How to view self-service data access policies
In a Microsoft Purview catalog, you can now request access to data assets. If policies are currently available for the data source type and the data source has Data Policy Enforcement enabled, a self-service policy is generated when a data access request is approved.
This article describes how to view self-service data access policies that have been autogenerated by approved access requests.
Prerequisites
Important
To view self-service policies, make sure that the below prerequisites are completed.
Self-service policies must exist for them to be viewed. To enable and create self-service policies, follow these articles:
- Enable Data Policy Enforcement - this will allow Microsoft Purview to create policies for your sources.
- Create a self-service data access workflow - this will enable users to request access to data sources from within Microsoft Purview.
- Approve a self-service data access request - after approving a request, if your workflow from the previous step includes the ability to create a self-service data policy, your policy will be created and will be viewable.
Permission
Only the creator of your Microsoft Purview account, or users with Policy Admin permissions can view self-service data access policies.
If you need to add or request permissions, follow the Microsoft Purview permissions documentation.
Steps to view self-service data access policies
Launch the Microsoft Purview governance portal. The Microsoft Purview governance portal can be launched as shown below or by using the url directly.
Select the policy management tab to launch the self-service access policies.
Open the self-service access policies tab.
Here you'll see all your policies. The policies can be sorted and filtered by any of the displayed columns to improve your search.
Note
The only policies listed here will be policies from access requests that have already been approved. Access policies are not created until a self-service access request has been submitted and approved.
Each policy has these details to tell you more about it. These details make up the simple rules of the policy: A user has been granted specific access to a specific data source.
- Data source path - the full path of the data source in your Azure subscription that a user now has access to.
- Access type - what kind of access the user has.
- Requestor name and On behalf of - Who requested the access and whom the access was for.
- Date created - when the policy was created (when the access request was approved.)
You can also delete existing self-service access policies, if you're ready to remove access for a user.