Add metadata policy

POST /api/service/personas/{id}/policies#metadata

Add a single metadata policy to a persona.

Path parameters

  • id string Required

    Unique identifier of the persona to which to add the policy.

Body Required

Details of the policy to add to the persona.

  • type string | null Required

    Type of policy to be added to the persona.

    Values are metadataPolicy, dataPolicy, glossaryPolicy, or null.

  • policy object Required

    Instance of metadata policy on a persona in Atlan, with its detailed information.

    • actions array[string] | null

      List of granular permissions within the policy, to apply to the defined assets.

      Permissions are as follows:

      • entity-read: view activity, lineage, custom metadata and SQL queries for processes in lineage or view definitions
      • entity-update: update asset metadata including description, certification, owners, readme and resources
      • entity-create: create new assets within the selected connection or specified database/schema (via API)
      • entity-delete: delete assets within the selected connection or specified database/schema (via API)
      • entity-update-business-metadata: update custom metadata values for the assets
      • entity-add-classification: attach classifications to assets
      • entity-remove-classification: remove classifications from assets
      • add-terms: attach terms to assets
      • remove-terms: remove terms from assets
      • link-assets: link readme and resources to the assets

      Values are entity-read, entity-update, entity-create, entity-delete, entity-update-business-metadata, entity-add-classification, entity-remove-classification, add-terms, remove-terms, or link-assets.

    • allow boolean | null

      If false, this applies an "explicit deny" to the listed permissions. Those permissions will not be granted to any users on the policy, even if those users are parts of other policies that do give them those permissions. In other words, this "explicit deny" will take precedence over all other permissions for the same assets and users.

    • name string | null

      Meaningful explanation of the policy.

    • description string | null

      Unused.

    • assets array[string] | null

      List of assets to which the policy applies.

    • connectionId string | null

      Unique identifier (GUID) of the connection to which this policy applies.

Responses

  • 200 object

    Policy was successfully added to persona.

    • actions array[string] | null

      List of granular permissions within the policy, to apply to the defined assets.

      Permissions are as follows:

      • entity-read: view activity, lineage, custom metadata and SQL queries for processes in lineage or view definitions
      • entity-update: update asset metadata including description, certification, owners, readme and resources
      • entity-create: create new assets within the selected connection or specified database/schema (via API)
      • entity-delete: delete assets within the selected connection or specified database/schema (via API)
      • entity-update-business-metadata: update custom metadata values for the assets
      • entity-add-classification: attach classifications to assets
      • entity-remove-classification: remove classifications from assets
      • add-terms: attach terms to assets
      • remove-terms: remove terms from assets
      • link-assets: link readme and resources to the assets

      Values are entity-read, entity-update, entity-create, entity-delete, entity-update-business-metadata, entity-add-classification, entity-remove-classification, add-terms, remove-terms, or link-assets.

    • allow boolean | null

      If false, this applies an "explicit deny" to the listed permissions. Those permissions will not be granted to any users on the policy, even if those users are parts of other policies that do give them those permissions. In other words, this "explicit deny" will take precedence over all other permissions for the same assets and users.

    • name string | null

      Meaningful explanation of the policy.

    • description string | null

      Unused.

    • assets array[string] | null

      List of assets to which the policy applies.

    • connectionId string | null

      Unique identifier (GUID) of the connection to which this policy applies.

    • createdAt integer(int64) | null

      Date and time (epoch) at which the policy was created, in milliseconds.

    • createdBy string | null

      User who created the policy.

    • updatedAt integer(int64) | null

      Date and time (epoch) at which the policy was last updated, in milliseconds.

    • updatedBy string | null

      User who last updated the policy.

    • id string | null

      Unique identifier (GUID) for the policy.

POST /api/service/personas/{id}/policies#metadata 
curl \
 -X POST https://tenant.atlan.com/api/service/personas/9bee3ff8-9bf4-436f-927b-3e415fd3afe9/policies#metadata \
 -H "Authorization: Bearer $ACCESS_TOKEN" \
 -H "Content-Type: application/json" \
 -d '{"type":"metadataPolicy","policy":{"actions":["entity-read","entity-update","entity-create","entity-delete","entity-update-business-metadata","entity-add-classification","entity-remove-classification","add-terms","remove-terms","link-assets"],"assets":["default/snowflake/1655116256"],"connectionId":"74b02320-3b01-4896-81ea-b7ac4d5e4b9b","allow":true,"name":"Full metadata access to all of Snowflake","description":""}}'
Request example 
{
  "type": "metadataPolicy",
  "policy": {
    "actions": [
      "entity-read",
      "entity-update",
      "entity-create",
      "entity-delete",
      "entity-update-business-metadata",
      "entity-add-classification",
      "entity-remove-classification",
      "add-terms",
      "remove-terms",
      "link-assets"
    ],
    "assets": [
      "default/snowflake/1655116256"
    ],
    "connectionId": "74b02320-3b01-4896-81ea-b7ac4d5e4b9b",
    "allow": true,
    "name": "Full metadata access to all of Snowflake",
    "description": ""
  }
}
Response example (200) 
{
  "actions": [
    "entity-read",
    "entity-update",
    "entity-create",
    "entity-delete",
    "entity-update-business-metadata",
    "entity-add-classification",
    "entity-remove-classification",
    "add-terms",
    "remove-terms",
    "link-assets"
  ],
  "allow": true,
  "assets": [
    "default/snowflake/1655116256"
  ],
  "connectionId": "74b02320-3b01-4896-81ea-b7ac4d5e4b9b",
  "createdAt": 1655221417218,
  "createdBy": "service-account-apikey-e8d1f0bd-600e-4a8a-9248-b7c9aa1ef8c3",
  "description": "",
  "id": "dca8c163-40a7-4cab-9f92-2863a22a4188",
  "name": "Full metadata access to all of Snowflake"
}