Federated Resource Recreation Handling¶

When federated catalogs are used, resources can be dropped and recreated with the same name. To ensure access remains consistent for these federated resources, the Lake Formation connector can reapply permissions for federated resources after recreation via on-demand sync events.

Configuration¶

Setting	Type	Default	Description
`CONNECTOR_LAKEFORMATION_FEDERATED_ONDEMAND_ALWAYS_REAPPLY_POLICIES_ENABLE`	Boolean	`true`	Enables reapplication of policies for federated resources during on-demand sync events irrespective of whether resources have changed or not.

Behavior¶

On on-demand sync events, permissions are reapplied for federated resources to restore access after catalog/resource recreation.
Set the flag to false to disable this behavior if you prefer to rely on periodic loaders to resync permissions.

Configure in Privacera Manager¶

Self Managed and Data Plane

In Privacera Manager, set the following property in privacera/privacera-manager/config/custom-vars/connectors/lakeformation/push/vars.connector.lakeformation.push.yml

YAML
# Federated Catalog Recreation Handling
CONNECTOR_LAKEFORMATION_FEDERATED_ONDEMAND_ALWAYS_REAPPLY_POLICIES_ENABLE: "true"

Federated Catalog Recreation Handling

CONNECTOR_LAKEFORMATION_FEDERATED_ONDEMAND_ALWAYS_REAPPLY_POLICIES_ENABLE: Default: "true". Enables reapplication of policies for federated resources during on-demand sync events irrespective of whether resources have changed or not.

Prev topic: Advanced Configuration