Skip to main content
Version: 0.12.0

DataHubPolicy

DataHub Policies represent access policies granted to users or groups on metadata operations like edit, view etc.

Aspects

dataHubPolicyKey

Key for a DataHub Policy

Schema
{
"type": "record",
"Aspect": {
"name": "dataHubPolicyKey"
},
"name": "DataHubPolicyKey",
"namespace": "com.linkedin.metadata.key",
"fields": [
{
"type": "string",
"name": "id",
"doc": "A unique id for the DataHub access policy record. Generated on the server side at policy creation time."
}
],
"doc": "Key for a DataHub Policy"
}

dataHubPolicyInfo

Information about a DataHub (UI) access policy.

Schema
{
"type": "record",
"Aspect": {
"name": "dataHubPolicyInfo"
},
"name": "DataHubPolicyInfo",
"namespace": "com.linkedin.policy",
"fields": [
{
"Searchable": {
"fieldType": "TEXT_PARTIAL"
},
"type": "string",
"name": "displayName",
"doc": "Display name of the Policy"
},
{
"Searchable": {
"fieldType": "TEXT"
},
"type": "string",
"name": "description",
"doc": "Description of the Policy"
},
{
"type": "string",
"name": "type",
"doc": "The type of policy"
},
{
"type": "string",
"name": "state",
"doc": "The state of policy, ACTIVE or INACTIVE"
},
{
"type": [
"null",
{
"type": "record",
"name": "DataHubResourceFilter",
"namespace": "com.linkedin.policy",
"fields": [
{
"deprecated": true,
"type": [
"null",
"string"
],
"name": "type",
"default": null,
"doc": "The type of resource that the policy applies to. This will most often be a data asset entity name, for\nexample 'dataset'. It is not strictly required because in the future we will want to support filtering a resource\nby domain, as well."
},
{
"deprecated": true,
"type": [
"null",
{
"type": "array",
"items": "string"
}
],
"name": "resources",
"default": null,
"doc": "A specific set of resources to apply the policy to, e.g. asset urns"
},
{
"deprecated": true,
"type": "boolean",
"name": "allResources",
"default": false,
"doc": "Whether the policy should be applied to all assets matching the filter."
},
{
"type": [
"null",
{
"type": "record",
"name": "PolicyMatchFilter",
"namespace": "com.linkedin.policy",
"fields": [
{
"type": {
"type": "array",
"items": {
"type": "record",
"name": "PolicyMatchCriterion",
"namespace": "com.linkedin.policy",
"fields": [
{
"type": "string",
"name": "field",
"doc": "The name of the field that the criterion refers to"
},
{
"type": {
"type": "array",
"items": "string"
},
"name": "values",
"doc": "Values. Matches criterion if any one of the values matches condition (OR-relationship)"
},
{
"type": {
"type": "enum",
"symbolDocs": {
"EQUALS": "Whether the field matches the value"
},
"name": "PolicyMatchCondition",
"namespace": "com.linkedin.policy",
"symbols": [
"EQUALS"
],
"doc": "The matching condition in a filter criterion"
},
"name": "condition",
"default": "EQUALS",
"doc": "The condition for the criterion"
}
],
"doc": "A criterion for matching a field with given value"
}
},
"name": "criteria",
"doc": "A list of criteria to apply conjunctively (so all criteria must pass)"
}
],
"doc": "The filter for specifying the resource or actor to apply privileges to"
}
],
"name": "filter",
"default": null,
"doc": "Filter to apply privileges to"
}
],
"doc": "Information used to filter DataHub resource."
}
],
"name": "resources",
"default": null,
"doc": "The resource that the policy applies to. Not required for some 'Platform' privileges."
},
{
"type": {
"type": "array",
"items": "string"
},
"name": "privileges",
"doc": "The privileges that the policy grants."
},
{
"type": {
"type": "record",
"name": "DataHubActorFilter",
"namespace": "com.linkedin.policy",
"fields": [
{
"type": [
"null",
{
"type": "array",
"items": "string"
}
],
"name": "users",
"default": null,
"doc": "A specific set of users to apply the policy to (disjunctive)"
},
{
"type": [
"null",
{
"type": "array",
"items": "string"
}
],
"name": "groups",
"default": null,
"doc": "A specific set of groups to apply the policy to (disjunctive)"
},
{
"type": "boolean",
"name": "resourceOwners",
"default": false,
"doc": "Whether the filter should return true for owners of a particular resource.\nOnly applies to policies of type 'Metadata', which have a resource associated with them."
},
{
"type": [
"null",
{
"type": "array",
"items": "string"
}
],
"name": "resourceOwnersTypes",
"default": null,
"doc": "Define type of ownership for the policy"
},
{
"type": "boolean",
"name": "allUsers",
"default": false,
"doc": "Whether the filter should apply to all users."
},
{
"type": "boolean",
"name": "allGroups",
"default": false,
"doc": "Whether the filter should apply to all groups."
},
{
"Relationship": {
"/*": {
"entityTypes": [
"dataHubRole"
],
"name": "IsAssociatedWithRole"
}
},
"type": [
"null",
{
"type": "array",
"items": "string"
}
],
"name": "roles",
"default": null,
"doc": "A specific set of roles to apply the policy to (disjunctive)."
}
],
"doc": "Information used to filter DataHub actors."
},
"name": "actors",
"doc": "The actors that the policy applies to."
},
{
"type": "boolean",
"name": "editable",
"default": true,
"doc": "Whether the policy should be editable via the UI"
},
{
"Searchable": {
"fieldType": "DATETIME"
},
"type": [
"null",
"long"
],
"name": "lastUpdatedTimestamp",
"default": null,
"doc": "Timestamp when the policy was last updated"
}
],
"doc": "Information about a DataHub (UI) access policy."
}

Relationships

Outgoing

These are the relationships stored in this entity's aspects

  • IsAssociatedWithRole

    • DataHubRole via dataHubPolicyInfo.actors.roles

Global Metadata Model

Global Graph