For high-risk data, it is often important that full data are never downloaded to a non-sandbox environment. To handle this use case, Redivis implements the concept of usage rules. Usage rules define what actions a research can take with a dataset once they have data access.
This table is part of a dataset which restricts exports
These restrictions apply to all users of a dataset (expect organization administrators, who may bypass the restrictions to export data).
Export of restricted data on Redivis is allowed through export environments. Each environment defines a location or locations to which a user can export data under certain conditions.
Export environments can limit data exports to specific IP addresses, Google Cloud Storage buckets, Google BigQuery projects, or to Google Data Studio.
In addition, organization admins can specify either size limitations (by number of table rows or table gigabytes), or require that every export receives admin approval. If you tries to export a table larger than the size limitation, they have to get admin approval.
IP address environments limit downloads to only a specific IP address (or a set of addresses) configured by the organization admin.
BigQuery environments limit exports to only a specific Google BigQuery project (or set of projects) configured by the organization admin.
Cloud Storage environments limit exports to only a Google Cloud Storage bucket (or set of buckets) specified by the organization admin.
Data Studio environments limit exports to only Google Data Studio.
Custom environments limit exports to any user-requested location (either an IP address, BigQuery project, Cloud Storage bucket, or Data Studio), but must always receive admin approval for each user-specified location.
Configure export restrictions in the dataset access modal or on a permission group
Depending on the configuration of export environments on a dataset with restricted exports, you may have to request admin approval to export data.
If the button (Download, Visualize data, or Export) in the table export modal) to your desired export destination is disabled, you should Request approval from organization admins. Approvals apply only to individual tables — you cannot request blanket exceptions to a dataset.
Request approval to download to a specific IP address
When a member of an organization submits an export exception request, it will show up as an alert for that member, directing you to the Export approvals tab. If you open the approval request, you will see details about the table that is being requested, alongside the ability to view that table in the context of the researchers' project. The request can be approved or rejected much the same way as requirements.
Exports are approved on the organization admin panel