Our two methods of automating data policy are: Locks & Thresholds. A Lock is a rule that defines how your users can access data. The groups assigned to a lock have the key to access sensitive data included in the lock. Grouping data into a lock allows you to manage your sensitive data across multiple databases. They can be assign to individual columns or groups of columns via data tags. Simplify control over your data with a lock.
a. add a lock name,
b. add a user group
3. a. Add a column-based policy.
b. Add a tag-based policy. Tags will be defined by Google DLP classification, Snowflake native classification or Snowflake object tags. For more info on data tags click here.
4. Optional: You can add multiple locks, just click ‘Add Another’
5. Once done click ‘Add Lock’.
Note: If a user group's access to a column is affected by more than one lock with different masking policies, the most permissive masking policy will be implemented.
You can use ALTR to create native masking policies in Snowflake without writing code.
The masking options are:
Masking policies are currently available for Snowflake.
We classify the data you have in Snowflake without it ever needing to leave Snowflake. We also ingest your Snowflake Object Tags (including any tags you’ve created yourself or via other tools) so you can set governance policy on groups of data right within ALTR.
When you connect or update a database in Snowflake, select ‘Snowflake classification and object tags’ and ALTR will trigger a Snowflake classification for all the tables in your database. When adding a data source in the ALTR platform, simply check the ‘Tag Data by classification’ box and select the option from the dropdown menu.
Once the classification is complete, we’ll import all the data tags included in the classification as well as any other existing tags from your database into the ALTR platform. You can also choose to only import object tags, in which case ALTR ingests the object tags you have defined in Snowflake without classifying your data.
2. Copy & paste the below CALL statement into your Snowflake Worksheet and press the 'Run' button to invoke the procedure.