Skip to content

Get Started With Your Okera Trial

This Okera trial guide provides an easy step-through tutorial to teach you the key concepts of Okera to help you get started using your free trial. To sign up for a trial, fill out the request form at https://info.okera.com/okera-self-serve-trial-lp.

What is Okera Data Access Platform?

Okera Data Access Platform (ODAP) is an enterprise universal data authorization tool that integrates with the main analytics tools in your organization. It allows you to register data from different data sources, easily organize and tag that data, and then grant access to the data using permissions while also specifying fine-grained conditions that enforce column-level security, row-level security, and data masking and transformation. It then dynamically enforces Okera permissions at runtime.

Learn more about ODAP in Product Overview.

What's Included in the Trial?

Your Okera trial begins with an email describing the self-service trial and its trial cluster. The trial includes:

  • Sample data and users you can use to test policy management and policy effects.
  • Embedded prebuilt dashboards and notebooks in Apache Superset, JupyterHub, and Snowflake that you can use to query data and see the effect of policies on the different users.

Trial Environment Scenario

In this self-serve trial environment, your organization is expanding their sales department to include sales directors and sales analysts for each territory in which your company operates. Your trial environment must support the following data restrictions to support the expansion:

  • Each sales director should only see data pertaining to the individual territories that they manage. So, all individuals assigned the sales_director_role should only see data for the territories that they manage.
  • Sales analysts should only see data that is geographically relevant to them, so we will ensure that individuals assigned the sales_analyst_role only see data pertaining to the countries in which they operate.
  • Sales analysts currently have access to all sales data, however, data that is classified as sensitive should be masked for the sales_analyst_role.
  • Individuals in your organization assigned the sales_analyst_role should not be able to see personally identifying information (PII) in the customer data. During this trial, we will make sure that all PII data is identified and protected.

Trial Environment Users

Your trial environment has the following users. Their passwords have been sent to you as part of your introductory kit. When you receive your trial, <tenant> will be replaced with your company name. In images and videos in this trial tutorial documentation, <tenant> is replaced with your_company.

User
Is a member of groups
Assigned to these Okera roles
admin_<tenant> admin
admin_<tenant>
admin_role
okera_public_role
analyst_<tenant> analyst_<tenant>
general_analyst_group
card_analyst_role
marketing_analyst_role
okera_public_role
sales_analyst_role
sally_<tenant> sales_analyst_group
sally_<tenant>
marketing_analyst_role
okera_public_role
sales_analyst_role
sam_<tenant> sales_analyst_group
sam_<tenant>
marketing_analyst_role
okera_public_role
sales_analyst_role
mary_<tenant> marketing_analyst_group
mary_tenant
marketing_analyst_role
okera_public_role
danny_<tenant> danny_<tenant>
director_group
okera_public_role
sales_director_role

Note: In addition to these predefined users, two demo users (demo_user_<tenant> and demo_user2_<tenant>) are provided for you to customize. Use these user definitions to test and optimize the environment as needed.

Okera Permission Model Diagram

Okera uses both role-based access control (RBAC) and attribute-based access control (ABAC) in a complementary way to ensure access management is the most scalable for the enterprise.

Okera uses roles to make grouping permissions for users easier and more scalable. Roles can then be granted to users or groups that are integrated from your organization's identity management system. They can be customized to each organization's naming convention and can be managed programmatically as well as in the UI.

Start Exploring Okera

Use the following links to explore Okera using this trial:

Explore the Catalog

Grant Permissions

Register New Data

Use Snowflake Policy Synchronization