Skip to content

Setup for AWS Glue

Configure

Perform following steps to configure Dataserver with AWS-Glue:

  1. SSH into the instance where Privacera Manager is installed.

  2. Open the vars.dataserver.aws.yml file.

    Bash
    1
2
    cd ~/privacera/privacera-manager
vi config/custom-vars/vars.dataserver.aws.yml

  3. Modify the following properties to add AWS S3 profile:

    YAML
    1
2
3
4
5
6
7
8
9
    DATASERVER_AWS_MULTI_ACCOUNT_PROFILE_ENABLE: "true"
DATASERVER_AWS_PROFILE_NAME_DEFAULT: "aws_account1"
DATASERVER_AWS_PROFILE_NAMES: "aws_account1"
DATASERVER_AWS_PROFILE_PROPERTIES:
- PROFILE_NAME: "aws_account1"
  PROFILE_PROPERTIES:
    - AUTHN_METHOD: "CUSTOM_IAM"
    - IAM_ARN: "arn:aws:iam::<account_id>:role/<role_name>"
    - REGION: "us-east-1"

  4. Once the properties are configured, run the following commands:

    Bash
     1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
    cd ~/privacera/privacera-manager

# step 1 - Set up the environment, which generates the Helm charts. 
# This step usually takes a few minutes.
./privacera-manager.sh setup

# step 2 - install or upgrade the Privacera Manager helm charts
./pm_with_helm.sh [install|upgrade]

# step 3 - Perform post-installation steps, which generate the Plugin tarball,
# updates Route 53 DNS, etc.
./privacera-manager.sh post-install

Configure

  1. In PrivaceraCloud, go to Settings -> Applications.
  2. On the Applications screen, select the Glue application under Available connections.
  3. Enter the Name and Description for the application, then click Save.
  4. You will see Privacera Access Management with a toggle button.
  5. Enable Privacera Access Management by toggling the button.
  6. Under the BASIC tab, enter values in the following fields:
    • Profile Name: Enter a unique profile name for your application.
    • AWS Account Setup:
      • Without IAM Role:
        • AWS Access Key: Enter the Access Key for the AWS account.
        • AWS Secret Key: Enter the Secret Key for the AWS account.
        • AWS Region: Enter the region of the AWS S3 bucket.
      • With IAM Role:
        • AWS IAM Role: Enter the full ARN of the IAM Role.
        • AWS Region: Enter the region of the AWS S3 bucket.
  7. Click the Test Connection button to verify the connection.
  8. On the ADVANCED tab, you can add custom properties if needed.
  9. Click on the Test Connection again to ensure the settings are correct, then click Save.

Validation

To validate AWS-Glue configuration, use the following approach:

Comments