> For the complete documentation index, see [llms.txt](https://docs.trustlogix.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.trustlogix.io/trust-access/data-access-governance/domain-policies.md). # Domain Policies Domain Policies in TrustLogix allow domain owners to create access policies for data domain products spanning multiple data sources. This capability is crucial in environments such as **medallion architecture**, where data moves between layers like **Silver, Gold, and Platinum** across heterogeneous data sources like **SQL Server, Databricks, and Snowflake**. TrustLogix enables users to define a single policy and deploy it across multiple layers while managing access based on assigned principals. ### Steps to Create a Domain Policy #### Navigate to the Domain Policy Configuration * Log in to **TrustLogix**. * Click on the **Main Menu**. * Select **Domain Policies**. * Click **Create Policy**. #### Define Domain Policy Details * Enter the **Policy Name** (e.g., `Grant_Read_Access_On_Sales_Lead`). * Provide a **Policy Description** (e.g., `Grant access on sales lead to data engineer`). * Click **Next**. #### Select Domain and Data Products * Click on the **Domain** dropdown to view all configured domains across all data sources. * Select a **Domain** from the list. * Click on the **Data Product** dropdown to view all data products under the selected domain. * Choose one or more **Data Products**. * Click **Next**. Assign Privileges * Choose the required **Privileges** from the dropdown options: * `READ` * `WRITE` * `DELETE` * Click the **Checkbox** to confirm the selected privileges. * Click **Next**. #### Assign Principals * Click on the **Principal** dropdown to select an entity for access control. * The **Principals will be considered based on the data source type**: * **Role** : Assigns access based on predefined roles. * **User**: Grants access to specific users. * **Group**: Assigns access at a user group level. * Choose the appropriate **Principal Name**. * Click **Save** to validate and generate the policy. #### Deploy the Policy * Click **Deploy** to enforce the policy across applicable data sources. * The policy will be applied to all relevant data layers, ensuring access control consistency. By leveraging Domain, Data Product, Privileges, and Principals, organizations can efficiently manage data security at scale while maintaining compliance and governance best practices. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.trustlogix.io/trust-access/data-access-governance/domain-policies.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.