Back to Policy

Policy Engine

Create and manage data access policies.

Policy Types

  • Access Policies: Who can access what
  • Masking Policies: How data is masked
  • Row-Level Security: Filter rows by user

Creating a Policy

POST /api/v1/policies
{
  "name": "PII Access Restriction",
  "type": "access",
  "rules": [
    {
      "condition": "user.department != 'HR'",
      "assets": "tag:PII",
      "effect": "deny"
    }
  ]
}

Policy Conditions

Use ABAC attributes like user.role, user.department, user.location in conditions.