Table of Contents

Search

  1. Preface
  2. Transformations
  3. Source transformation
  4. Target transformation
  5. Access Policy transformation
  6. Aggregator transformation
  7. B2B transformation
  8. Chunking transformation
  9. Cleanse transformation
  10. Data Masking transformation
  11. Data Services transformation
  12. Deduplicate transformation
  13. Expression transformation
  14. Filter transformation
  15. Hierarchy Builder transformation
  16. Hierarchy Parser transformation
  17. Hierarchy Processor transformation
  18. Input transformation
  19. Java transformation
  20. Java transformation API reference
  21. Joiner transformation
  22. Labeler transformation
  23. Lookup transformation
  24. Machine Learning transformation
  25. Mapplet transformation
  26. Normalizer transformation
  27. Output transformation
  28. Parse transformation
  29. Python transformation
  30. Rank transformation
  31. Router transformation
  32. Rule Specification transformation
  33. Sequence transformation
  34. Sorter transformation
  35. SQL transformation
  36. Structure Parser transformation
  37. Transaction Control transformation
  38. Union transformation
  39. Vector Embedding transformation
  40. Velocity transformation
  41. Verifier transformation
  42. Web Services transformation

Transformations

Transformations

Access Policy transformation example

Access Policy transformation example

You need to make customer data available to a colleague in your bank's marketing department for customer analysis. As part of their role and the needs of their project, your colleague in the marketing department has limited access rights to customer data.
Use an Access Policy transformation to ensure that your organization complies with data privacy regulations while allowing your colleague to gain valuable insights. At run time, the transformation hides or obscures the information for which your colleague does not have access rights based on metadata and the properties that you set on the Access Policy tab.
The following table shows part of a table called BANK_CUSTOMERS, which includes contact details, birth dates, and other items of personally identifiable information:
CUSTOMER_NAME
ADDRESS
POSTAL_CODE
PROFESSION
EMAIL_ADDRESS
CUSTOMER_TYPE
DAY_OF_BIRTH
Brayden Combs
7776 Proctor Drive
48089
Associate Marketing
brayden.combs@organization.com
1
03/14/1990
Osvaldo Patton
63 Rosewood Court
64051
Project Manager
osvaldo.patton@organization.com
5
01/13/1988
Alivia Oneal
64 East Thorne Court
30043
Business Analyst
alivia.oneal@organization.com
3
06/22/1956
Skyla Weeks
7556 South Shore Drive
48045
Operations Manager
skyla.weeks@organization.com
4
10/08/1961
Justice Cobb
9136 S. Lafayette St.
60187
Financial Controller
justice.cobb@organization.com
1
02/23/1963
Braxton Kramer
7 Hill Field St.
28376
Restaurant Manager
braxton.kramer@organization.com
5
11/01/1969
Erin Ryan
20 Lakeshore Street
20706
Project Manager
erin.ryan@organization.com
2
07/23/1959
To configure the mapping, complete the following tasks:
  1. Add a Source transformation that reads the BANK_CUSTOMERS source table.
  2. Add an Access Policy transformation to the mapping canvas, and connect it to the data flow.
  3. On the
    Access Policy
    tab, take the following actions:
    1. In the
      Consumer
      field, select your marketing department colleague.
    2. In the
      Usage
      field, select "customer analysis" as the usage context.
      Users create and manage usage context in
      Data Marketplace
      . To learn more, see
      Working With Data Collections
      in the Data Marketplace help.
    3. In the
      Data Asset
      field, select the BANK_CUSTOMERS table as the source data asset.
    4. To use consistent tokenization, enter a consistency seed from another Access Policy transformation. Otherwise, generate a new consistency seed.
    5. Click
      Synchronize Access Policy
      .
  4. Add other transformations to the mapping as required.
  5. Add a Target transformation to the mapping and connect it to the upstream transformation.
  6. Click
    Run
    .
    The
    mapping
    task applies the policies to the data, protecting it.
The following table shows the protected data:
CUSTOMER_NAME
ADDRESS
POSTAL_CODE
PROFESSION
EMAIL_ADDRESS
CUSTOMER_TYPE
DAY_OF_BIRTH
access_policy_filter
ACCESS_DENIED
Osva
64051
Project Manager
yojniw.sdfhihd@organization.com
5
Aliv
30043
Business Analyst
25dxk7og.x9jneyc@organization.com
3
Sky
48045
Operations Manage
oeunx.ed7uncr@organization.com
4
ACCESS_DENIED
Brax
28376
Restaurant Manager
zdkljvkr.xbei@organization.com
5
Erin
20706
Project Manager
0ick.39ft@organization.com
2
The Access Policy transformation protects the data in the following ways:
  • It retains only the first four characters of the customer names.
  • It replaces the street address and day of birth data with null values.
  • It assigns random characters to the customer email addresses, but it keeps the addresses in a valid email format.
  • It removes the data in the first and fifth rows.
  • It adds a new access_policy_filter field that indicates whether
    data filter policies
    have denied access to the data.
    To learn how to to filter out that field, see "
    Data filter policy
    best practices."
The ZIP codes, professions, and customer types remain unaltered.

0 COMMENTS

We’d like to hear from you!