Chat now with support
Chat mit Support

Identity Manager Data Governance Edition 8.1.1 - Technical Insight Guide

Introduction Data Governance Edition Network Communications Data Governance service Data Governance agents Resource activity collection in Data Governance Edition Cloud managed hosts permission level to role mapping QAM module tables Configurable configuration file settings
Data Governance service configuration file settings Data Governance agent configuration file settings
Configurable registry settings PowerShell commands
Adding the PowerShell snap-ins Finding component IDs Data Governance Edition deployment Service account management Managed domain deployment Agent deployment Managed host deployment Account access management Resource access management Governed data management Classification management

Get-QGovernedDataByClassificationLevel

Retrieves a list of governed resources assigned a specific classification level.

Syntax:

Get-QDataUnderGovernanceByClassificationLevel [-ClassificationLevelId] <String> [<CommonParameters>]

Table 253: Parameters
Parameter Description
ClassificationLevelId

Specify the identifier assigned to the classification level.

NOTE: Run the Get-QClassificationLevelConfiguration cmdlet to retrieve a list of configured classification levels, including their assigned identifiers.
Examples:
Table 254: Examples
Example Description

Get-QDataUnderGovernanceByClassificationLevel -ClassificationLevelId 51442B53-A9BE-4EE0-8A89-B5D5ED3CF387

Returns a list of the governed resources associated with the specified classification level.
Details retrieved:
Table 255: Details retrieved
Detail Description (Associated key or property in QAMDuG table)
ManagedHostId Value (GUID) assigned to the managed host computer.
IsForITShop Indicates if the resource is available for requests through the IT Shop.
DatePublishedToITShop The date (UTC) when the resource was published to the IT Shop.
IsPublishable Indicates that the resource is able to be published to the IT Shop.
IsPointOfInterest Indicates that a point of interest was intentionally placed under governance.
RequiresOwnership Indicates that the resource requires that an owner be assigned.
DisplayName Name of the governed resource.
DisplayPath Path and name of the governed resource.
Description Descriptive information entered for the governed resource.
FullPath Full path of the governed resource.
FullPathHashSHA1 Hash value over the full path for unique identification.
Justification The reason for assigning this owner to the resource.
OwnershipSetBy Name of the account that set the owner.
PlacedUnderGovernanceBy Name of the account that placed the resource under governance.
RiskIndex Calculated risk index of all assignments to this data.
ActivityResourceId The value that relates the roots in this database to data in the Data Governance activity resource database.
DateOwnershipSet The date (UTC) when the ownership of the resource was set.
UID_QAMDuG The identifier assigned to the governed resource by Data Governance Edition.
IsStale Indicates whether the resource was renamed or deleted.
LastEncounteredTime The time detailed security information was successfully collected.
PersonOwnerKey If you have assigned a person as the business owner of this resource, this is the primary key of that person.
PersonOwnerDisplay If a person is assigned as the business owner, the name of that employee.
RoleOwnerKey If you have assigned a role as the business owner of this resource, this is the primary key of that role.
RoleOwnerDisplay If an application role is assigned as the business owner, the name of that application role.
ResourceType The governed data type.
ManagedHostName The name of the managed host computer.
UseBackingFolderSecurity Indicates to use the backing folder of a share.
LastPoiCollection The date (UTC) when the POI was last collected.
LastPoiSubmission The date (UTC) when the POI was last submitted.
Security The security used for governance. (SecurityForGovernance)
ClassificationLevelId If a classification level is assigned, the identifier assigned to the classification level. (UID_QAMClassificationLevelMan Value)
ClassificationLevelName If a classification level is assigned, the name assigned to the classification level. (UID_QAMClassificationLevelMan)

Remove-QClassificationLevel

Removes an existing classification level from your Data Governance Edition deployment.

Syntax:

Remove-QClassificationLevel -[-ID] <String> [<CommonParameters>]

Table 256: Parameters
Parameter Description
ID

Specify the identifier assigned to the classification level to be removed.

NOTE: Run the Get-QClassificationLevelConfiguration cmdlet to retrieve a list of configured classification levels, including their assigned identifiers.

NOTE: Deleting a classification level will automatically remove it from all associated governed data. Prior to running this cmdlet, run the Get-QDataUnderGovernanceByClassificationLevel cmdlet to retrieve a list of the resources assigned to the specified classification level.
Examples:
Table 257: Examples
Example Description
Remove-QClassificationLevel -ID 4E4F22C7-A30A-45C3-808A-C134C132B590 Removes the specified classification level from your Data Governance Edition deployment.

Set-QClassificationLevel

Updates an existing classification level defined for use by the Data Governance Edition deployment.

Syntax:

Set-QClassificationLevel [-ID] <String> [[-Name] [<String>]] [[-Description] [<String>]] [[-SortOrder] [<Int>]] [<CommonParameters>]

Table 258: Parameters
Parameter Description
ID

Specify the identifier assigned to the classification level to be updated.

NOTE: Run the Get-QClassificationLevelConfiguration cmdlet to retrieve a list of configured classification levels, including their assigned identifiers.
Name

Specify to change the name to be associated with the specified classification level.

The length of the name is limited to 512 characters. Any text is allowed, including spaces and other special characters.

Description

Specify to change the descriptive text to be associated with the specified classification level.

Any text is allowed, including spaces and other special characters.

SortOrder

Specify to change the display order of the selected classification level.

Examples:
Table 259: Examples
Example Description
Set-QClassificationLevel -ID D7EADC4B-46F1-430A-95C7-1D300A4E6FA3 -Name "Public" -Description "General information created for internal or external sources that can be shared publicly." Changes the name and description of the specified classification level.

Set-QClassificationLevelOnDuG

Assigns a classification level to a governed resource.

Syntax:

Set-QClassificationLevelOnDuG [-DuGId] <String> [-ClassificationLevelId] <String> [[Justification] [<String>]] [<CommonParameters>]

Table 260: Parameters
Parameter Description
DuGID

Specify the identifier assigned to the governed resource to be classified (that is, value assigned to UID_QAMDuG parameter).

NOTE: Run the Get-QDataUnderGovernance cmdlet to retrieve a list of governed resources for a managed host or resource path, including their assigned identifiers.
ClassificationLevelId

Specify the identifier assigned to the classification level to be assigned (that is, value assigned to UID_QAMClassificationLevelMan parameter).

NOTE: Run the Get-QClassificationLevelConfiguration cmdlet to retrieve a list of configured classification levels, including their assigned identifiers.
Justification (Optional) Enter the reason for assigning this classification level
Examples:
Table 261: Examples
Example Description

Set-QClassificationLevelOnDuG -DuGID 3FAA7F80-F964-4C2A-8F99-045EE43A0A3F -ClassificationLevelId 51442B53-A9BE-4EE0-8A89-B5D5ED3CF387 -Justification "Contains company confidential information"

Manually assign the 'Internal Use Only' classification level (with UID_QAMClassificationLevel value of 51442B53-A9BE-4EE0-8A89-B5D5ED3CF387) to the specified governed resource (with UID_QAMDuG value of 3FAA7F80-F964-4C2A-8F99-045EE43A0A3F).
Verwandte Dokumente