diff --git a/datahub-graphql-core/src/main/java/com/linkedin/datahub/graphql/GmsGraphQLEngine.java b/datahub-graphql-core/src/main/java/com/linkedin/datahub/graphql/GmsGraphQLEngine.java
index 682710ad5d539..b03c929dd8436 100644
--- a/datahub-graphql-core/src/main/java/com/linkedin/datahub/graphql/GmsGraphQLEngine.java
+++ b/datahub-graphql-core/src/main/java/com/linkedin/datahub/graphql/GmsGraphQLEngine.java
@@ -1719,9 +1719,12 @@ private void configurePolicyResolvers(final RuntimeWiring.Builder builder) {
         })).dataFetcher("resolvedRoles", new LoadableTypeBatchResolver<>(dataHubRoleType, (env) -> {
             final ActorFilter filter = env.getSource();
             return filter.getRoles();
-        })).dataFetcher("resolvedOwnershipTypes", new LoadableTypeBatchResolver<>(ownershipType, (env) -> {
+        })).dataFetcher("resolvedResourceOwnershipTypes", new LoadableTypeBatchResolver<>(ownershipType, (env) -> {
             final ActorFilter filter = env.getSource();
             return filter.getResourceOwnersTypes();
+        })).dataFetcher("resolvedPlatformInstanceOwnershipTypes", new LoadableTypeBatchResolver<>(ownershipType, (env) -> {
+            final ActorFilter filter = env.getSource();
+            return filter.getPlatformInstanceOwnersTypes();
         })));
     }
 
diff --git a/datahub-graphql-core/src/main/java/com/linkedin/datahub/graphql/resolvers/policy/mappers/PolicyInfoPolicyMapper.java b/datahub-graphql-core/src/main/java/com/linkedin/datahub/graphql/resolvers/policy/mappers/PolicyInfoPolicyMapper.java
index b9a6bf07be8c8..2892607f349f1 100644
--- a/datahub-graphql-core/src/main/java/com/linkedin/datahub/graphql/resolvers/policy/mappers/PolicyInfoPolicyMapper.java
+++ b/datahub-graphql-core/src/main/java/com/linkedin/datahub/graphql/resolvers/policy/mappers/PolicyInfoPolicyMapper.java
@@ -54,10 +54,15 @@ private ActorFilter mapActors(final DataHubActorFilter actorFilter) {
     result.setAllGroups(actorFilter.isAllGroups());
     result.setAllUsers(actorFilter.isAllUsers());
     result.setResourceOwners(actorFilter.isResourceOwners());
+    result.setPlatformInstanceOwners(actorFilter.isPlatformInstanceOwners());
     UrnArray resourceOwnersTypes = actorFilter.getResourceOwnersTypes();
     if (resourceOwnersTypes != null) {
       result.setResourceOwnersTypes(resourceOwnersTypes.stream().map(Urn::toString).collect(Collectors.toList()));
     }
+    UrnArray platformInstanceOwnersTypes = actorFilter.getPlatformInstanceOwnersTypes();
+    if (platformInstanceOwnersTypes != null) {
+      result.setPlatformInstanceOwnersTypes(platformInstanceOwnersTypes.stream().map(Urn::toString).collect(Collectors.toList()));
+    }
     if (actorFilter.hasGroups()) {
       result.setGroups(actorFilter.getGroups().stream().map(Urn::toString).collect(Collectors.toList()));
     }
diff --git a/datahub-graphql-core/src/main/java/com/linkedin/datahub/graphql/resolvers/policy/mappers/PolicyUpdateInputInfoMapper.java b/datahub-graphql-core/src/main/java/com/linkedin/datahub/graphql/resolvers/policy/mappers/PolicyUpdateInputInfoMapper.java
index cb323b60dd465..69c3913bc9da6 100644
--- a/datahub-graphql-core/src/main/java/com/linkedin/datahub/graphql/resolvers/policy/mappers/PolicyUpdateInputInfoMapper.java
+++ b/datahub-graphql-core/src/main/java/com/linkedin/datahub/graphql/resolvers/policy/mappers/PolicyUpdateInputInfoMapper.java
@@ -51,8 +51,16 @@ private DataHubActorFilter mapActors(final ActorFilterInput actorInput) {
     result.setAllGroups(actorInput.getAllGroups());
     result.setAllUsers(actorInput.getAllUsers());
     result.setResourceOwners(actorInput.getResourceOwners());
+    result.setPlatformInstanceOwners(actorInput.getPlatformInstanceOwners());
     if (actorInput.getResourceOwnersTypes() != null) {
-      result.setResourceOwnersTypes(new UrnArray(actorInput.getResourceOwnersTypes().stream().map(this::createUrn).collect(Collectors.toList())));
+      result.setResourceOwnersTypes(
+              new UrnArray(actorInput.getResourceOwnersTypes().stream().map(this::createUrn).collect(Collectors.toList()))
+      );
+    }
+    if (actorInput.getPlatformInstanceOwnersTypes() != null) {
+      result.setPlatformInstanceOwnersTypes(
+              new UrnArray(actorInput.getPlatformInstanceOwnersTypes().stream().map(this::createUrn).collect(Collectors.toList()))
+      );
     }
     if (actorInput.getGroups() != null) {
       result.setGroups(new UrnArray(actorInput.getGroups().stream().map(this::createUrn).collect(Collectors.toList())));
diff --git a/datahub-graphql-core/src/main/java/com/linkedin/datahub/graphql/types/policy/DataHubPolicyMapper.java b/datahub-graphql-core/src/main/java/com/linkedin/datahub/graphql/types/policy/DataHubPolicyMapper.java
index 167e1615fc4cc..862d1321b20a5 100644
--- a/datahub-graphql-core/src/main/java/com/linkedin/datahub/graphql/types/policy/DataHubPolicyMapper.java
+++ b/datahub-graphql-core/src/main/java/com/linkedin/datahub/graphql/types/policy/DataHubPolicyMapper.java
@@ -68,11 +68,16 @@ private ActorFilter mapActors(final DataHubActorFilter actorFilter) {
     result.setAllGroups(actorFilter.isAllGroups());
     result.setAllUsers(actorFilter.isAllUsers());
     result.setResourceOwners(actorFilter.isResourceOwners());
+    result.setPlatformInstanceOwners(actorFilter.isPlatformInstanceOwners());
     // Change here is not executed at the moment - leaving it for the future
     UrnArray resourceOwnersTypes = actorFilter.getResourceOwnersTypes();
     if (resourceOwnersTypes != null) {
       result.setResourceOwnersTypes(resourceOwnersTypes.stream().map(Urn::toString).collect(Collectors.toList()));
     }
+    UrnArray platformInstanceOwnersTypes = actorFilter.getPlatformInstanceOwnersTypes();
+    if (platformInstanceOwnersTypes != null) {
+      result.setPlatformInstanceOwnersTypes(platformInstanceOwnersTypes.stream().map(Urn::toString).collect(Collectors.toList()));
+    }
     if (actorFilter.hasGroups()) {
       result.setGroups(actorFilter.getGroups().stream().map(Urn::toString).collect(Collectors.toList()));
     }
diff --git a/datahub-graphql-core/src/main/resources/entity.graphql b/datahub-graphql-core/src/main/resources/entity.graphql
index 044c405942a3c..56b14c14c28e4 100644
--- a/datahub-graphql-core/src/main/resources/entity.graphql
+++ b/datahub-graphql-core/src/main/resources/entity.graphql
@@ -8122,7 +8122,23 @@ type ActorFilter {
   """
   Set of OwnershipTypes to apply the policy to (if resourceOwners field is set to True), resolved.
   """
-  resolvedOwnershipTypes: [OwnershipTypeEntity!]
+  resolvedResourceOwnershipTypes: [OwnershipTypeEntity!]
+
+  """
+  Whether the filter should return TRUE for platform instance owners of a particular resource
+  Only applies to policies of type METADATA, which have a resource associated with them
+  """
+  platformInstanceOwners: Boolean!
+
+  """
+  Set of OwnershipTypes to apply the policy to (if platformInstanceOwners field is set to True)
+  """
+  platformInstanceOwnersTypes: [String!]
+
+  """
+  Set of OwnershipTypes to apply the policy to (if platformInstanceOwners field is set to True), resolved.
+  """
+  resolvedPlatformInstanceOwnershipTypes: [OwnershipTypeEntity!]
 
   """
   Whether the filter should apply to all users
@@ -8257,6 +8273,17 @@ input ActorFilterInput {
   """
   resourceOwnersTypes: [String!]
 
+  """
+  Whether the filter should return TRUE for platform instance owners of a particular resource
+  Only applies to policies of type METADATA, which have a resource associated with them
+  """
+  platformInstanceOwners: Boolean!
+
+  """
+  Set of OwnershipTypes to apply the policy to (if platformInstanceOwners field is set to True)
+  """
+  platformInstanceOwnersTypes: [String!]
+
   """
   Whether the filter should apply to all users
   """
diff --git a/datahub-web-react/src/app/permissions/policy/ManagePolicies.tsx b/datahub-web-react/src/app/permissions/policy/ManagePolicies.tsx
index 08327d40a7165..d877fee86071b 100644
--- a/datahub-web-react/src/app/permissions/policy/ManagePolicies.tsx
+++ b/datahub-web-react/src/app/permissions/policy/ManagePolicies.tsx
@@ -110,6 +110,8 @@ const toPolicyInput = (policy: Omit<Policy, 'urn'>): PolicyUpdateInput => {
             allGroups: policy.actors.allGroups,
             resourceOwners: policy.actors.resourceOwners,
             resourceOwnersTypes: policy.actors.resourceOwnersTypes,
+            platformInstanceOwners: policy.actors.platformInstanceOwners,
+            platformInstanceOwnersTypes: policy.actors.platformInstanceOwnersTypes,
         },
     };
     if (policy.resources !== null && policy.resources !== undefined) {
@@ -360,7 +362,8 @@ export const ManagePolicies = () => {
                         />
                         {record?.allUsers ? <ActorTag>All Users</ActorTag> : null}
                         {record?.allGroups ? <ActorTag>All Groups</ActorTag> : null}
-                        {record?.resourceOwners ? <ActorTag>All Owners</ActorTag> : null}
+                        {record?.resourceOwners ? <ActorTag>All Resource Owners</ActorTag> : null}
+                        {record?.platformInstanceOwners ? <ActorTag>All Platform Instance Owners</ActorTag> : null}
                     </>
                 );
             },
@@ -430,6 +433,7 @@ export const ManagePolicies = () => {
         allGroups: policy?.actors?.allGroups,
         allUsers: policy?.actors?.allUsers,
         resourceOwners: policy?.actors?.resourceOwners,
+        platformInstanceOwners: policy?.actors?.platformInstanceOwners,
         description: policy?.description,
         editable: policy?.editable,
         name: policy?.name,
diff --git a/datahub-web-react/src/app/permissions/policy/PolicyActorForm.tsx b/datahub-web-react/src/app/permissions/policy/PolicyActorForm.tsx
index adb660d43f471..48c4dc4fece53 100644
--- a/datahub-web-react/src/app/permissions/policy/PolicyActorForm.tsx
+++ b/datahub-web-react/src/app/permissions/policy/PolicyActorForm.tsx
@@ -61,8 +61,8 @@ export default function PolicyActorForm({ policyType, actors, setActors }: Props
         ownershipData?.listOwnershipTypes?.ownershipTypes.filter((type) => type.urn !== 'urn:li:ownershipType:none') ||
         [];
     const ownershipTypesMap = Object.fromEntries(ownershipTypes.map((type) => [type.urn, type.info?.name]));
-    // Toggle the "Owners" switch
-    const onToggleAppliesToOwners = (value: boolean) => {
+    // Toggle the "Resource Owners" switch
+    const onToggleAppliesToResourceOwners = (value: boolean) => {
         setActors({
             ...actors,
             resourceOwners: value,
@@ -70,7 +70,7 @@ export default function PolicyActorForm({ policyType, actors, setActors }: Props
         });
     };
 
-    const onSelectOwnershipTypeActor = (newType: string) => {
+    const onSelectResourceOwnershipTypeActor = (newType: string) => {
         const newResourceOwnersTypes: Maybe<string[]> = [...(actors.resourceOwnersTypes || []), newType];
         setActors({
             ...actors,
@@ -78,13 +78,42 @@ export default function PolicyActorForm({ policyType, actors, setActors }: Props
         });
     };
 
-    const onDeselectOwnershipTypeActor = (type: string) => {
+    const onDeselectResourceOwnershipTypeActor = (type: string) => {
         const newResourceOwnersTypes: Maybe<string[]> = actors.resourceOwnersTypes?.filter((u: string) => u !== type);
         setActors({
             ...actors,
             resourceOwnersTypes: newResourceOwnersTypes?.length ? newResourceOwnersTypes : null,
         });
     };
+    // Toggle the "Platform Instance Owners" switch
+    const onToggleAppliesToPlatformInstanceOwners = (value: boolean) => {
+        setActors({
+            ...actors,
+            platformInstanceOwners: value,
+            platformInstanceOwnersTypes: value ? actors.platformInstanceOwnersTypes : null,
+        });
+    };
+
+    const onSelectPlatformInstanceOwnershipTypeActor = (newType: string) => {
+        const newPlatformInstanceOwnersTypes: Maybe<string[]> = [
+            ...(actors.platformInstanceOwnersTypes || []),
+            newType,
+        ];
+        setActors({
+            ...actors,
+            platformInstanceOwnersTypes: newPlatformInstanceOwnersTypes,
+        });
+    };
+
+    const onDeselectPlatformInstanceOwnershipTypeActor = (type: string) => {
+        const newPlatformInstanceOwnersTypes: Maybe<string[]> = actors.platformInstanceOwnersTypes?.filter(
+            (u: string) => u !== type,
+        );
+        setActors({
+            ...actors,
+            platformInstanceOwnersTypes: newPlatformInstanceOwnersTypes?.length ? newPlatformInstanceOwnersTypes : null,
+        });
+    };
 
     // When a user search result is selected, add the urn to the ActorFilter
     const onSelectUserActor = (newUser: string) => {
@@ -206,7 +235,8 @@ export default function PolicyActorForm({ policyType, actors, setActors }: Props
     // Select dropdown values.
     const usersSelectValue = actors.allUsers ? ['All'] : actors.users || [];
     const groupsSelectValue = actors.allGroups ? ['All'] : actors.groups || [];
-    const ownershipTypesSelectValue = actors.resourceOwnersTypes || [];
+    const resourceOwnershipTypesSelectValue = actors.resourceOwnersTypes || [];
+    const platformInstanceOwnershipTypesSelectValue = actors.platformInstanceOwnersTypes || [];
 
     const tagRender = (props) => {
         // eslint-disable-next-line react/prop-types
@@ -240,13 +270,13 @@ export default function PolicyActorForm({ policyType, actors, setActors }: Props
                 <Typography.Paragraph>Select the users & groups that this policy should apply to.</Typography.Paragraph>
             </ActorFormHeader>
             {showAppliesToOwners && (
-                <Form.Item label={<Typography.Text strong>Owners</Typography.Text>} labelAlign="right">
+                <Form.Item label={<Typography.Text strong>Resource Owners</Typography.Text>} labelAlign="right">
                     <Typography.Paragraph>
-                        Whether this policy should be apply to owners of the Metadata asset. If true, those who are
-                        marked as owners of a Metadata Asset, either directly or indirectly via a Group, will have the
-                        selected privileges.
+                        Whether this policy should apply to owners of the Metadata asset. If true, those who are marked
+                        as owners of a Metadata Asset, either directly or indirectly via a Group, will have the selected
+                        privileges.
                     </Typography.Paragraph>
-                    <Switch size="small" checked={actors.resourceOwners} onChange={onToggleAppliesToOwners} />
+                    <Switch size="small" checked={actors.resourceOwners} onChange={onToggleAppliesToResourceOwners} />
                     {actors.resourceOwners && (
                         <OwnershipWrapper>
                             <Typography.Paragraph>
@@ -254,11 +284,58 @@ export default function PolicyActorForm({ policyType, actors, setActors }: Props
                                 will applied to any type of ownership.
                             </Typography.Paragraph>
                             <Select
-                                value={ownershipTypesSelectValue}
+                                value={resourceOwnershipTypesSelectValue}
+                                mode="multiple"
+                                placeholder="Ownership types"
+                                onSelect={(asset: any) => onSelectResourceOwnershipTypeActor(asset)}
+                                onDeselect={(asset: any) => onDeselectResourceOwnershipTypeActor(asset)}
+                                tagRender={(tagProps) => {
+                                    return (
+                                        <Tag closable={tagProps.closable} onClose={tagProps.onClose}>
+                                            {ownershipTypesMap[tagProps.value.toString()]}
+                                        </Tag>
+                                    );
+                                }}
+                            >
+                                {ownershipTypes.map((resOwnershipType) => {
+                                    return (
+                                        <Select.Option value={resOwnershipType.urn}>
+                                            {resOwnershipType?.info?.name}
+                                        </Select.Option>
+                                    );
+                                })}
+                            </Select>
+                        </OwnershipWrapper>
+                    )}
+                </Form.Item>
+            )}
+            {showAppliesToOwners && (
+                <Form.Item
+                    label={<Typography.Text strong>Platform Instance Owners</Typography.Text>}
+                    labelAlign="right"
+                >
+                    <Typography.Paragraph>
+                        Whether this policy should apply to platform instance owners of the Metadata asset. If true,
+                        those who are marked as owners of the platform instance to which a Metadata Asset belongs to,
+                        either directly or indirectly via a Group, will have the selected privileges.
+                    </Typography.Paragraph>
+                    <Switch
+                        size="small"
+                        checked={actors.platformInstanceOwners}
+                        onChange={onToggleAppliesToPlatformInstanceOwners}
+                    />
+                    {actors.platformInstanceOwners && (
+                        <OwnershipWrapper>
+                            <Typography.Paragraph>
+                                List of types of ownership which will be used to match plafrom instance owners. If
+                                empty, the policies will applied to any type of ownership.
+                            </Typography.Paragraph>
+                            <Select
+                                value={platformInstanceOwnershipTypesSelectValue}
                                 mode="multiple"
                                 placeholder="Ownership types"
-                                onSelect={(asset: any) => onSelectOwnershipTypeActor(asset)}
-                                onDeselect={(asset: any) => onDeselectOwnershipTypeActor(asset)}
+                                onSelect={(asset: any) => onSelectPlatformInstanceOwnershipTypeActor(asset)}
+                                onDeselect={(asset: any) => onDeselectPlatformInstanceOwnershipTypeActor(asset)}
                                 tagRender={(tagProps) => {
                                     return (
                                         <Tag closable={tagProps.closable} onClose={tagProps.onClose}>
diff --git a/datahub-web-react/src/app/permissions/policy/PolicyDetailsModal.tsx b/datahub-web-react/src/app/permissions/policy/PolicyDetailsModal.tsx
index 68e91983babdb..0aa5363fe950d 100644
--- a/datahub-web-react/src/app/permissions/policy/PolicyDetailsModal.tsx
+++ b/datahub-web-react/src/app/permissions/policy/PolicyDetailsModal.tsx
@@ -107,10 +107,26 @@ export default function PolicyDetailsModal({ policy, visible, onClose, privilege
         if (!actors?.resourceOwners) {
             return <PoliciesTag>No</PoliciesTag>;
         }
-        if ((actors?.resolvedOwnershipTypes?.length ?? 0) > 0) {
+        if ((actors?.resolvedResourceOwnershipTypes?.length ?? 0) > 0) {
             return (
                 <div>
-                    {actors?.resolvedOwnershipTypes?.map((type) => (
+                    {actors?.resolvedResourceOwnershipTypes?.map((type) => (
+                        <PoliciesTag>{type.info.name}</PoliciesTag>
+                    ))}
+                </div>
+            );
+        }
+        return <PoliciesTag>Yes - All owners</PoliciesTag>;
+    };
+
+    const platformInstanceOwnersField = (actors) => {
+        if (!actors?.platformInstanceOwners) {
+            return <PoliciesTag>No</PoliciesTag>;
+        }
+        if ((actors?.resolvedPlatformInstanceOwnershipTypes?.length ?? 0) > 0) {
+            return (
+                <div>
+                    {actors?.resolvedPlatformInstanceOwnershipTypes?.map((type) => (
                         <PoliciesTag>{type.info.name}</PoliciesTag>
                     ))}
                 </div>
@@ -194,10 +210,15 @@ export default function PolicyDetailsModal({ policy, visible, onClose, privilege
                     ))}
                 </Privileges>
                 <div>
-                    <Typography.Title level={5}>Applies to Owners</Typography.Title>
+                    <Typography.Title level={5}>Applies to Resource Owners</Typography.Title>
                     <ThinDivider />
                     {resourceOwnersField(policy?.actors)}
                 </div>
+                <div>
+                    <Typography.Title level={5}>Applies to Platform InstanceOwners</Typography.Title>
+                    <ThinDivider />
+                    {platformInstanceOwnersField(policy?.actors)}
+                </div>
                 <div>
                     <Typography.Title level={5}>Applies to Users</Typography.Title>
                     <ThinDivider />
diff --git a/datahub-web-react/src/app/permissions/policy/policyUtils.ts b/datahub-web-react/src/app/permissions/policy/policyUtils.ts
index c7af7342f6efa..b858547724976 100644
--- a/datahub-web-react/src/app/permissions/policy/policyUtils.ts
+++ b/datahub-web-react/src/app/permissions/policy/policyUtils.ts
@@ -28,6 +28,7 @@ export const EMPTY_POLICY = {
         allUsers: false,
         allGroups: false,
         resourceOwners: false,
+        platformInstanceOwners: false,
     },
     editable: true,
 };
diff --git a/datahub-web-react/src/graphql/policy.graphql b/datahub-web-react/src/graphql/policy.graphql
index 4ff25d5aa946b..6d2085b438041 100644
--- a/datahub-web-react/src/graphql/policy.graphql
+++ b/datahub-web-react/src/graphql/policy.graphql
@@ -35,7 +35,15 @@ query listPolicies($input: ListPoliciesInput!) {
                 allGroups
                 resourceOwners
                 resourceOwnersTypes
-                resolvedOwnershipTypes {
+                resolvedResourceOwnershipTypes {
+                    urn
+                    info {
+                        name
+                    }
+                }
+                platformInstanceOwners
+                platformInstanceOwnersTypes
+                resolvedPlatformInstanceOwnershipTypes {
                     urn
                     info {
                         name
diff --git a/metadata-auth/auth-api/src/main/java/com/datahub/authorization/ResolvedResourceSpec.java b/metadata-auth/auth-api/src/main/java/com/datahub/authorization/ResolvedResourceSpec.java
index 0dae1bd386ccd..3bcbcda64ad7c 100644
--- a/metadata-auth/auth-api/src/main/java/com/datahub/authorization/ResolvedResourceSpec.java
+++ b/metadata-auth/auth-api/src/main/java/com/datahub/authorization/ResolvedResourceSpec.java
@@ -67,4 +67,18 @@ public String getDomain() {
     }
     return null;
   }
+
+  /**
+   * Fetch the platform instance for a Resolved Resource Spec
+   * @return a Platform Instance or null if one does not exist.
+   */
+  @Nullable
+  public String getPlatformInstance() {
+    if (!fieldResolvers.containsKey(ResourceFieldType.PLATFORM_INSTANCE)) {
+      return null;
+    }
+    Set<String> platformInstance = fieldResolvers.get(ResourceFieldType.PLATFORM_INSTANCE).getFieldValuesFuture().join().getValues();
+    assert platformInstance.size() == 1; // There should be a single platform instance.
+    return platformInstance.stream().findFirst().get();
+  }
 }
diff --git a/metadata-auth/auth-api/src/main/java/com/datahub/authorization/ResourceFieldType.java b/metadata-auth/auth-api/src/main/java/com/datahub/authorization/ResourceFieldType.java
index ee54d2bfbba1d..0b8fcc871d019 100644
--- a/metadata-auth/auth-api/src/main/java/com/datahub/authorization/ResourceFieldType.java
+++ b/metadata-auth/auth-api/src/main/java/com/datahub/authorization/ResourceFieldType.java
@@ -19,5 +19,9 @@ public enum ResourceFieldType {
   /**
    * Domains of resource
    */
-  DOMAIN
+  DOMAIN,
+  /**
+   * Platform instance of resource
+   */
+  PLATFORM_INSTANCE
 }
diff --git a/metadata-models/src/main/pegasus/com/linkedin/policy/DataHubActorFilter.pdl b/metadata-models/src/main/pegasus/com/linkedin/policy/DataHubActorFilter.pdl
index 5fcb0819d9f69..fe13b065dacb1 100644
--- a/metadata-models/src/main/pegasus/com/linkedin/policy/DataHubActorFilter.pdl
+++ b/metadata-models/src/main/pegasus/com/linkedin/policy/DataHubActorFilter.pdl
@@ -1,7 +1,6 @@
 namespace com.linkedin.policy
 
 import com.linkedin.common.Urn
-import com.linkedin.ownership.OwnershipTypeInfo
 
 /**
  * Information used to filter DataHub actors.
@@ -25,10 +24,21 @@ record DataHubActorFilter {
   resourceOwners: boolean = false
 
   /**
-   * Define type of ownership for the policy
+   * Define type of resource ownership for the policy
   */
   resourceOwnersTypes: optional array[Urn]
 
+  /**
+   * Whether the filter should return true for owners of the platform instance to which a particular resource belongs to.
+   * Only applies to policies of type 'Metadata', which have a resource associated with them.
+   */
+  platformInstanceOwners: boolean = false
+
+  /**
+   * Define type of platform instance ownership for the policy
+  */
+  platformInstanceOwnersTypes: optional array[Urn]
+
   /**
    * Whether the filter should apply to all users.
    */
diff --git a/metadata-service/auth-impl/src/main/java/com/datahub/authorization/DefaultResourceSpecResolver.java b/metadata-service/auth-impl/src/main/java/com/datahub/authorization/DefaultResourceSpecResolver.java
index cd4e0b0967829..8eaf97e985bb6 100644
--- a/metadata-service/auth-impl/src/main/java/com/datahub/authorization/DefaultResourceSpecResolver.java
+++ b/metadata-service/auth-impl/src/main/java/com/datahub/authorization/DefaultResourceSpecResolver.java
@@ -5,6 +5,7 @@
 import com.datahub.authentication.Authentication;
 import com.datahub.authorization.fieldresolverprovider.DomainFieldResolverProvider;
 import com.datahub.authorization.fieldresolverprovider.EntityUrnFieldResolverProvider;
+import com.datahub.authorization.fieldresolverprovider.PlatformInstanceFieldResolverProvider;
 import com.datahub.authorization.fieldresolverprovider.ResourceFieldResolverProvider;
 import com.google.common.collect.ImmutableList;
 import com.linkedin.entity.client.EntityClient;
@@ -20,7 +21,8 @@ public DefaultResourceSpecResolver(Authentication systemAuthentication, EntityCl
     _resourceFieldResolverProviders =
         ImmutableList.of(new EntityTypeFieldResolverProvider(), new EntityUrnFieldResolverProvider(),
             new DomainFieldResolverProvider(entityClient, systemAuthentication),
-            new OwnerFieldResolverProvider(entityClient, systemAuthentication));
+            new OwnerFieldResolverProvider(entityClient, systemAuthentication),
+            new PlatformInstanceFieldResolverProvider(entityClient, systemAuthentication));
   }
 
   @Override
diff --git a/metadata-service/auth-impl/src/main/java/com/datahub/authorization/PolicyEngine.java b/metadata-service/auth-impl/src/main/java/com/datahub/authorization/PolicyEngine.java
index 6a36fac7de4e0..6e92bd2720516 100644
--- a/metadata-service/auth-impl/src/main/java/com/datahub/authorization/PolicyEngine.java
+++ b/metadata-service/auth-impl/src/main/java/com/datahub/authorization/PolicyEngine.java
@@ -309,37 +309,31 @@ private boolean isOwnerMatch(
       final Optional<ResolvedResourceSpec> requestResource,
       final PolicyEvaluationContext context) {
     // If the policy does not apply to owners, or there is no resource to own, return false immediately.
-    if (!actorFilter.isResourceOwners() || !requestResource.isPresent()) {
+    if (!(actorFilter.isResourceOwners() || actorFilter.isPlatformInstanceOwners()) || !requestResource.isPresent()) {
       return false;
     }
-    List<Urn> ownershipTypes = actorFilter.getResourceOwnersTypes();
-    return isActorOwner(actor, requestResource.get(), ownershipTypes, context);
+    List<Urn> resourceOwnershipTypes = actorFilter.getResourceOwnersTypes();
+    List<Urn> platformInstanceOwnershipTypes = actorFilter.getPlatformInstanceOwnersTypes();
+    return isActorOwner(actor, requestResource.get(), resourceOwnershipTypes, platformInstanceOwnershipTypes, context);
   }
 
-  private Set<String> getOwnersForType(ResourceSpec resourceSpec, List<Urn> ownershipTypes) {
-    Urn entityUrn = UrnUtils.getUrn(resourceSpec.getResource());
-    EnvelopedAspect ownershipAspect;
-    try {
-      EntityResponse response = _entityClient.getV2(entityUrn.getEntityType(), entityUrn,
-              Collections.singleton(Constants.OWNERSHIP_ASPECT_NAME), _systemAuthentication);
-      if (response == null || !response.getAspects().containsKey(Constants.OWNERSHIP_ASPECT_NAME)) {
-        return Collections.emptySet();
-      }
-      ownershipAspect = response.getAspects().get(Constants.OWNERSHIP_ASPECT_NAME);
-    } catch (Exception e) {
-      log.error("Error while retrieving ownership aspect for urn {}", entityUrn, e);
-      return Collections.emptySet();
-    }
-    Ownership ownership = new Ownership(ownershipAspect.getValue().data());
-    Stream<Owner> ownersStream = ownership.getOwners().stream();
-    if (ownershipTypes != null) {
-      ownersStream = ownersStream.filter(owner -> ownershipTypes.contains(owner.getTypeUrn()));
+  private boolean isActorOwner(
+    Urn actor,
+    ResolvedResourceSpec resourceSpec,
+    List<Urn> resourceOwnershipTypes,
+    List<Urn> platformInstanceOwnershipTypes,
+    PolicyEvaluationContext context
+  ) {
+    Urn entityUrn = UrnUtils.getUrn(resourceSpec.getSpec().getResource());
+    Set<String> resourceOwners = this.resolveEntityOwnersForType(entityUrn, resourceOwnershipTypes);
+    Set<String> owners = new HashSet<>(new ArrayList<>(resourceOwners));
+    String platformInstance = resourceSpec.getPlatformInstance();
+    if (platformInstance != null) {
+      Urn platformInstanceUrn = UrnUtils.getUrn(platformInstance);
+      Set<String> platformInstanceOwners = this.resolveEntityOwnersForType(platformInstanceUrn, platformInstanceOwnershipTypes);
+      owners.addAll(new ArrayList<>(platformInstanceOwners));
     }
-    return ownersStream.map(owner -> owner.getOwner().toString()).collect(Collectors.toSet());
-  }
 
-  private boolean isActorOwner(Urn actor, ResolvedResourceSpec resourceSpec, List<Urn> ownershipTypes, PolicyEvaluationContext context) {
-    Set<String> owners = this.getOwnersForType(resourceSpec.getSpec(), ownershipTypes);
     if (isUserOwner(actor, owners)) {
       return true;
     }
@@ -371,6 +365,29 @@ private boolean isRoleMatch(final Urn actor, final DataHubActorFilter actorFilte
         .anyMatch(actorRoles::contains);
   }
 
+  private Set<String> resolveEntityOwnersForType(Urn entityUrn, List<Urn> ownershipTypes) {
+    EnvelopedAspect ownershipAspect;
+
+    try {
+      EntityResponse response = _entityClient.getV2(entityUrn.getEntityType(), entityUrn,
+              Collections.singleton(Constants.OWNERSHIP_ASPECT_NAME), _systemAuthentication);
+      if (response == null || !response.getAspects().containsKey(Constants.OWNERSHIP_ASPECT_NAME)) {
+        return Collections.emptySet();
+      }
+      ownershipAspect = response.getAspects().get(Constants.OWNERSHIP_ASPECT_NAME);
+    } catch (Exception e) {
+      log.error("Error while retrieving ownership aspect for urn {}", entityUrn, e);
+      return Collections.emptySet();
+    }
+
+    Ownership ownership = new Ownership(ownershipAspect.getValue().data());
+    Stream<Owner> ownersStream = ownership.getOwners().stream();
+    if (ownershipTypes != null) {
+      ownersStream = ownersStream.filter(owner -> ownershipTypes.contains(owner.getTypeUrn()));
+    }
+    return ownersStream.map(owner -> owner.getOwner().toString()).collect(Collectors.toSet());
+  }
+
   private Set<Urn> resolveRoles(Urn actor, PolicyEvaluationContext context) {
     if (context.roles != null) {
       return context.roles;
diff --git a/metadata-service/auth-impl/src/main/java/com/datahub/authorization/fieldresolverprovider/PlatformInstanceFieldResolverProvider.java b/metadata-service/auth-impl/src/main/java/com/datahub/authorization/fieldresolverprovider/PlatformInstanceFieldResolverProvider.java
new file mode 100644
index 0000000000000..162e14efbe314
--- /dev/null
+++ b/metadata-service/auth-impl/src/main/java/com/datahub/authorization/fieldresolverprovider/PlatformInstanceFieldResolverProvider.java
@@ -0,0 +1,67 @@
+package com.datahub.authorization.fieldresolverprovider;
+
+import com.datahub.authentication.Authentication;
+import com.datahub.authorization.FieldResolver;
+import com.datahub.authorization.ResourceFieldType;
+import com.datahub.authorization.ResourceSpec;
+import com.linkedin.common.DataPlatformInstance;
+import com.linkedin.common.urn.Urn;
+import com.linkedin.common.urn.UrnUtils;
+import com.linkedin.entity.EntityResponse;
+import com.linkedin.entity.EnvelopedAspect;
+import com.linkedin.entity.client.EntityClient;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+
+import java.util.Collections;
+import java.util.Objects;
+
+import static com.linkedin.metadata.Constants.*;
+
+/**
+ * Provides field resolver for domain given resourceSpec
+ */
+@Slf4j
+@RequiredArgsConstructor
+public class PlatformInstanceFieldResolverProvider implements ResourceFieldResolverProvider {
+
+    private final EntityClient _entityClient;
+    private final Authentication _systemAuthentication;
+
+    @Override
+    public ResourceFieldType getFieldType() {
+        return ResourceFieldType.PLATFORM_INSTANCE;
+    }
+
+    @Override
+    public FieldResolver getFieldResolver(ResourceSpec resourceSpec) {
+        return FieldResolver.getResolverFromFunction(resourceSpec, this::getPlatformInstance);
+    }
+
+    private FieldResolver.FieldValue getPlatformInstance(ResourceSpec resourceSpec) {
+        Urn entityUrn = UrnUtils.getUrn(resourceSpec.getResource());
+        // In the case that the entity is a platform instance, the associated platform instance entity is the instance itself
+        if (entityUrn.getEntityType().equals(DATA_PLATFORM_ENTITY_NAME)) {
+            return FieldResolver.FieldValue.builder()
+                    .values(Collections.singleton(entityUrn.toString()))
+                    .build();
+        }
+
+        EnvelopedAspect platformInstanceAspect;
+        try {
+            EntityResponse response = _entityClient.getV2(entityUrn.getEntityType(), entityUrn,
+                    Collections.singleton(DATA_PLATFORM_INSTANCE_ASPECT_NAME), _systemAuthentication);
+            if (response == null || !response.getAspects().containsKey(DATA_PLATFORM_INSTANCE_ASPECT_NAME)) {
+                return FieldResolver.emptyFieldValue();
+            }
+            platformInstanceAspect = response.getAspects().get(DATA_PLATFORM_INSTANCE_ASPECT_NAME);
+        } catch (Exception e) {
+            log.error("Error while retrieving platform instance aspect for urn {}", entityUrn, e);
+            return FieldResolver.emptyFieldValue();
+        }
+        DataPlatformInstance platformInstance = new DataPlatformInstance(platformInstanceAspect.getValue().data());
+        return FieldResolver.FieldValue.builder()
+                .values(Collections.singleton(Objects.requireNonNull(platformInstance.getInstance()).toString()))
+                .build();
+    }
+}
diff --git a/metadata-service/auth-impl/src/test/java/com/datahub/authorization/PolicyEngineTest.java b/metadata-service/auth-impl/src/test/java/com/datahub/authorization/PolicyEngineTest.java
index 99d8fee309d91..0688168935eec 100644
--- a/metadata-service/auth-impl/src/test/java/com/datahub/authorization/PolicyEngineTest.java
+++ b/metadata-service/auth-impl/src/test/java/com/datahub/authorization/PolicyEngineTest.java
@@ -52,6 +52,8 @@ public class PolicyEngineTest {
 
   private static final String DOMAIN_URN = "urn:li:domain:domain1";
 
+  private static final String PLATFORM_INSTANCE_URN = "urn:li:dataPlatformInstance:(urn:li:dataPlatform:file,test-platform-instance)";
+
   private static final String OWNERSHIP_TYPE_URN = "urn:li:ownershipType:__system__technical_owner";
 
   private static final String OTHER_OWNERSHIP_TYPE_URN = "urn:li:ownershipType:__system__data_steward";
@@ -88,12 +90,16 @@ public void setupTest() throws Exception {
     EntityResponse entityResponse = new EntityResponse();
     EnvelopedAspectMap envelopedAspectMap = new EnvelopedAspectMap();
     envelopedAspectMap.put(OWNERSHIP_ASPECT_NAME,
-        new EnvelopedAspect().setValue(new com.linkedin.entity.Aspect(createOwnershipAspect(true, true).data())));
+        new EnvelopedAspect().setValue(new Aspect(createOwnershipAspect(true, true).data())));
+    envelopedAspectMap.put(DATA_PLATFORM_INSTANCE_ASPECT_NAME,
+            new EnvelopedAspect().setValue(new Aspect(createOwnershipAspect(true, true).data())));
     entityResponse.setAspects(envelopedAspectMap);
     resourceUrn = Urn.createFromString(RESOURCE_URN);
     Map<Urn, EntityResponse> mockMap = mock(Map.class);
     when(_entityClient.batchGetV2(any(), eq(Collections.singleton(resourceUrn)),
         eq(Collections.singleton(OWNERSHIP_ASPECT_NAME)), any())).thenReturn(mockMap);
+    when(_entityClient.batchGetV2(any(), eq(Collections.singleton(resourceUrn)),
+            eq(Collections.singleton(DATA_PLATFORM_INSTANCE_ASPECT_NAME)), any())).thenReturn(mockMap);
     when(mockMap.get(eq(resourceUrn))).thenReturn(entityResponse);
   }
 
@@ -532,6 +538,51 @@ public void testEvaluatePolicyActorFilterUserResourceOwnersMatch() throws Except
         eq(null), any());
   }
 
+  @Test
+  public void testEvaluatePolicyActorFilterPlatformInstanceOwnersMatch() throws Exception {
+
+    final DataHubPolicyInfo dataHubPolicyInfo = new DataHubPolicyInfo();
+    dataHubPolicyInfo.setType(METADATA_POLICY_TYPE);
+    dataHubPolicyInfo.setState(ACTIVE_POLICY_STATE);
+    dataHubPolicyInfo.setPrivileges(new StringArray("EDIT_ENTITY_TAGS"));
+    dataHubPolicyInfo.setDisplayName("My Test Display");
+    dataHubPolicyInfo.setDescription("My test display!");
+    dataHubPolicyInfo.setEditable(true);
+
+    final DataHubActorFilter actorFilter = new DataHubActorFilter();
+    actorFilter.setResourceOwners(false);
+    actorFilter.setPlatformInstanceOwners(true);
+    actorFilter.setAllUsers(false);
+    actorFilter.setAllGroups(false);
+    dataHubPolicyInfo.setActors(actorFilter);
+
+    final DataHubResourceFilter resourceFilter = new DataHubResourceFilter();
+    resourceFilter.setAllResources(true);
+    resourceFilter.setType("dataset");
+    dataHubPolicyInfo.setResources(resourceFilter);
+
+
+    final EntityResponse entityResponse = new EntityResponse();
+    final EnvelopedAspectMap aspectMap = new EnvelopedAspectMap();
+    aspectMap.put(OWNERSHIP_ASPECT_NAME, new EnvelopedAspect().setValue(new Aspect(createOwnershipAspect(true, false).data())));
+    entityResponse.setAspects(aspectMap);
+    Urn platformInstanceUrn = Urn.createFromString(PLATFORM_INSTANCE_URN);
+    when(_entityClient.getV2(eq(platformInstanceUrn.getEntityType()), eq(platformInstanceUrn), eq(Collections.singleton(Constants.OWNERSHIP_ASPECT_NAME)),
+            any())).thenReturn(entityResponse);
+
+    ResolvedResourceSpec resourceSpec =
+        buildResourceResolvers("dataset", RESOURCE_URN, ImmutableSet.of(AUTHORIZED_PRINCIPAL), Collections.emptySet(), PLATFORM_INSTANCE_URN);
+    // Assert authorized user can edit entity tags, because he is a user owner.
+    PolicyEngine.PolicyEvaluationResult result1 =
+        _policyEngine.evaluatePolicy(dataHubPolicyInfo, AUTHORIZED_PRINCIPAL, "EDIT_ENTITY_TAGS",
+            Optional.of(resourceSpec));
+    assertTrue(result1.isGranted());
+
+    // Ensure no calls for group membership.
+    verify(_entityClient, times(0)).batchGetV2(eq(CORP_USER_ENTITY_NAME), eq(Collections.singleton(authorizedUserUrn)),
+        eq(null), any());
+  }
+
   @Test
   public void testEvaluatePolicyActorFilterUserResourceOwnersTypeMatch() throws Exception {
 
@@ -569,6 +620,56 @@ public void testEvaluatePolicyActorFilterUserResourceOwnersTypeMatch() throws Ex
             _policyEngine.evaluatePolicy(dataHubPolicyInfo, AUTHORIZED_PRINCIPAL, "EDIT_ENTITY_TAGS",
                     Optional.of(resourceSpec));
     assertTrue(result1.isGranted());
+
+    // Ensure no calls for group membership.
+    verify(_entityClient, times(0)).batchGetV2(eq(CORP_USER_ENTITY_NAME), eq(Collections.singleton(authorizedUserUrn)),
+            eq(null), any());
+  }
+
+
+  @Test
+  public void testEvaluatePolicyActorFilterUserPlatformInstanceOwnersTypeMatch() throws Exception {
+
+    final DataHubPolicyInfo dataHubPolicyInfo = new DataHubPolicyInfo();
+    dataHubPolicyInfo.setType(METADATA_POLICY_TYPE);
+    dataHubPolicyInfo.setState(ACTIVE_POLICY_STATE);
+    dataHubPolicyInfo.setPrivileges(new StringArray("EDIT_ENTITY_TAGS"));
+    dataHubPolicyInfo.setDisplayName("My Test Display");
+    dataHubPolicyInfo.setDescription("My test display!");
+    dataHubPolicyInfo.setEditable(true);
+
+    final DataHubActorFilter actorFilter = new DataHubActorFilter();
+    actorFilter.setResourceOwners(false);
+    actorFilter.setPlatformInstanceOwners(true);
+    actorFilter.setAllUsers(false);
+    actorFilter.setAllGroups(false);
+    actorFilter.setResourceOwnersTypes(new UrnArray(ImmutableList.of(Urn.createFromString(OWNERSHIP_TYPE_URN))));
+    dataHubPolicyInfo.setActors(actorFilter);
+
+    final DataHubResourceFilter resourceFilter = new DataHubResourceFilter();
+    resourceFilter.setAllResources(true);
+    resourceFilter.setType("dataset");
+    dataHubPolicyInfo.setResources(resourceFilter);
+
+    final EntityResponse entityResponse = new EntityResponse();
+    final EnvelopedAspectMap aspectMap = new EnvelopedAspectMap();
+    aspectMap.put(OWNERSHIP_ASPECT_NAME, new EnvelopedAspect().setValue(new Aspect(createOwnershipAspect(true, false).data())));
+    entityResponse.setAspects(aspectMap);
+    Urn platformInstanceUrn = Urn.createFromString(PLATFORM_INSTANCE_URN);
+    when(_entityClient.getV2(eq(platformInstanceUrn.getEntityType()), eq(platformInstanceUrn), eq(Collections.singleton(Constants.OWNERSHIP_ASPECT_NAME)),
+            any())).thenReturn(entityResponse);
+
+    ResolvedResourceSpec resourceSpec =
+            buildResourceResolvers("dataset", RESOURCE_URN, ImmutableSet.of(AUTHORIZED_PRINCIPAL), Collections.emptySet(), PLATFORM_INSTANCE_URN);
+
+    PolicyEngine.PolicyEvaluationResult result1 =
+            _policyEngine.evaluatePolicy(dataHubPolicyInfo, AUTHORIZED_PRINCIPAL, "EDIT_ENTITY_TAGS",
+                    Optional.of(resourceSpec));
+    assertTrue(result1.isGranted());
+
+    // Ensure no calls for group membership.
+    verify(_entityClient, times(0)).batchGetV2(eq(CORP_USER_ENTITY_NAME), eq(Collections.singleton(authorizedUserUrn)),
+            eq(null), any());
   }
 
   @Test
@@ -610,6 +711,47 @@ public void testEvaluatePolicyActorFilterUserResourceOwnersTypeNoMatch() throws
     assertFalse(result1.isGranted());
   }
 
+  @Test
+  public void testEvaluatePolicyActorFilterUserPlatformInstanceOwnersTypeNoMatch() throws Exception {
+
+    final DataHubPolicyInfo dataHubPolicyInfo = new DataHubPolicyInfo();
+    dataHubPolicyInfo.setType(METADATA_POLICY_TYPE);
+    dataHubPolicyInfo.setState(ACTIVE_POLICY_STATE);
+    dataHubPolicyInfo.setPrivileges(new StringArray("EDIT_ENTITY_TAGS"));
+    dataHubPolicyInfo.setDisplayName("My Test Display");
+    dataHubPolicyInfo.setDescription("My test display!");
+    dataHubPolicyInfo.setEditable(true);
+
+    final DataHubActorFilter actorFilter = new DataHubActorFilter();
+    actorFilter.setResourceOwners(false);
+    actorFilter.setPlatformInstanceOwners(true);
+    actorFilter.setAllUsers(false);
+    actorFilter.setAllGroups(false);
+    actorFilter.setPlatformInstanceOwnersTypes(new UrnArray(ImmutableList.of(Urn.createFromString(OWNERSHIP_TYPE_URN))));
+    dataHubPolicyInfo.setActors(actorFilter);
+
+    final DataHubResourceFilter resourceFilter = new DataHubResourceFilter();
+    resourceFilter.setAllResources(true);
+    resourceFilter.setType("dataset");
+    dataHubPolicyInfo.setResources(resourceFilter);
+
+    final EntityResponse entityResponse = new EntityResponse();
+    final EnvelopedAspectMap aspectMap = new EnvelopedAspectMap();
+    aspectMap.put(OWNERSHIP_ASPECT_NAME, new EnvelopedAspect().setValue(new Aspect(createOwnershipAspectWithTypeUrn(OTHER_OWNERSHIP_TYPE_URN).data())));
+    entityResponse.setAspects(aspectMap);
+    Urn platformInstanceUrn = Urn.createFromString(PLATFORM_INSTANCE_URN);
+    when(_entityClient.getV2(eq(platformInstanceUrn.getEntityType()), eq(platformInstanceUrn), eq(Collections.singleton(Constants.OWNERSHIP_ASPECT_NAME)),
+            any())).thenReturn(entityResponse);
+
+    ResolvedResourceSpec resourceSpec =
+            buildResourceResolvers("dataset", RESOURCE_URN, ImmutableSet.of(AUTHORIZED_PRINCIPAL), Collections.emptySet(), PLATFORM_INSTANCE_URN);
+
+    PolicyEngine.PolicyEvaluationResult result1 =
+            _policyEngine.evaluatePolicy(dataHubPolicyInfo, AUTHORIZED_PRINCIPAL, "EDIT_ENTITY_TAGS",
+                    Optional.of(resourceSpec));
+    assertFalse(result1.isGranted());
+  }
+
   @Test
   public void testEvaluatePolicyActorFilterGroupResourceOwnersMatch() throws Exception {
 
@@ -1222,4 +1364,15 @@ public static ResolvedResourceSpec buildResourceResolvers(String entityType, Str
             FieldResolver.getResolverFromValues(owners), ResourceFieldType.DOMAIN,
             FieldResolver.getResolverFromValues(domains)));
   }
+
+  public static ResolvedResourceSpec buildResourceResolvers(String entityType, String entityUrn, Set<String> owners,
+      Set<String> domains, String platformInstance) {
+    return new ResolvedResourceSpec(new ResourceSpec(entityType, entityUrn),
+        ImmutableMap.of(ResourceFieldType.RESOURCE_TYPE,
+            FieldResolver.getResolverFromValues(Collections.singleton(entityType)), ResourceFieldType.RESOURCE_URN,
+            FieldResolver.getResolverFromValues(Collections.singleton(entityUrn)), ResourceFieldType.OWNER,
+            FieldResolver.getResolverFromValues(owners), ResourceFieldType.DOMAIN,
+            FieldResolver.getResolverFromValues(domains), ResourceFieldType.PLATFORM_INSTANCE,
+            FieldResolver.getResolverFromValues(Collections.singleton(platformInstance))));
+  }
 }
diff --git a/metadata-service/restli-api/src/main/snapshot/com.linkedin.entity.entities.snapshot.json b/metadata-service/restli-api/src/main/snapshot/com.linkedin.entity.entities.snapshot.json
index d79a4a1919af9..fc4e81cebc855 100644
--- a/metadata-service/restli-api/src/main/snapshot/com.linkedin.entity.entities.snapshot.json
+++ b/metadata-service/restli-api/src/main/snapshot/com.linkedin.entity.entities.snapshot.json
@@ -5310,7 +5310,20 @@
                           "type" : "array",
                           "items" : "com.linkedin.common.Urn"
                         },
-                        "doc" : "Define type of ownership for the policy",
+                        "doc" : "Define type of resource ownership for the policy",
+                        "optional" : true
+                      }, {
+                        "name" : "platformInstanceOwners",
+                        "type" : "boolean",
+                        "doc" : "Whether the filter should return true for owners of the platform instance to which a particular resource belongs to.\nOnly applies to policies of type 'Metadata', which have a resource associated with them.",
+                        "default" : false
+                      }, {
+                        "name" : "platformInstanceOwnersTypes",
+                        "type" : {
+                          "type" : "array",
+                          "items" : "com.linkedin.common.Urn"
+                        },
+                        "doc" : "Define type of platform instance ownership for the policy",
                         "optional" : true
                       }, {
                         "name" : "allUsers",
diff --git a/metadata-service/restli-api/src/main/snapshot/com.linkedin.platform.platform.snapshot.json b/metadata-service/restli-api/src/main/snapshot/com.linkedin.platform.platform.snapshot.json
index 8391af60f8ece..439e873c7c092 100644
--- a/metadata-service/restli-api/src/main/snapshot/com.linkedin.platform.platform.snapshot.json
+++ b/metadata-service/restli-api/src/main/snapshot/com.linkedin.platform.platform.snapshot.json
@@ -5304,7 +5304,20 @@
                           "type" : "array",
                           "items" : "com.linkedin.common.Urn"
                         },
-                        "doc" : "Define type of ownership for the policy",
+                        "doc" : "Define type of resource ownership for the policy",
+                        "optional" : true
+                      }, {
+                        "name" : "platformInstanceOwners",
+                        "type" : "boolean",
+                        "doc" : "Whether the filter should return true for owners of the platform instance to which a particular resource belongs to.\nOnly applies to policies of type 'Metadata', which have a resource associated with them.",
+                        "default" : false
+                      }, {
+                        "name" : "platformInstanceOwnersTypes",
+                        "type" : {
+                          "type" : "array",
+                          "items" : "com.linkedin.common.Urn"
+                        },
+                        "doc" : "Define type of platform instance ownership for the policy",
                         "optional" : true
                       }, {
                         "name" : "allUsers",
diff --git a/smoke-test/tests/policies/test_policies.py b/smoke-test/tests/policies/test_policies.py
index b7091541894dd..65c42bbca70ec 100644
--- a/smoke-test/tests/policies/test_policies.py
+++ b/smoke-test/tests/policies/test_policies.py
@@ -109,6 +109,7 @@ def test_frontend_policy_operations(frontend_session):
                 "actors": {
                     "users": [get_root_urn()],
                     "resourceOwners": False,
+                    "platformInstanceOwners": False,
                     "allUsers": False,
                     "allGroups": False,
                 },
@@ -139,6 +140,7 @@ def test_frontend_policy_operations(frontend_session):
                 "privileges": ["EDIT_ENTITY_TAGS", "EDIT_ENTITY_GLOSSARY_TERMS"],
                 "actors": {
                     "resourceOwners": False,
+                    "platformInstanceOwners": False,
                     "allUsers": True,
                     "allGroups": False,
                 },