Skip to main content
Domo Knowledge Base

PDP Policy Autocreation


This utility automates the creation of PDP policies.


You will need the following to use the PDP utility:

  • Access Token with access to the customer instance and data sources.

  • The name or ID of the "config" DataSet. This is the DataSet containing the values to create the policies. This typically consists of a user email address and values, as follows:

    • The user name or group name. Separate multiple names using the pipe (|) character.

    • The comparison value in a policy. Separate multiple values using the pipe (|) character.
       Currently only the "equals" operator is supported.  

  • The file, which is auto-generated upon a successful login. Once you have logged in, you can run the utility headless.

If you want email notifications on successes and errors, place a properties file in the same directory as the .jar file, as follows:



Configuration Data Source

The following is an example of the configuration data source. Your configuration DataSet schema should match exactly what is described below. 

Important: Make sure you order the DataSet first by the "target_ds" column and then by the "policy_name" column. This will ensure that all the actions happen on the same DataSet and same policy. 
  • target_ds – The name or ID of the data source in which you want to create the policies.

  • policy_name – The human readable policy name.

  • delete_options 

    • All – Delete all existing PDP policies before creating any new ones.

    • Matches – Only delete the PDP policies that match by name.

    • None – Do not delete any of the existing PDP policies.

    • Update – Update the PDP policies that match by name, create new PDP policies that are not in the existing list, and delete any orphaned policies.

  • policy_column – The column name that the filter will be created on.

  • user_group – The user name or group name. Separate multiple names using the pipe (|) character.

  • value – The value in the filter. Separate multiple values using the pipe (|) character.

To add multiple filters, set the ‘policy_name’ & ‘user_group’ to the same values (shown in pink in the preceding screenshot).

The utility supports multiple target data sources in the 'target_ds' column (shown in red and green in the preceding screenshot).

To add users/groups to the ‘default’ policy set the ‘policy_column’ & ‘value’ to All Rows (shown in purple in the preceding screenshot).

Running the PDP Utility

The PDP Utility can be run in one of three modes: standalone GUI, Command Line or via a configuration file.

Standalone GUI

This is a wizard-like interface that walks you through the creation of the PDP Policies. Double-click the PDP.jar or execute from the command line with no parameters.

java -Xmx1024m -jar PDP_2.0.jar

Command Line

This is a headless utility that can be scripted. Once you have logged in once, you can run the utility headless.

java -Xmx1024m -jar PDP_2.0.jar <domain> <config_ds>

<domain> : The customer instance.

<config_ds> : The name or ID of the "config" DataSet. This is the DataSet that contains the key value pairs to create the polices. This is typically a user email and a value.