Customize and Manage Sensitive Data Discovery
Audience: Data Owners and Governors
Content Summary: This page details the
immuta sddcommand, its subcommands and arguments, and the workflow for customizing and managing the automatic discovery of your sensitive data. For details about Sensitive Data Discovery (SDD) and how it works, see this overview.
Command Overview: immuta sdd
This command allows you to customize and run SDD in your instance of Immuta. The table below illustrates subcommands and arguments.
| Subcommands | Description |
|---|---|
classifier |
Manage SDD classifiers. |
run |
Run SDD on specific data sources or all data sources |
template |
Manage SDD templates. |
Options
Use these options to get more details about the sdd command or any of its subcommands:
-h--help
$ immuta sdd -h
Manage Sensitive Data Discovery
Usage:
immuta sdd [command]
Available Commands:
classifier Manage Sensitive Data Discovery Classifiers
run Run Sensitive Data Discovery with provided options
template Manage Sensitive Data Discovery Templates
Flags:
-h, --help Help for sdd
Global Flags:
--config string Config file (default $HOME/.immutacfg.yaml)
-p, --profile string Specifies the profile for what instance/api the cli will use (default "default")
Use "immuta sdd [command] --help" for more information about a command.
SDD Workflow
Two common workflows for using SDD are outlined below. The first illustrates how to apply a single global template to all data sources, while the second outlines how users can create and apply templates to data sources they own.
The tutorials linked below show how to use the CLI to complete this workflow. For an overview of how Sensitive Data Discovery works, see this overview.
Workflow 1: Apply a Global Template to All Data Sources
- Data Governor creates a template using one or more built-in or custom classifiers.
- System Administrator adds this template to the global settings so that it applies to all data sources.
- Users trigger SDD on data sources.