As a TD Administrator, you can create tags, attach the tags to columns, and then create policies to enforce column access.
You can create tags that allow you to control access to a column as determined by the specific policy or allow you to annotate columns to search for data more efficiently. For each column, you can only create one Policy tag. In the following example, view how to create a policy type of tag called PII.
$ curl -s -H "Content-Type: application/json" -d '{"data":{"attributes":{"name":"PII","humanReadableName":"PII","comment":"Personal Identifiable Information","namespace":"POLICY","color":"POLICY_DEFAULT"}}}' -H "Authorization: TD1 ..." -X POST https://api-data-def-repo.treasuredata.com/v1/annotation-type/custom- Example of response
{
"id": "3213869e-7e13-45fc-99a7-1b039a7333a5",
"attributes": {
"name": "PII",
"humanReadableName": null,
"comment": "Personal Identifiable Information",
"version": 1,
"createdAt": "2022-01-13T19:23:23.588114Z",
"updatedAt": "2022-01-13T19:23:23.588114Z",
"color": "POLICY_DEFAULT",
"namespace": "POLICY"
},
"type": "annotation-type"
} Only an administrator can edit or delete a policy. Treasure Data prevents an administrator from deleting a tag if it is being referenced by a policy.
$ curl -s -H "Content-Type: application/json" -d '{"data":{"attributes":{"color":"PII","comment":"Personal data"}}}' -H "Authorization: TD1 ..." -X PATCH https://api-data-def-repo.treasuredata.com/v1/annotation-type/custom/3213869e-7e13-45fc-99a7-1b039a7333a5- Example of response
{
"id": "3213869e-7e13-45fc-99a7-1b039a7333a5",
"attributes": {
"name": "PII",
"humanReadableName": null,
"comment": "Personal data",
"version": 3,
"createdAt": "2022-01-13T19:23:23.588114Z",
"updatedAt": "2022-01-13T19:27:59.238233Z",
"color": "PII",
"namespace": "POLICY"
},
"type": "annotation-type"
}