Who this path is for
This learning path is for users who manage users, groups, and attributes for their organization.
Learning path context
Although System Administrator responsibilities in the Immuta console can be boiled down to managing users, permissions, and groups and attributes, the problem they solve within an organization is complicated: increasing flexibility while decreasing complexity and friction with data access and control.
This learning path illustrates how to manage users, permissions, and groups and attributes, which are used to drive policies and restrict data access.
Traditional approaches to using groups for data access rarely implement user attributes in ways that make sense and reflect who the users actually are; instead, users are divided into groups, and then these groups are used to determine what data users should have access to.
In this approach, once data sources are added or controls need to change, new groups must be added and managed, which creates confusion and inefficiency because, eventually, more groups exist than data sources and users don’t know what groups they need access to.
Immuta shifts this paradigm by comparing user attributes to conditions set in policies to determine data access. System Administrators create and manage these attributes, which then drive Global and Local Policies.
Before beginning the first course, consider these overarching questions:
What are your specific goals regarding data access and compliance, and how do your goals compare to your organization’s goals?
How will Immuta be incorporated into your workflow?
How do you currently manage groups in your organization, and how are these groups used to restrict access to data?
What you’ll be able to do
After completing this learning path, you’ll be able to
- identify the differences between the roles of Administrators and Data Governors.
- identify the actions they can take with the USER_ADMIN and APPLICATION_ADMIN permissions.
- effectively manage groups, permissions, and attributes.
- add users to and remove users from groups.
- add attributes to and remove attributes from users and groups.