Skip to main content

Modifying Subdomain Structure

This job aid outlines the coordinated process for updating Ohio State’s domain structure in Redshift and related data governance systems. This includes the evaluation, approval, and technical steps required to implement changes, as well as stakeholder responsibilities.

Request intake and initial evaluation

  1. The Data Engineering (DE) team receives a request involving changes to data access or domain structure.
  2. The DE team forwards the request to the Data Governance (DG) team by reassigning to the Data Governance group in ServiceNow or to the Data Governance group email (DataGovernance@osu.edu).
  3. The DG team works with data stewards and, when appropriate, the Data Governance Council to:
    1. Evaluate the request
    2. Determine whether any changes to the domain system are necessary

Impact analysis

  1. The DG and DE teams perform an impact analysis to determine:
    1. How many current users would lose access
    2. How many users would gain access
  2. Results are shared with data stewards to support informed decision-making.
  3. If there is potential for access loss, the DG team and data stewards will:
    1. Communicate with affected users (as needed)
    2. If appropriate, migrate users to a new subdomain structure

Approval and notification

  1. Once a decision is finalized and approved by DG and stewards, the DG team notifies the following stakeholders:
    1. Data Engineering (DE) team
    2. Access Management
    3. ServiceNow
    4. Marketing and Communications

Implementation and responsibilities

 

Note: Access Management tasks must be completed first, as they enable downstream implementation.

  1. Access Management
    1. Create Redshift permission group(s)
    2. Enable integration with GMS (Group Management System)
    3. Remove outdated Redshift permission groups
    4. Migrate users to new groups in coordination with the DE team
  2. Data Engineering
    1. Add entries to metadata tables:
      1. rae.group_domain (add/remove group-domain relationships)
      2. rae.data_names (add/remove relevant entries)
    2. Link group to domain in RAE-Arbiter
    3. Reassign tables as needed in RAE-Arbiter
  3. ServiceNow team
    1. Modify the Access Request form to add or remove domains as necessary based on the updated structure.
  4. Marketing & Communications
    1. Update relevant Data Governance web pages on data.osu.edu to reflect the new domain.
  5. Data Governance
    1. Responsible for coordinating work across all participating teams, serving as the point of contact for questions, communicating final implementation status to data stewards and the original requestor. 

Important Information

  • All actions should be logged or tracked by the DG team for auditing and documentation purposes
  • Migration plans should include clear timelines and user communication, especially in cases of access loss