What are the best practices putting Datahub to production? 1) I have 3 (or more) installation of Datahub (Dev, Test and Prod) and ingest each environment's metadata respectively. 2) Have one installation of Datahub, ingest all environments metadata to it and restrict users view environment in Datahub (e.g. only developers can see DEV environment's metadata). Is #2 even possible?

under the current acl model, others users can still search for Dev datasets and it will return in search. just that they wont be able to access. If that is fine with you, then #2 is possible

How can I restrict users to access DEV, I can't find any option? I can't select DEV, PROD if I select Dataset or Container in Privileges.

@big-carpet-38439 correct me if there is a simpler way: you would be using "domains" to differentiate datasets, and user groups to specify access to domains. 1. disable view entity profile for datasets for all users 2. create domains dev, prod, test 3. assign each dataset a domain, ie dev 4. create policy, specify datasets under domain dev to be viewable by group dev, with privilege view entity page

ok, thanks. That make sense

you will need to re-enable "view entity pages" for all the other entities in privileges but take note that glossary term groups are not viewable at the moment if you use this approach since they cannot be specifically targetted in policies