Skip to content

Tag Management

Tag Management in Privacera allows you to create, manage, and apply tags to resources across various data platforms. Tags are metadata labels that can be used to classify and organize data, making it easier to enforce access control and encryption/masking policies and manage data governance.

There are two steps to manage tags in Privacera:

  1. Tag Definition: This is the process of creating a tag and defining its attributes. Tag definitions are used to classify and organize data.
  2. Tagging Resources: This is the process of applying tags to resources. Tags can be applied to various data resources such as databases, tables, and columns.

flowchart RL

    subgraph Step 1: Tag Definition
        TAG1[Tag: PII <br> attribute=sensitivityLevel]
        TAG2[Tag: GDPR]
    end

    subgraph Step 2: Tagging Resources
        R1[Column: customer.email<br>sensitivityLevel=MEDIUM]
        R2[Column: customer.ssn<br>sensitivityLevel=HIGH]
        R3[File: s3://data/hr/euro_employees.csv]
        R4[Table: euro_customers]

        R1 -->|tagged with| TAG1
        R2 -->|tagged with| TAG1
        R3 -->|tagged with| TAG2
        R4 -->|tagged with| TAG2
    end
Privacera supports managing tags using APIs and Privacera Portal.

Tag Management via APIs

Privacera supports the standard APIs from Apache Ranger for tag management. The APIs allow you to create, update, delete, and retrieve tags and their associated metadata.

Here is the API documentation for your reference.

Tag Definition via Privacera Portal

Privacera Portal provides a user-friendly interface for managing tags. You can create, edit, and delete tags, as well as assign them to resources. The following sections describe how to manage tags using the Privacera Portal.

Managing Tag Definitions from Privacera Portal

Tag definitions are used to classify and organize data. You can create tag definitions to categorize data based on its sensitivity, e.g. PII, Sensitive, Confidential, etc.

  1. Go to Access Management > Tag Management.
  2. Click + Create Tag.
  3. Enter the Tag Name
  4. Click Save.

Optionally you can also add attributes to the tag definition. Attributes are name with type.

In the Privacera Portal, you can add attributes to a tag definition by following these steps:

  1. While creating or editing Tag Definition, click on Add Attribute.
  2. Enter the Attribute Name.
  3. Select the Attribute Type. Valid types are:
    • String
    • Integer
    • Boolean
    • Date
  4. Click Save.

Managing Tagging Resources

Tagging resources is the process of applying tags to resources. Tags can be applied to various data resources such as databases, tables, columns, and files.

To associate a tag with a resource, you can use the following steps:

  1. Go to Access Management > Tag Management.
  2. Click on the Tagged Resources tab
  3. Click + Tag Resource.
  4. Select the Service. This is the data platform where the resource is located. E.g. privacera_snowflake
  5. Select the Tags. This is the tag you want to apply to the resource. E.g. PII
  6. Select the Resource Type. The dropdown will show the available resource types based on the selected service. E.g. Table, Column, File
  7. For the Resource Type selected, enter the resource names for each resource hierarchy. For example, if you select Table, you will need to enter the database name and table name.
  8. Click Save.

If there are attributes defined for the tag, you will have the option to enter the attribute values for each resource. For example, if you have a tag PII with an attribute sensitivityLevel, you can enter the sensitivity level for each resource.

Data Catalog or External Tag Sources

Privacera supports integration with external tag sources such as Collibra, Alation, DataHub, and Apache Atlas. This allows you to import tags from these sources into Privacera and use them for access control and data governance. These integrations are generally needs some level of customization to map the tags definitions and attributes from the external source to the Privacera tag definitions and attributes. Please contact Privacera support for more information on how to set up these integrations.

For information on how to set up the integration with Data Catalog, please refer to the Data Catalog - Access Tags page.

Comments