Protect groups
You need to have at least one Protect group to create a standard or rule. The Groups tab in Protect contains an overview of Protect groups that are active in the data sources. Each Protect group is associated with a role in the data source.
- These groups correspond to your data source roles, not to groups of Collibra users.
- roles are referred to as principals in BigQuery.
- Multiple Protect groups can be mapped to the same data source identity.
- Within a single Protect group, only one mapping per data source is supported. You receive a validation error when creating or editing a Protect group with multiple mappings for the same data source.
Create a Protect group
Prerequisites
You have a global role that has the Protect > Edit or Protect > Administration global permission.
Steps
- On the environment where you want to create a Protect group, click
→ API Documentation.Show an image
The APIs Documentation page opens. - In the REST APIs section, click REST Protect API.
The Collibra Protect API page is shown. - Click Groups → POST → Try it out.
- Edit the request body.CopyExample: POST/groups
{
"name": "Sales",
"mappings": [
{
"provider": "CustomDataSource",
"identity": "SALES"
}
]
}Show descriptions of keys- name: Unique name to identify the Protect group in Collibra.
- provider: Primary name that is used to identify the data source (AWSLakeFormation, Databricks, GoogleBigQuery, Snowflake).
- identity: Existing role from the data source to map to the group. Examples:
- AWS Lake Formation:
arn:aws:iam::123456789012:user/johndoe - BigQuery:
group:[email protected],user:[email protected] - Databricks:
[email protected],fab9e00e-ca35-11ec-9d64-0242ac120002(service principal) - Snowflake:
HR_ROLE,SALES_ROLE
- AWS Lake Formation:
- Click Execute.
The Protect group is created in Collibra.
- The following image shows the roles in Snowflake.
-
The following images show a CSV file (named protect_groups.csv) that contains Protect groups to be added to Collibra, and a bash script that adds those groups to Collibra for Snowflake.
Groups tab
The following table describes the columns that are shown on the Groups tab.
| Column | Description |
|---|---|
| Group Name | Name of the group. |
| System Reference | References to identify the data source and the native identifier associated with the group. |
|
Created By |
Name of the user who created the group. |
| Created Date | Date when the group was created. |