Hi, I'm Ask INFA!
What would you like to know?
ASK INFAPreview
Please to access Ask INFA.
Communities
A collaborative platform to connect and grow with like-minded Informaticans across the globe
Product Communities
Connect and collaborate with Informatica experts and champions
Discussions
Have a question? Start a Discussion and get immediate answers you are looking for
User Groups
Customer-organized groups that meet online and in-person. Join today to network, share ideas, and get tips on how to get the most out of Informatica
Get Started
Community Guidelines
Knowledge Center
Troubleshooting documents, product guides, how to videos, best practices, and more
Knowledge Base
One-stop self-service portal for solutions, FAQs, Whitepapers, How Tos, Videos, and more
Support TV
Video channel for step-by-step instructions to use our products, best practices, troubleshooting tips, and much more
Documentation
Information library of the latest product documents
Velocity (Best Practices)
Best practices and use cases from the Implementation team
Learn
Rich resources to help you leverage full capabilities of our products
Trainings
Role-based training programs for the best ROI
Certifications
Get certified on Informatica products. Free, Foundation, or Professional
Product Learning Paths
Free and unlimited modules based on your expertise level and journey
Resources
Library of content to help you leverage the best of Informatica products
Tech Tuesdays Webinars
Most popular webinars on product architecture, best practices, and more
Product Availability Matrix
Product Availability Matrix statements of Informatica products
SupportFlash
Monthly support newsletter
Support Documents
Informatica Support Guide and Statements, Quick Start Guides, and Cloud Product Description Schedule
Product Lifecycle
End of Life statements of Informatica products
Ideas
Events
Change Request Tracking
Marketplace
English
  • Data Integration
  • All Products

Table of Contents

Search

  1. Preface
  2. Transformations
  3. Source transformation
  4. Target transformation
  5. Access Policy transformation
  6. Aggregator transformation
  7. B2B transformation
  8. Chunking transformation
  9. Cleanse transformation
  10. Data Masking transformation
  11. Data Services transformation
  12. Deduplicate transformation
  13. Expression transformation
  14. Filter transformation
  15. Hierarchy Builder transformation
  16. Hierarchy Parser transformation
  17. Hierarchy Processor transformation
  18. Input transformation
  19. Java transformation
  20. Java transformation API reference
  21. Joiner transformation
  22. Labeler transformation
  23. Lookup transformation
  24. Machine Learning transformation
  25. Mapplet transformation
  26. Normalizer transformation
  27. Output transformation
  28. Parse transformation
  29. Python transformation
  30. Rank transformation
  31. Router transformation
  32. Rule Specification transformation
  33. Sequence transformation
  34. Sorter transformation
  35. SQL transformation
  36. Structure Parser transformation
  37. Transaction Control transformation
  38. Union transformation
  39. Vector Embedding transformation
  40. Velocity transformation
  41. Verifier transformation
  42. Web Services transformation

Transformations

Transformations

Back Next

Data access policy best practices

Data access policy
 best practices

To effectively use
data access policies
 in Access Policy transformations, use the following guidelines as best practices.
Data Integration
 treats both date and timestamp data types as timestamps. As a best practice, in
Data Access Management
, create a
data filter rule
 or a
cell-level de-identification
 with two distinct criteria. In one criterion, use the date data type. In the other criterion, use the timestamp data type with the same values as the first criterion. This second criterion is for the Access Policy transformation.
In order to provide flexibility for a variety of use cases, the Access Policy transformation appends a new field called access_policy_filter that indicates whether a row is affected by
data filter policies
. For most use cases, it is appropriate to filter out these rows and the access_policy_filter field from the output.
When your data source includes additional columns not defined in the table, start the name of appended columns with “cdamx_”. If you need to pass additional column through an Access Policy transformation, you can select “Query” from the Source Type menu and start the name of the appended columns with “cdamx_”.
The following image shows the Source tab for a source:
In the Source Type menu, you can select "Query" and enter a query.
For example, if you want to add the row number to the existing table, you can write a query to select all columns as they appear in the catalog and append the row number column as "cdamx_rownum".
The access_policy_filter field displays FAILURE_FIELD when
Data Access Management
 is unable to apply a
data protection
. The field is redacted with null. This can occur when a field's value does not meet the criteria specified in a
data protection
's regular expression syntax. For example, a
data protection
 might specify consistently randomizing a five-digit postal code. If a field contains more than five digits, the access_policy_filter field displays FAILURE_FIELD and the field is redacted with null.
Use the following best practices when defining Access Policy transformations that include
data access policies
:
  • Add a Filter between the Access Policy transformation and the Target.
    • On the Incoming Fields tab, include all fields.
    • On the Filter tab, add a simple filter condition for the field name access_policy_filter with a value of ACCESS_DENIED.
      The following image shows the Filter tab:
      The Filter tab with "Simple" as the filter condition and ACCESS_DENIED as the value for the access_policy_filter field name.
  • Select the Target in your mapping.
    • On the Incoming Fields tab, exclude the field named access_policy_filter.
      The following image shows the Incoming Fields tab for the Target:
      The Incoming Fields tab of the Target. The Include operator includes all fields. The Exclude operator has one field excluded. The field name is access_policy_filter.
  • When setting Source Type to Query, manually set the Asset parameter.
    • If you select “Query” from the Source Type menu, you must select "Override Asset Name," search for, and select the data asset.
      The following image shows the
      Select Data Asset
       window:
      The Select Data Asset window includes a selection box and an "Override Asset Name" option.
0 COMMENTS
We’d like to hear from you!