Skip to content

Service Explorer

The Service Explorer in Privacera provides a centralized, interactive view of the permissions applied across your data landscape. It allows you to explore users, groups, and roles that have access to various levels of your data hierarchy from databases and schemas to tables and columns across all supported services integrated via Privacera PolicySync.

This is currently supported only the data platforms which are integrated with Privacera PolicySync.

Here are a few of the supported data platforms. Please refer to respective connector documentation for the type of integration.

  • Snowflake
  • Databricks Unity Catalog
  • AWS Redshift
  • PostgreSQL

To access the Service Explorer, go to Access Management > Service Explorer in the Privacera Portal.

Key Interface Components

  • Connectors List (Left Panel): Displays all configured PolicySync connectors.
  • Data Hierarchy Panel (Middle): Interactive drill-down into resources: database → schema → table → column.
  • Access Summary Panel (Right): Shows policy types, access types (e.g., SELECT, INSERT), and counts of users, groups, and roles granted access.

Drill-Down Navigation

You can explore the access hierarchy by selecting a connector and drilling into its metadata:

  1. Click a connector to see databases linked to that service
  2. Click a database to see its schemas
  3. Click a schema to view the tables
  4. Click a table to view columns and permissions

Each level shows:

  • Policy Type (Access or Deny)
  • Access Granted (e.g., SELECT, USE)
  • User/Group/Role Counts who have access

Viewing Access Details

If any of the user/group/role counts is greater than zero, clicking it will display the detailed list of identities and their corresponding permissions on that object.

Example:

  • Click on a table → orders
  • See Access Type: SELECT, Groups: 3, Roles: 2
  • Click Groups to see which groups (e.g., analysts, marketing_team) have SELECT access on orders
  • You can filter connectors or resource paths using the search box
  • Type partial names to quickly narrow the visible list

This is helpful when working with large enterprise-scale metadata trees.

Use Cases

  • Audit and verify access at any level of data
  • Investigate unexpected data exposure or access requests
  • Confirm impact of newly added or modified policies
  • Answer compliance questions such as: "Who has access to customer_email column?"

Best Practices

  • Use filters to narrow scope and reduce noise
  • Drill down to the column level to assess sensitive data exposure
  • Regularly validate access mappings with audit teams
  • Combine Service Explorer with audit logs for full visibility

Comments