change asset metadata, including description, certification, owners, README, and resources
    • Update Custom Metadata Values
    • Add Tags to the assets
    • Remove Tags from the assets
    • Add Terms to the assets
    • Remove Terms from the assets
    • API Create: create new assets within the selected connection (via API)
    • API Delete: delete assets within the selected connection (via API)
  • Policy type:
    • Allow: allow the selected permissions.
    • Deny: deny the selected permissions. If selected, this will override all grants of those permissions from any other policies for the same users.

Tableau Project

Create a policy with all Tableau assets belonging to one or more Tableau project.

Warning

If a project is selected, all sub-projects (and their assets) will be included in the policy.

  • Persona name: name of the persona where the policy is created/updated.
  • Policy name: name of the policy to be created/updated.
  • Tableau Connection: connection on which to apply the policy.
  • Tableau projects: list of Tableau projects separated by @@@. E.g. Project 1@@@Project 2
  • Policy permissions: set of permissions to be applied to the policy:
    • Assets Read: view an asset's activity log, custom metadata, and SQL queries
    • Assets Update: change asset metadata, including description, certification, owners, README, and resources
    • Update Custom Metadata Values
    • Add Tags to the assets
    • Remove Tags from the assets
    • Add Terms to the assets
    • Remove Terms from the assets
    • API Create: create new assets within the selected connection (via API)
    • API Delete: delete assets within the selected connection (via API)
  • Policy type:
    • Allow: allow the selected permissions.
    • Deny: deny the selected permissions. If selected, this will override all grants of those permissions from any other policies for the same users.

Quicksight Folder

Create a policy with all Quicksight dashboards, datasets and analyses belonging to one or more Quicksight folders.

  • Persona name: name of the persona where the policy is created/updated.
  • Policy name: name of the policy to be created/updated.
  • Quicksight Connection: connection on which to apply the policy.
  • Quicksight folder identifier: whether the folders are identified by Name or ID, default: Name
  • Quicksight folders: list of Quicksight folders (Names or IDs based on what toggled as Quicksight folders identifier) separated by @@@. E.g. Folder 1@@@Folder 2
  • Policy permissions: set of permissions to be applied to the policy:
    • Assets Read: view an asset's activity log, custom metadata, and SQL queries
    • Assets Update: change asset metadata, including description, certification, owners, README, and resources
    • Update Custom Metadata Values
    • Add Tags to the assets
    • Remove Tags from the assets
    • Add Terms to the assets
    • Remove Terms from the assets
    • API Create: create new assets within the selected connection (via API)
    • API Delete: delete assets within the selected connection (via API)
  • Policy type:
    • Allow: allow the selected permissions.
    • Deny: deny the selected permissions. If selected, this will override all grants of those permissions from any other policies for the same users.

What it does

The package performs the following steps:

  • Check if the policy already exists:
    • If it doesn't exist: create the policy based on the input parameters of the workflow
    • If it exists: update the policy based on the input parameters of the workflow