Deploy Policy to a Datastore

Workflow to deploy policy to datastore.

Summary

Deploy the completed policy to a Datastore so that its rules are actively enforced during real data access operations.

Description

Deploying a policy makes it operational on a specific Datastore, such as an application, service, database, or other enforcement point. Until deployment occurs, a policy exists only as a configuration object. Deployment pushes all rules, including Data Elements, Roles, and permissions, to the target Datastore. This ensures that the runtime environment can apply them when users or applications interact with sensitive data.

Purpose

To activate the policy in an environment where protected data is accessed. Deployment ensures that the Datastore enforces the correct behavior, such as tokenization, masking, unprotect permissions, or other rules, based on the policy definition.

Prerequisites

  • A Policy Shell must be created. For more information about creating a policy shell, refer to the section Create Policy Shell.
  • The policy must contain rules that bind Data Elements to Roles. For more information about defining roles, refer to the section Define Rule with Data Element and Role.
  • A Datastore must exist. For more information about creating a datastore, refer to the section Create Datastore.
  • Connectivity or registration between Policy Management and the Datastore should be confirmed.

Inputs

Typical deployment inputs include:

  • Policy name or ID.
  • Datastore name or ID.
  • Optional deployment parameters, depending on environment. For example, environment tags and version notes.

Outcome

The policy is successfully deployed to the specified Datastore. The enforcement point is now configured to apply the defined data protection rules whenever sensitive data is read, written, or processed.

Conceptual Examples

Not applicable.

Tips

  • Always verify that the Datastore is correctly registered before deploying to avoid deployment errors.
  • If you maintain separate development, test, and production environments, use clearly named Datastores for each to avoid mis-deployment.
  • After deployment, test a few representative access scenarios to confirm enforcement works as intended.
  • Consider using versioning or descriptions on deployments for auditability and rollback clarity.

Last modified : April 06, 2026