Export environments
Overview
For restricted data, you'll often want to assign restrictions to whether users can move data off of Redivis and onto external systems. For example, you may want researchers to be able to download data to a compute cluster for further analysis, but not onto their personal computer.
In this section of your organization settings, you can define specific export environments that can then be applied to datasets.
Configuring export environments
All export environments are given a unique name and optional description, which can be helpful for users to understand the context for what the environment is and when it applies. You can then specify the type of environment and any accompanying rules:
Export environment types
IP Address
Specify any number of IP addresses (or subnets, using CIDR notation) that represent the export environment. For example, if your on-premise cluster has persistent IP address(es), they would be listed here.
If you want to configure the workflow "Users can download derivatives of this dataset to anywhere, but only upon admin approval", create an IP Address environment with the wildcard IP address 0.0.0.0/0
and turn on All exports must be approved by an administrator.
This is often preferable to the Custom location environment type outlined below, as the latter mechanism is intended for you to grant a specific user the ability to download a specific table to a specific IP address (or cloud location). Given that users' IP addresses frequently change, giving approval for a user to one IP address might not work as they move between networks.
Google BigQuery
Specify specific Google Cloud project(s) to which BigQuery exports are allowed.
Google Cloud Storage
Specify specific Google Cloud Storage buckets(s) to which exports are allowed.
Google Data Studio
Allow data to be used within Google Data Studio dashboards.
Custom location
A "catch-all" environment, the custom location allows for researchers to request export on a case-by-case basis. For example, if they want to export a specific table to a given GCS bucket, or to a specific IP address, they'll be able to make this request which will then be sent to administrators for approval.
Export environment rules
By default, any exports to the specified environment will be permitted (assuming the environment is assigned to a given dataset). However, you can specify additional rules associated with the environment to allow fine-grained control:
All exports must be approved by an administrator
If this rule is turned on, every export to the specified environment must first be approved by an administrator.
Export size
If enabled, only exports above the specified size will require administrator approval. The size can be specified in terms of gigabytes (GB) or number of rows in the exported table.
Export size restrictions do not strictly disallow exports above a given size, as users can always break up tables into multiple smaller subsets and then export
Last updated