# Data Products

### Overview

**Data products** are curated, reusable, and value-focused datasets that are designed, developed, and maintained like software products to serve specific business or analytical needs.

Data products are typically created **within and owned by** data domains.

Each domain is responsible for the quality, relevance, and governance of its data products.

Example: The "Customer Profile" data product would belong to the **Customer** domain.

### Policy Administrator Feature Capabilities&#x20;

As discussed under the concept of **data domains**, once **domains** and their corresponding **data products** are created and datasets are assigned.

&#x20;A **Super User** (or central data governance authority) can **delegate governance responsibilities** by assigning a **Domain Policy Administrator** for each domain.

This delegation of responsibility enables **domain-driven data governance** at scale, with the following capabilities granted to the **Policy Administrator**:

#### **Capabilities of a Domain Policy Administrator**

1. **Manage Data Products within Assigned Domains**
   * Create, update, or retire data products owned by their domain.
   * Maintain metadata, documentation, and classification of data products.
2. **Define and Manage ABAC/RBAC Policies**
   * Create fine-grained access control policies using **Attribute-Based Access Control (ABAC)** and **Role-Based Access Control (RBAC)** for data products in their domain.
   * Apply policies to views, tables.
3. **Attribute-Based Policy Enforcement**
   * ABAC policies are further refined using **data product-specific user attributes** (e.g., region, business unit, sensitivity level).
   * Enables dynamic, context-aware access control that adapts based on the user and product characteristics.

### User Attribute Administrator Feature Capabilities&#x20;

To scale and decentralize **Attribute Management**, the Super User can **delegate the responsibility** of managing user-specific attributes to a **Domain User Attribute Administrator** for each domain.

This enables **domain-aligned**, **context-aware**, and **fine-grained attribute-based access control (ABAC)** policies by allowing attribute creation and management closer to the source of domain knowledge.

**Capabilities of Domain User Attribute Administrator:**

1. **Data Product specific Attribute Definition & Management**
   * Define domain-product relevant user attributes (e.g., `region`, `business_unit`, `market_segment`) that are needed to enforce ABAC policies for data products in the domain.
   * Assign and update values for users belonging to their domain based on business roles or responsibilities.

### Step-by-Step Guide

**A. Super User assigning a Policy Administrator**

1. Go to the TrustLogix Dashboard.
2. In the User Management section, click "New User".
3. Enter user details (name, email, description).
4. Assign the user role: Policy Administrator.
5. Under Domain Access, select the relevant domain(s) (e.g., FinanceDetails).
6. Save the user profile.

B. **Super User assigning a User Attribute Administrator**

1. Go to the TrustLogix Dashboard.
2. In the User Management section, click "New User".
3. Enter user details (name, email, description).
4. Assign the user role: User Attribute Administrator.
5. Under Domain Access, select the relevant domain(s) (e.g., FinanceDetails).
6. Save the user profile.

**C. Policy Administrator Creating ABAC policies**

1. Go to the TrustLogix Dashboard.
2. In the Data sources section, Access Policy ->  Click Create Policy
3. Select **Row Access** Option
4. Provide Policy Name, Description
5. Select **Classified As** under Objects
6. Choose Data Products
7. Configure the conditions in the condition builder section
   1. These also have Data Product based User Attributes
8. Click Save & Deploy policy.

**D. User Attribute Administrator Creating product specific attributes**

1. Go to the TrustLogix Dashboard.
2. Navigate to **Attribute Management** from Menu.
3. Under the **Attributes** section click on **Add Attribute**
4. Select the registered **Snowflake** data source name.
5. Choose the specific **Data Product** (e.g. Accounting\_Finance) associated with this user attribute from Data Product dropdown.
6. Select **ALL** option for using it as common user attribute.
7. Enter the attribute **Display Name, Description**.
8. Choose the attribute **DataType**.
9. Choose the attribute **Group** (Optional).
10. Click **Save**.
11. Once Attribute is Saved, Click **Provision** to push attribute to Snowflake data source.