Skip to main content

Privacera Documentation

Enable Azure CLI on Privacera Platform

  1. In the Privacera Portal, click LaunchPad from the left menu.

  2. To open the Azure CLI dialog, under the Azure Services section, click Azure CLI.

    This dialog provides the means to download an Azure CLI setup script specific to your installation. It also provides a set of usage instructions.

  3. In Azure CLI, under Configure Script, click Download Script to save the script on your local machine. If you will be running Azure CLI on another system such as a 'jump server' copy it to that host.

    1. Alternatively, use 'wget' to pull this script down to your execution platform, as shown below. Substitute your installation's Privacera Platform host domain name or IPv4 address for "<PRIVACERA_PORTAL_HOST>".

      wget http://<PRIVACERA_PORTAL_HOST>:6868/api/cam/download/script -O privacera_azure.sh
      # USE THE "--no-check-certificate" option for HTTPS - and remove the # below
      # wget --no-check-certificate https://<PRIVACERA_PORTAL_HOST>:6868/api/cam/download/script -O privacera_azure.sh
      
    2. Copy the downloaded script to home directory.

      cp privacera_azure.sh ~/
      cd ~/
      
    3. Set this file to be executable:

      chmod a+x . ~/privacera_azure.sh
      
  4. Under the Azure Cli Generate Token section, first, generate a platform token.

    Note

    All the commands should be run with a space between the dot (.) and the script name (~/privacera_aws.sh).

    1. Run the following command:

      . ~/privacera_azure.sh --config-token
      
    2. Select/check Never Expired to generate a token that does not expire. Click Generate.

  5. Enable the Proxy or the endpoint and run one of the two commands shown below.

    . ~/privacera_azure.sh --enable-proxy
    

    or:

    . ~/privacera_azure.sh --enable-endpoint
    
  6. Under the Check Status section, run the command below.

    . ~/privacera_azure.sh --status
    
  7. To disable both the proxy and the endpoint, under the Azure Access section, run the commands shown below.

    . ~/privacera_azure.sh --disable-proxy
    . ~/privacera_azure.sh --disable-endpoint
    

Azure CLI Examples

List files in container

az storage blob list --container-name ${AZURE_CONTAINER_NAME} --output table

Upload a file

az storage blob upload --container-name ${AZURE_CONTAINER_NAME} --file ${FILE_TO_UPLOAD} --name ${FILE_NAME}

Download a file

az storage blob download --container-name ${AZURE_CONTAINER_NAME} --file ${FILE_TO_DOWNLOAD} --name ${FILE_NAME}

Azure Rest APIs

Azure offers rest APIs to access their ADLS storage (like Azure CLI). Following examples show how to access ADLS storage using Rest APIs in more secured way using Privacera.

Export Data Server Properties

export DATASERVER_URL=<dataserver-url>export AZURE_ADLS_STORAGE_ACCOUNT_NAME=<azure-storage-account-name>export AZURE_ADLS_CONTAINER_NAME=<azure-container-name>export PRIVACERA_TOKEN="<privacera-access-token>|<privacera-secret-token>"

Download Data Server CA certificates

curl -s -k "${DATASERVER_URL}/services/certificate" -o /tmp/cacerts
chmod 400 /tmp/cacerts

List containers

curl -v -X GET "${DATASERVER_URL}/${AZURE_ADLS_STORAGE_ACCOUNT_NAME}/?comp=list" -H "Authorization: Bearer ${PRIVACERA_TOKEN}" -H "x-ms-version: 2018-11-09" --cacert /tmp/cacerts

List BLOBs

curl -v -X GET "${DATASERVER_URL}/${AZURE_ADLS_STORAGE_ACCOUNT_NAME}/${AZURE_ADLS_CONTAINER_NAME}?restype=container&comp=list" -H "Authorization: Bearer ${PRIVACERA_TOKEN}" -H "x-ms-version: 2018-11-09" --cacert /tmp/cacerts

Upload BLOB

curl -v -X PUT "${DATASERVER_URL}/${AZURE_ADLS_STORAGE_ACCOUNT_NAME}/${AZURE_ADLS_CONTAINER_NAME}/{FILE_NAME}" -H "Authorization: Bearer ${PRIVACERA_TOKEN}" -H "x-ms-version: 2018-11-09" -d'@{FILE_TO_UPLOAD}' -H "x-ms-blob-type: BlockBlob" --cacert /tmp/cacerts

Azure Rest APIs

Azure offers rest APIs to access their ADLS storage (like Azure CLI). Following examples show how to access ADLS storage using Rest APIs in more secured way using Privacera.

Export Data Server Properties

export DATASERVER_URL=<dataserver-url>export AZURE_ADLS_STORAGE_ACCOUNT_NAME=<azure-storage-account-name>export AZURE_ADLS_CONTAINER_NAME=<azure-container-name>export PRIVACERA_TOKEN="<privacera-access-token>|<privacera-secret-token>"

Download Data Server CA certificates

curl -s -k "${DATASERVER_URL}/services/certificate" -o /tmp/cacerts
chmod 400 /tmp/cacerts

List containers

curl -v -X GET "${DATASERVER_URL}/${AZURE_ADLS_STORAGE_ACCOUNT_NAME}/?comp=list" -H "Authorization: Bearer ${PRIVACERA_TOKEN}" -H "x-ms-version: 2018-11-09" --cacert /tmp/cacerts

List BLOBs

curl -v -X GET "${DATASERVER_URL}/${AZURE_ADLS_STORAGE_ACCOUNT_NAME}/${AZURE_ADLS_CONTAINER_NAME}?restype=container&comp=list" -H "Authorization: Bearer ${PRIVACERA_TOKEN}" -H "x-ms-version: 2018-11-09" --cacert /tmp/cacerts

Upload BLOB

curl -v -X PUT "${DATASERVER_URL}/${AZURE_ADLS_STORAGE_ACCOUNT_NAME}/${AZURE_ADLS_CONTAINER_NAME}/{FILE_NAME}" -H "Authorization: Bearer ${PRIVACERA_TOKEN}" -H "x-ms-version: 2018-11-09" -d'@{FILE_TO_UPLOAD}' -H "x-ms-blob-type: BlockBlob" --cacert /tmp/cacerts

Download BLOB

curl -v -X GET "${DATASERVER_URL}/${AZURE_ADLS_STORAGE_ACCOUNT_NAME}/${AZURE_ADLS_CONTAINER_NAME}/{FILE_TO_DOWNLOAD}" -H "Authorization: Bearer ${PRIVACERA_TOKEN}" -H "x-ms-version: 2018-11-09" --cacert /tmp/cacerts -o {FILE_NAME}