Set Data Governance for Unstructured Data Sources (Beta)
For easier data governance, you can enable preset policies and permissions when connecting unstructured data sources like Google Drive and Microsoft SharePoint. The process differs for Google Drive and Microsoft SharePoint.
| REQUIRED EDITIONS | |
|---|---|
| Available in: Enterprise, Unlimited, Agentforce 1 Editions | |
| USER ROLES NEEDED | |
| To configure Agentforce Coworker: | Data 360 Admin or Data 360 Architect |
| USER PERMISSIONS NEEDED | |
| To use Agentforce Coworker: | Access_Ai_Search Permission Set Group, AI Search Permission Set License |
| To configure Agentforce Coworker: | Agentforce Coworker Admin Permission Set, AI Search Setup Permission Set License |
Document permission changes in Google Drive or Microsoft SharePoint can take up to 1 hour to reflect in search results. As a result, when a user's access to a document is revoked, they can still see the document title, URL, and metadata in search results for up to 1 hour after revocation, but they can't open the document.
- To ingest the relevant user, group, and permission metadata associated with the ingested files from Google Drive or SharePoint, select Inherit permissions for data source.
- To automatically create source-defined access policies using the ingested user, group, and permission data, select Apply data access policy (auto-create). These policies make sure that users performing search can only view files that they already have access to within Google Drive or SharePoint.
When you opt in to ingesting Google Drive or SharePoint user, group, and permission data and applying data access policies, Data 360 automatically creates the following entities:
DLOs and DMOs
These entities are created to ingest and format the needed information about users, groups, and permissions from the Google Drive or SharePoint instance and auto-create the Data Governance Policies.
| Google Drive Entity Name | SharePoint Entity Name |
|---|---|
| GDriveConnectionIDAclEntry | USPOINTConnectionIDAclEntry |
| GDriveConnectionIDUsers | USPOINTConnectionIDUsers |
| GDriveConnectionIDGroupMembers | USPOINTConnectionIDGroupMembers |
| GDriveConnectionIDGroups | USPOINTConnectionIDGroups |
| GDriveConnectionIDCombinedAcl | USPOINTConnectionIDCombinedAcl |
| GDriveConnectionIDSysIdentifier | USPOINTConnectionIDSysIdentifier |
| GDriveConnectionIDSysEmail | USPOINTConnectionIDSysEmail |
| GDriveConnectionIDSysUser | USPOINTConnectionIDSysUser |
| GDriveConnectionIDPerm | USPOINTConnectionIDPerm |
Batch Transforms
These entities transform ingested user, group, and permission data to the schema needed to create Data Governance Policies.
| Google Drive Entity Name | SharePoint Entity Name |
|---|---|
| GDriveConnectionIDAcl | USPOINTConnectionIDAcl |
| GDriveConnectionIDPerm | USPOINTConnectionIDPerm |
| GDriveConnectionIDUser | USPOINTConnectionIDUser |