Business Graph policy
Configure glossary access in personas: control who can create, update, and delete terms and categories, link terms to assets, and manage tags and custom metadata within a glossary in Atlan. Business Graph policies govern glossary metadata, specifically terms and categories.
Use Business Graph policies to control, per glossary, who can:
- Create terms and categories inside the glossary
- Update descriptions, certification, owners, READMEs, and resources for the glossary, terms, and categories
- Link terms in the glossary to other assets
- Delete terms and categories inside the glossary
- Manage tags and custom metadata on terms and categories
Read permission on terms, categories, and glossaries exists by default and can't be modified. Business Graph policies don't restrict users from viewing a glossary and its contents in the Glossary section.
Business Graph policies can only be defined through personas.
Access
Business Graph policies aren't enabled by default. To use them, you must be an admin, or hold the Governance Admin sub-role, with permissions to define personas and governance settings.
You can access this in Governance → Access Control → Personas, then open a persona (or create a new one), go to the Policies tab, and click New Policy → Business Graph Policy. Once saved, the policy applies to all users and groups linked to that persona.
Name
Specifies a unique name to identify the Business Graph policy in Atlan. This name must briefly describe the purpose or scope of the policy.
Example:
Marketing-glossary-policy
Select glossary
Choose the glossary on which this policy is applied. The policy governs the terms and categories within the selected glossary.
Example:
Marketing glossary
Configure permissions
Define what users in the persona can do with the glossary, its terms, and its categories.
Edit
Controls structural changes to the glossary, terms, and categories.
- Read: view the glossary, terms, and categories (granted by default).
- Update: edit descriptions, certification, owners, READMEs, and resources.
- Create: create new terms and categories in the glossary.
- Delete: delete terms and categories in the glossary.
Governance
Manages associations and custom metadata on terms and categories.
- Update custom metadata values: edit custom metadata applied to terms and categories.
- Add tags: add Atlan tags to terms.
- Remove tags: remove Atlan tags from terms.
Deny selected permissions
Explicitly restricts an action, even when it's granted through another policy. Deny rules take precedence and override grants from other policies, including the Admin role. An explicit deny is a hard ceiling that no role or approval can override.
See also
- Metadata policy: Govern access to an asset's metadata.
- Create a persona: Attach a Business Graph policy to a persona.
- What are personas?: How personas scope team access.