Understanding Policy effects¶
Once the policies are in force, access restrictions are applied to the resources (Assets, Files, Events, Timeseries data) through various services and applications.
Prerequisite¶
- Secure Data Sharing (SDS) should be provisioned for the environment. This is an On Demand feature and requested via Support team.
- Toggle switch under the Settings application titled Resource Access Management should be turned ON.
Policy effects¶
By activating the policies, application and service users (apart from Tenant Administrators, Data Lake Managers and Techusers - without Interactive User Impersonation) will be allowed controlled access as defined in the Policy, while accessing the resources as mentioned above. The nature of access restrictions depends on which fine-grained actions are specified in policy definitions.
The list of APIs from various services that support fine-grained access management are listed in Services & Required Actions.
Note
After creating/updating an "active" policy, it takes up to 5 minutes to reflect this change for the access checks in Insights Hub platform services. Similarly, any changes in Usergroup operations (like move, rename, add/remove users, etc.) also takes up to 5 minutes to take effect.