Skip to main content

Privacera Documentation

Table of ContentsTable of Contents

Configure AWS Aurora DB (PostgreSQL/MySQL) on Privacera Platform

You can configure an external RDS Aurora DB with two different flavors:

Configure external RDS Aurora DB with PostgreSQL

You can configure External RDS Aurora DB with PostgreSQL flavor for Portal, Ranger, Ranger KMS, and Access Request Manager.

Prerequisites
  • Create RDS Aurora DB with PostgreSQL flavor with a database name. You'll need to use the database name in the Configuration section below.

    Note

    The RDS database name which you will be entering in the Configuration section below should be created in advance. Privacera does not create a RDS database, but only creates table schemas.

  • If you have installed Privacera using the internal Maria DB and wish to move from the internal database to an external PostgreSQL DB, then you will have to delete the Maria DB container/pod. For more information, see Privacera Manager service commands .

Procedure
  1. SSH to the instance where Privacera is installed.

  2. Run the following command.

    cd ~/privacera/privacera-manager
    cp config/sample-vars/vars.external.db.postgres.yml config/custom-vars/
    vi config/custom-vars/vars.external.db.postgres.yml
    
  3. In the file, set the following as false:

    DB_INSTALL_MARIADB: "false"
  4. Enter the hostname of the AWS PostgreSQL server, and the name of the database you want to connect to. Get the name of the database from the Prerequisites section above.

    EXTERNAL_DB_HOST: "<PLEASE_CHANGE>"
    EXTERNAL_DB_NAME: "<PLEASE_CHANGE>" 
  5. Enter the credentials of the user who has access to the database.

    EXTERNAL_DB_USER: "<PLEASE_CHANGE>"
    EXTERNAL_DB_PASSWORD: "<PLEASE_CHANGE>"
  6. (Optional) Enter a database name for Privacera Portal, Privacera Ranger, and Privacera Ranger KMS. It is recommended to provide different names for the 3 databases.

    PRIVACERA_PORTAL_DB_NAME: "{{EXTERNAL_DB_NAME}}"
    PRIVACERA_RANGER_DB_NAME: "{{EXTERNAL_DB_NAME}}"
    PRIVACERA_RANGER_KMS_DB_NAME: "{{EXTERNAL_DB_NAME}}"   
  7. Save and exit.

  8. Run the following command.

    cd ~/privacera/privacera-manager
    ./privacera-manager.sh update
    

Configure external Aurora DB with MySQL

You can configure External RDS Aurora DB with MySQL flavor for Portal, Ranger, Ranger KMS and Access Request Manager.

Prerequisites
  • Create RDS Aurora DB with MySQL flavor with a database name. You'll need to use the database name in the Configuration section below.

    Note

    The RDS database name which you will be entering in the Configuration section below should be created in advance. Privacera does not create a RDS database, but only creates table schemas.

  • If you have installed Privacera using the internal Maria DB and wish to move from the internal database to an external MySQL DB, then you will have to delete the Maria DB container/pod. For more information, see Privacera Manager service commands.

Procedure
  1. SSH to the instance where Privacera is installed.

  2. Run the following command.

    cd ~/privacera/privacera-manager
    cp config/sample-vars/vars.external.db.mysql.yml config/custom-vars/
    vi config/custom-vars/vars.external.db.mysql.yml
    
  3. In the file, set the following as false:

    DB_INSTALL_MARIADB: "false"
  4. Enter the hostname of the AWS MySQL server, and the name of the database you want to connect to. Get the name of the database from the Prerequisites section above.

    EXTERNAL_DB_HOST: "<PLEASE_CHANGE>"
    EXTERNAL_DB_NAME: "<PLEASE_CHANGE>"
  5. Enter the credentials of the user who has access to the database.

    EXTERNAL_DB_USER: "<PLEASE_CHANGE>"
    EXTERNAL_DB_PASSWORD: "<PLEASE_CHANGE>"
  6. (Required for version 7.5+) Set the Ranger DB auth type to be 1-way:

    RANGER_DB_SSL_AUTH_TYPE: "1-way"

    Note

    If you upgrade the Privacera Platform from version 7.2 to version 7.5 with an Aurora DB MySQL-enabled SSL DB, update the value of the following property:

    SQL_CONNECTOR_JAR: "/usr/share/java/mariadb-java-client.jar"
  7. (Optional) Enter a database name for Privacera Portal, Privacera Ranger, and Privacera Ranger KMS. It is recommended to provide different names for the 3 databases.

    PRIVACERA_PORTAL_DB_NAME: "{{EXTERNAL_DB_NAME}}"
    PRIVACERA_RANGER_DB_NAME: "{{EXTERNAL_DB_NAME}}"
    PRIVACERA_RANGER_KMS_DB_NAME: "{{EXTERNAL_DB_NAME}}"  
  8. Save and exit.

  9. Run the following command.

    cd ~/privacera/privacera-manager
    ./privacera-manager.sh update
    

Note

To learn more about the encryption for Aurora, see the Aurora documentation.