For restricted data, it is often important that authenticated users cannot download or otherwise make copies of a dataset or its derivatives. To handle this use case, Redivis implements the concept of export restrictions.
Export restrictions are defined on a permission group, meaning that all datasets that belong to the permission group will inherit the corresponding export restrictions.
Prevents all exports without administrator approval.
Provides a size in GB or records under which users can automatically export data.
If you check "Exceptions allowed," users are able to submit a request to administrators for download approval of any table over this limit.
Provides a whitelist of IP addresses and/or subnets to which a user can automatically export data.
If you check "Exceptions allowed," users are able to submit a request to administrators for download approval of to a different specified IP address.
To configure an export location, go to the settings tab of the administrator panel and click "Add new export location." You’ll want to give it a name, a description that users will see to help them get set up, and the target IP address. It will now be available for your use in configuring any permission groups and dataset export restrictions.
In certain circumstances, administrators may want to approve an export that exceeds one or more export restriction. For example, if a user has special authorization to export data derivatives to another environment, or to handle the case where administrators want to review every export individually.
Users will need to request exceptions on any table that they'd like to export, and administrators can accept or reject theses exception requests.
You can manage restriction exceptions in the members tab of the admin panel.