Back to Docs

Policy & Entitlements

Define access policies once and enforce them across all your data platforms.

Overview

The Policy Engine enables centralized access control using RBAC/ABAC patterns with dynamic enforcement.

Policy Types

  • Access Policies: Who can access what data
  • Masking Policies: Dynamic data masking rules
  • Row-Level Security: Filter rows based on user attributes

Creating a Policy

POST /api/v1/policies
{
  "name": "PII Access Policy",
  "type": "access",
  "rules": [
    {
      "condition": "user.role == 'analyst'",
      "assets": "tags:PII",
      "effect": "mask"
    }
  ]
}