Partilhar via


How to view self-service data access policies

In a Microsoft Purview catalog, you can now request access to data assets. If policies are currently available for the data source type and the data source has Data Policy Enforcement enabled, a self-service policy is generated when a data access request is approved.

This article describes how to view self-service data access policies that have been autogenerated by approved access requests.

Prerequisites

Important

To view self-service policies, make sure that the below prerequisites are completed.

Self-service policies must exist for them to be viewed. To enable and create self-service policies, follow these articles:

  1. Enable Data Policy Enforcement - this will allow Microsoft Purview to create policies for your sources.
  2. Create a self-service data access workflow - this will enable users to request access to data sources from within Microsoft Purview.
  3. Approve a self-service data access request - after approving a request, if your workflow from the previous step includes the ability to create a self-service data policy, your policy will be created and will be viewable.

Permission

Only the creator of your Microsoft Purview account, or users with Policy Admin permissions can view self-service data access policies.

If you need to add or request permissions, follow the Microsoft Purview permissions documentation.

Steps to view self-service data access policies

  1. Launch the Microsoft Purview governance portal. The Microsoft Purview governance portal can be launched as shown below or by using the url directly.

    Screenshot showing a Microsoft Purview account open in the Azure portal, with the Microsoft Purview governance portal button highlighted.

  2. Select the policy management tab to launch the self-service access policies.

    Screenshot of the Microsoft Purview governance portal with the leftmost menu open, and the Data policy page option highlighted.

  3. Open the self-service access policies tab.

    Screenshot of the Microsoft Purview governance portal open to the Data policy page with self-service access policies highlighted.

  4. Here you'll see all your policies. The policies can be sorted and filtered by any of the displayed columns to improve your search.

    Note

    The only policies listed here will be policies from access requests that have already been approved. Access policies are not created until a self-service access request has been submitted and approved.

    Screenshot showing the self-service access policies page, with an active filter highlighted next to the keyword filter textbox, and the date created column header selected to sort by that column.

  5. Each policy has these details to tell you more about it. These details make up the simple rules of the policy: A user has been granted specific access to a specific data source.

    • Data source path - the full path of the data source in your Azure subscription that a user now has access to.
    • Access type - what kind of access the user has.
    • Requestor name and On behalf of - Who requested the access and whom the access was for.
    • Date created - when the policy was created (when the access request was approved.)

You can also delete existing self-service access policies, if you're ready to remove access for a user.

Next steps