Using Policy Center

Alation Cloud Service Applies to Alation Cloud Service instances of Alation

Customer Managed Applies to customer-managed instances of Alation

Applies from version 2021.4

Alation’s Policy Center is part of the Data Governance App. Policy Center provides a single location for managing policies and data policies alike.

For Snowflake data sources, Alation surfaces data policies as the result of metadata extraction and ingestion, ensuring that data consumers are aware of their existence. Users can view data policies extracted from Snowflake as well as data objects associated with these policies. They can take advantage of curated information found on dedicated catalog pages of each policy object.

Users can also create generic policy objects in Policy Center and associate them with the metadata objects in the catalog.

How to Use Policy Center

To learn about how to enable the Policy Center page in your Data Catalog, see Enable Policy Center.

After the policies are extracted or created, they will be displayed on the Policy Center page as shown below. Users can curate the catalog pages of policy objects from the Policy Center main page. Refer to Curating Policies.

../../_images/PolicyCenter_02.png

Bringing Snowflake Policies into Alation

Beginning in version 2021.3, policy extraction and ingestion are available for Snowflake data sources. Alation supports extraction for two Snowflake data policy types:

  • Row Access

  • Dynamic Data Masking

The Alation catalog also supports displaying masked values in data samples to authorized users only. The users who are not allowed to view the values will only see masked strings.

Catalog pages of the cataloged policy objects are based on the corresponding catalog template and can be curated like any other catalog page.

Configuring Snowflake

To access Snowflake policies, Alation requires access to specific schemas and views in Snowflake. The configuration for policy extraction is performed on Snowflake and depends on the type of connector you are using for your Snowflake data source:

OCF Snowflake Connector

If your Snowflake data source is connected to the catalog using the OCF Snowflake connector, ensure that the service account has access to the required views in the ACCOUNT_USAGE schema. See Policy and Tag Extraction for more details.

Native (Built-in) Snowflake Connector

If your Snowflake data source is connected to the catalog using the native (built-in) connector for Snowflake, you need to create a specific view for Alation to extract policies. This may require you to create a specific database and schema first. If you are already extracting tags from Snowflake, the required database and schema will already exist. If so, you will only need to create and grant access to the required views. See Privileges for Policy Center and Tags for instructions on configuring the required views in Snowflake.

Policies

Applies from version 2021.4

Policies are a generic type of policy object that also can be found using Search and managed in the Policy Center. Linking to other catalog objects using Object Set fields is available upon manual creation of a policy.

Enable Policy Center

The Policy Center feature is enabled in Feature Configuration as follows:

  1. Go to Settings > Feature Configuration.

  2. Toggle on Enable Policy Center toggle on and click the Save changes button and save the changes.

../../_images/PolicyCenter_03.png
  1. After you enable it, the Policy Center icon appears in the Apps menu.

../../_images/PolicyCenter_04.png
  1. Click the Policy Center icon to view the Policy Center main page.

Customize the Policy Center Page

Alation provides the ability to customize policy catalog pages by adding custom fields. The policy data object template is available under the Custom Template tab of the Customize Catalog page. For more information, refer to Applying Custom Fields to Templates.