Skip to content

Principal Name Mapping in Databricks Unity Catalog

Databricks might not allow certain special characters in user, group, or role names. To ensure that user, group, and role names comply with Databricks Unity Catalog naming conventions, you can congfigure the Databricks Unity Catalog connector to replace specific characters in user, group, or role names using a regular expression (regex).

Setup

Configure the properties and restart the connector to apply the changes.

Below is a sample regex pattern that identifies special characters in user, group, or role names:

Text Only
1
[~`$&+:;=?@#|'<>.\\\\s^*()_%\\\\[\\\\]!\\\\-\\\\/\\\\\\\\{}]

  1. SSH to the instance where Privacera Manager is installed.

  2. Run the following command to open the .yml file to be edited.

    If you have multiple connectors, then replace instance1 with the appropriate connector instance name.

    Bash
    1
    vi ~/privacera/privacera-manager/config/custom-vars/connectors/databricks-unity-catalog/instance1/vars.connector.databricks.unity.catalog.yml

  3. The regex pattern can be identified using the following properties:

    YAML
    1
2
3
    CONNECTOR_DATABRICKS_UNITY_CATALOG_USER_NAME_REPLACE_FROM_REGEX: "[~`$&+:;=?@#|'<>.\\s^*()_%\\[\\]!\\-\\/\\\\{}]"
CONNECTOR_DATABRICKS_UNITY_CATALOG_GROUP_NAME_REPLACE_FROM_REGEX: "[~`$&+:;=?@#|'<>.\\s^*()_%\\[\\]!\\-\\/\\\\{}]"
CONNECTOR_DATABRICKS_UNITY_CATALOG_ROLE_NAME_REPLACE_FROM_REGEX: "[~`$&+:;=?@#|'<>.\\s^*()_%\\[\\]!\\-\\/\\\\{}]"

  4. String to map the special characters in user, group, or role names.

    YAML
    1
2
3
    CONNECTOR_DATABRICKS_UNITY_CATALOG_USER_NAME_REPLACE_TO_STRING: "_"
CONNECTOR_DATABRICKS_UNITY_CATALOG_GROUP_NAME_REPLACE_TO_STRING: "_"
CONNECTOR_DATABRICKS_UNITY_CATALOG_ROLE_NAME_REPLACE_TO_STRING: "_"

  5. Once the properties are configured, run the following commands to update your Privacera Manager platform instance:

    Step 1 - Setup which generates the helm charts. This step usually takes few minutes.

    Bash
    1
2
    cd ~/privacera/privacera-manager
./privacera-manager.sh setup
    Step 2 - Apply the Privacera Manager helm charts.
    Bash
    1
2
    cd ~/privacera/privacera-manager
./pm_with_helm.sh upgrade
    Step 3 - Post-installation step which generates Plugin tar ball, updates Route 53 DNS and so on.

    Bash
    1
2
    cd ~/privacera/privacera-manager
./privacera-manager.sh post-install

  1. In PrivaceraCloud portal, navigate to Settings -> Applications.

  2. On the Connected Applications screen, select Databricks Unity Catalog.

  3. Click the pen icon or the Account Name to modify the settings.

  4. On the Edit Application screen, go to Access Management -> ADVANCED tab.

  5. Enter the regex pattern for the following fields:

    • Regex to find special characters in user names: Enter a regex pattern to identify special characters in user names. These characters will be replaced based on the value specified in the String to replace with the special characters found in user names field.
    • Regex to find special characters in group names: Enter a regex pattern to identify special characters in group names. These characters will be replaced based on the value specified in the String to replace with the special characters found in group names field.
    • Regex to find special characters in role names: Enter a regex pattern to identify special characters in role names. These characters will be replaced based on the value specified in the String to replace with the special characters found in role names field.

  6. And here provide the replace string

    • String to replace with the special characters found in user names: String used to replace the characters found by the regex specified in Regex to find special characters in user names.
    • String to replace with the special characters found in group names: String used to replace the characters found by the regex specified in Regex to find special characters in group names.
    • String to replace with the special characters found in role names: String used to replace the characters found by the regex specified in Regex to find special characters in role names.

  7. Click SAVE to apply the changes.

Comments