Skip to main content

Privacera Documentation

Configure Azure MySQL on Privacera Platform

This topic allows you to connect to an Azure MySQL server from the Azure virtual machine which will act as a storage for Ranger database and Privacera database (Optional).

Prerequisites

Before you begin, ensure the following prerequisite are met:

  • Create a privacera_db database in the Azure MySQL server that can be accessible.

Procedure
  1. SSH to the instance where Privacera is installed.

  2. Run the following command.

    cd ~/privacera/privacera-manager
    cp config/sample-vars/vars.external.db.mysql.yml config/custom-vars/
    vi config/custom-vars/vars.external.db.mysql.yml
    
  3. In this file set values for the following:

    Enter the hostname of the Azure MySQL server, and the name of the database you want to connect to. Get the name of the database from the Prerequisites section above.

    EXTERNAL_DB_HOST: "<PLEASE_CHANGE>"
    EXTERNAL_DB_NAME: "<PLEASE_CHANGE>"
    

    Enter the credentials of the user who has access to the database.

    EXTERNAL_DB_USER: "<PLEASE_CHANGE>"
    EXTERNAL_DB_PASSWORD: "<PLEASE_CHANGE>"
    

    Update the Ranger DB SSL auth type to be "2-way":

    RANGER_DB_SSL_AUTH_TYPE: "2-way"

    Note

    If you upgrade the Privacera Platform from version 7.2 to version 7.5 with a MySQL-enabled SSL DB, update the value of the following property:

    SQL_CONNECTOR_JAR: "/usr/share/java/mariadb-java-client.jar"

    (Optional) Enter a database name for Privacera Portal, Privacera Ranger, and Privacera Ranger KMS. It is recommended to provide different names for the 3 databases.

    PRIVACERA_PORTAL_DB_NAME: "{{EXTERNAL_DB_NAME}}"
    PRIVACERA_RANGER_DB_NAME: "{{EXTERNAL_DB_NAME}}"
    PRIVACERA_RANGER_KMS_DB_NAME: "{{EXTERNAL_DB_NAME}}"                              

    Save and Exit.

  4. Run the following command.

    cd ~/privacera/privacera-manager
    ./privacera-manager.sh update
    
Validation
  1. Login to Privacera portal.

  2. Go to Access Management > Resource Policies. You should be able to see the MySQL service.