Skip to content

Switching from JDBC to API

By default, Privacera's Unity Catalog Connector uses JDBC (Java Database Connectivity) for data transactions. However, you can switch to API-based connectivity by updating specific configuration properties.

Setup

To switch to API-based connectivity, update the following configuration property based on your deployment model.

Note

Even when API-based connectivity is enabled, JDBC is still required to collect audit logs from Databricks.

  1. Navigate to SettingsApplications in the Self-Managed Portal.

  2. From the list of Connected Applications, select Databricks Unity Catalog.

  3. Click the icon or the Account Name to modify the settings.

  4. On the Edit Application screen, go to Access Management.

  5. Under ADVANCED tab, add the following property under Add New Custom Properties:

    Bash
    1
    ranger.policysync.connector.0.use.database.connection.api=true

  6. Click SAVE to apply the changes.

To enable API-based connectivity, update the following properties in Privacera Manager:

  1. SSH to the instance where Privacera Manager is installed.

  2. Run the following command to open the .yml file to be edited.

    If you have multiple connectors, then replace instance1 with the appropriate connector instance name.

    Bash
    1
    vi ~/privacera/privacera-manager/config/custom-vars/connectors/databricks-unity-catalog/instance1/vars.connector.databricks.unity.catalog.yml

  3. Set the following properties to enable the connector to use API-based connectivity:

    YAML
    1
    CONNECTOR_DATABRICKS_UNITY_CATALOG_USE_DATABASE_CONNECTION_API: "true"

  4. Once the properties are configured, run the following commands to update your Privacera Manager platform instance:

    Step 1 - Setup which generates the helm charts. This step usually takes few minutes.

    Bash
    1
2
    cd ~/privacera/privacera-manager
./privacera-manager.sh setup
    Step 2 - Apply the Privacera Manager helm charts.
    Bash
    1
2
    cd ~/privacera/privacera-manager
./pm_with_helm.sh upgrade
    Step 3 - Post-installation step which generates Plugin tar ball, updates Route 53 DNS and so on.

    Bash
    1
2
    cd ~/privacera/privacera-manager
./privacera-manager.sh post-install

  1. In PrivaceraCloud portal, navigate to Settings -> Applications.

  2. On the Connected Applications screen, select Databricks Unity Catalog.

  3. Click the pen icon or the Account Name to modify the settings.

  4. On the Edit Application screen, go to Access Management.

  5. Under ADVANCED tab, add the following property under Add New Custom Properties:

    Bash
    1
    ranger.policysync.connector.0.use.database.connection.api=true

  6. Click SAVE to apply the changes.

Benefits

  • Avoid JDBC Dependencies: API-based connectivity eliminates the need for JDBC driver configurations, which can simplify setup and troubleshooting.

  • Cost Effective: Reduces costs by avoiding the need to provision and maintain a JDBC-compatible data warehouse layer.

  • Suitable for Lightweight Integrations: API-based connections are useful in low-throughput environments where the JDBC overhead is not justified.

Downside

  • Throttling and Rate Limits: Databricks API calls are subject to per-second rate limits, which can cause throttling issues or failures during high-volume operations like permission syncs.

  • Reduced Performance: Compared to JDBC, API-based data transactions may experience latency and performance bottlenecks under load.

Comments