Batch Permissions Update – Lake Formation Connector¶
This section describes the configuration option to enable or disable batch processing of permission grants and revokes in the Lake Formation connector. Batch processing can improve performance by reducing the number of individual API calls during permission updates.
Configuration Parameter¶
CONNECTOR_LAKEFORMATION_BATCH_PERMISSIONS_UPDATE_ENABLE¶
- Description: Enables or disables batch processing for permission grants and revokes.
- Type: Boolean
- Default:
false - Purpose: When enabled, the connector groups multiple permissions into a single batch API request, reducing the number of calls made to Lake Formation and potentially speeding up large-scale permission syncs.
Behavior¶
- When set to
true, the connector will:- Combine multiple permission updates (grants/revokes) into a single batch operation.
- Use AWS Lake Formation’s batch permission APIs.
- When set to
false, the connector will:- Handle permission updates individually per principal, resulting in one API call per principal for granting or revoking permissions.
Setup¶
-
SSH into the instance where Privacera Manager is installed.
-
Open the Lake Formation connector configuration file for editing:
Note
Replace
instance1with the appropriate connector instance name, if you have multiple connectors.Bash -
Set the following property to enable or disable batch permission updates:
YAML -
After updating the value, apply the changes by running the following commands:
Step 1 - Setup which generates the helm charts. This step usually takes few minutes.
Step 2 - Apply the Privacera Manager helm charts. Step 3 - Post-installation step which generates Plugin tar ball, updates Route 53 DNS and so on.
- Prev topic: Advanced Configuration