Configure Custom Service Repo for Access Management

It specifies the S3 Ranger policy repository name for S3 resource authorization. If this property is not configured, the DataServer will automatically use the privacera_s3 policy repository for S3 resource authorization.

  1. To configure the Ranger service name for S3, include the following property in the vars.dataserver.aws.yml file:
    YAML
    1
2
3
4
    DATASERVER_AWS_PROFILE_PROPERTIES:
- PROFILE_NAME: "aws_account1"
  PROFILE_PROPERTIES:
    - RANGER_SERVICE_NAME_S3: "s3_ranger_policy_repository_name"
  2. Once the properties are configured, refer to the Privacera Manager Quickstart.
  1. In PrivaceraCloud, navigate to Settings -> Applications.
  2. On the Connected Applications screen, select S3.
  3. On the screen, click the edit icon, and then click on Access Management -> ADVANCED tab.
  4. Add the following property with the appropriate value for <your_profile_name> and <s3_ranger_policy_repository_name>:
    Properties
    1
    dataserver.aws.<your_profile_name>.ranger.service.name.s3=<s3_ranger_policy_repository_name>
  5. Click the Test Connection button to verify the connection.
  6. Once the connection is successful, click Save.

Comments