Protect groups

• Introduction
• Create a Protect group
• Example with a bash script
• Groups tab

Introduction

You need to have at least one Protect group for creating a standard or rule. The Groups tab in Protect contains an overview of Protect groups that are active in the data sources. Each Protect group is associated with a role in the data source.

Create a Protect group

Prerequisites

You have a global role that has the Protect > Edit or Protect > Administration global permission.

Steps

1. On the environment where you want to create a Protect group, click → API Documentation.
   
   Image

   
   The APIs Documentation page opens.

2. In the REST APIs section, click REST Protect API.
   The Collibra Protect API page is shown.
3.  Click Groups → POST → Try it out.
4.  Edit the request body.
   Copy

   Example: POST/groups

   {
     "name": "Sales",
     "mappings": [
       {
         "provider": "CustomDataSource",
         "identity": "SALES"
       }
     ]
   }

   Descriptions of keys

   • name: Unique name to identify the Protect group in Collibra.
   • provider: Primary name that is used to identify the data source (AWSLakeFormation, Databricks, GoogleBigQuery, Snowflake).
     
   • identity: Existing role from the data source to map to the group. Examples:
     • AWS Lake Formation: arn:aws:iam::123456789012:user/johndoe
     • BigQuery: group:[email protected], user:[email protected]
       
     • Databricks: [email protected], fab9e00e-ca35-11ec-9d64-0242ac120002 (service principal)
     • Snowflake: HR_ROLE, SALES_ROLE


5. Click Execute.
   The Protect group is created in Collibra.

Groups tab

The following table describes the columns that are shown on the Groups tab.