Azure Purview - Data access policy

Question

https://learn.microsoft.com/en-us/azure/purview/how-to-access-policies-storage

Have some questions on this newly announced feature -

1. Where are these policies stored?
2. Are these the same as Azure Policies or different?
3. Are these "policies" ACLs or ABACs(RBACs)?

Answer 1

Hi @Ian Santillan ,

Please find below answers to your question -

1. Where are these policies stored?
   Policies are in Purview human readable data use policy language and stored within Purview itself. Customers don’t need to manage these.
2. Are these the same as Azure Policies or different?
   These are different. Azure Policies are designed to ensure cloud governance in Azure. Purview data use policies are designed for ensuring data governance controls on what users can do with data across operational and analytical systems on-prem & multi-cloud.
3. Are these "policies" ACLs or ABACs(RBACs)?
   Purview human readable data use language is designed for data officers/stewards to articulate the controls that need to be put onto data use. Depending on the system, the enforcement of these policies could happen natively or through conversion into ACLs/Grant/Revokes. For Microsoft systems, we’re implementing these natively within the systems. For Non-Microsoft data systems, this will be done through conversion. Purview data access policies (a subset of the data use policies) are best described as a form of ABAC with additional workflow built into it.

Regarding your another ask, currently Purview team is on-boarding customers into both into the preview and the customer program. Kick off meetings with customers are being scheduled in waves in few upcoming weeks.

Hope this helps. Please let me know if you have any other questions.

Thanks
Saurabh

----------

Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.