Skip to content

Advanced Configuration

Add Resource for Discovery Scanning

Once Vertica data source setup is done, you can follow steps from here to add resource for Discovery Scanning.

Resource should be added in below formats for Discovery scanning:

vertica_schema_name/vertica_table_name

*/vertica_table_name

vertica_schema_name/*

*_schema_*/*_table_*

Setup for Discovery to Ranger Tag Sync

  1. Log in to Self Managed portal.

  2. Edit the Configured Vertica Connector from the previous step

  3. Under Application Properties provide values for the followings:

    • Enable Ranger TagSync : By default, this toggle is disabled. The user can enable this toggle if they want to sync tags in Ranger after a successful scan by Discovery.

    • Add New Custom Properties : Add below 2 properties:

      a. Cluster Name : You need to enter privacera as a default value for this field.

      b. Service Name : You need to enter privacera_vertica value for this field. You can take reference for adding this property value from List of Datasources with Service Name

      Bash
      1
2
      cluster_name=privacera
service_name=privacera_vertica

  4. Click SAVE

Important

You need to follow below steps before setting up Discovery to ranger tag sync:

a. Create Ranger service user, Admin URL and API key

b. Enable the Ranger Service Definitions for Access Connectors

  1. Log in to the Privacera Discovery Admin Console.

  2. Edit the Configured Vertica Connector from the previous step

  3. Under the ADVANCED tab, enter the values for:

    • Enable Ranger TagSync : By default, this toggle is disabled. The user can enable this toggle if they want to sync tags in Ranger after a successful scan by Discovery.

      a. Cluster Name : Once user enable Enable Ranger TagSync toggle then this field is visible and privacera is the default value for this field.

      b. Service Name : User can select privacera_vertica value from the list of this field. You can take reference for adding this property value from List of Datasources with Service Name

      Bash
      1
2
      cluster_name=privacera
service_name=privacera_vertica

  4. Click SAVE

Validation for Discovery to Ranger Tag Sync

These steps are applicable for both Self Managed and Data Plane deployments.

  1. For Self-Managed, log in to the Privacera Portal; for Data Plane, log in to the Privacera Discovery Admin Console.
  2. Navigate to the Access Management > Tag Management
  3. Under the TAGS tab, validate whether the Classified Tags are visible in the portal.

  4. Unde the TAGGED RESOURCES tab, Validate whether the resources that were scanned and classified in the portal are visible.

    • Resource Filter: You can make use use of resource filter for searching resource with associated synced tags of it.

    • Service Filter: You can get the list of all services in this field and by selecting appropriate service you can validate synced tags. You can refer List of Datasources with Service Name for selecting this field value.

    • Tags Filter: You can get the list of all Synced Tags in this field and by selecting appropriate Tag you can validate whether its synced for particular resource or not.

    Info

    In case of File Sytsem, resource seen in below format as per application selected (S3, ADLS, GCS)

    • bucketname
    • objectpath
    • accountname
    • foldername

    In case of JDBC/Database connectors, resource seen in below format as per application selected

    • schema
    • database
    • column
    • table

Comments