Skip to main content

Privacera Documentation

Table of Contents

Scripts for AWS CLI or Azure CLI for managing connected applications

With Launch Pad, you can download a security token and a Linux-based shell script for disabling or checking the status of a connected AWS or Azure application. This allows PrivaceraCloud to control and limit access based on resource policies.

Prerequisites

At least one AWS or Azure application must be connected to PrivaceraCloud, such as S3 or Azure Data Lake Storage Gen 2 (ADLS). See About the Account page on PrivaceraCloud.

For your local Linux-based system, AWS or Azure CLIs and documentation are available Amazon and Microsoft:

Generate security token

This topic describes how to generate the PrivaceraCloud security token.

To generate the Privacera token:

  1. Go to Launch Pad.

  2. Click Privacera Token.

  3. Click + Generate Token.

    Generate Token dialog box is displayed.

  4. Enter the username, purpose of the token, select the Never Expire checkbox, and click Generate Token.

    Access Key and Secret Key are generated.

Download security token and Linux shell script

The steps to download the security token and shell script are identical between AWS CLI or Azure CLI are similar.

The token is unique to your PrivaceraCloud account. PrivaceraCloud will generate the token, if you are downloading it for the first time. The token is added to the token list, available under Launch Pad > Privacera Token.

AWS

  1. Go to Launch Pad > Setup AWS Cli.

  2. Click Download Token to download and save a token to .privacera folder in your home directory For example, $HOME/.privacera/privacera_token.

  3. Click Download Script to download and save the AWS setup script to your Home folder. For example, $HOME/privacera_aws.sh.

  4. Run the following command to set the script to be executable. The script will run the necessary commands to install and activate the redirection.

    chmod a+x ~/privacera_aws.sh
  5. Run the following command to check all the configuration and dependencies status.

    Substitute the value of {profile-name} that you specified when configuring the S3 application. See Connect S3 to PrivaceraCloud.

    . ~/privacera_aws.sh --profile <profile-name>

    The following response is displayed:

    DataServer is active: [https://ds.privaceracloud.com]
     Portal is active: [https://privaceracloud.com]
     Token is active
     Setting Privacera Cloud Access Manager configurations
     Privacera Cloud Access Manager configurations are active
  6. Run a command to test the installation:

    1. Run the following command:

      ~/privacera_aws.sh
    2. Use the following AWS command:

      aws s3 <s3-command>

      The following is an example of the command:

      aws s3 ls 

      The following response is displayed:

      PRE privacera/
      PRE privacera_s3/

Azure

  1. On the left navigation, navigate to Launch Pad > Setup Azure Cli.

  2. Click Download Token to download and save a token to .privacera folder in your Home directory For example, $HOME/.privacera/privacera_token.

  3. Click Download Script to download and save the Azure setup script to your Home folder. For example, $HOME/privacera_azure.sh.

  4. Run the following command to set the script to be executable. The script will run the necessary commands to install and activate the redirection.

    chmod a+x ~/privacera_azure.sh
    
  5. Run the following command to check all the configuration and dependencies status:

    . ~/privacera_azure.sh 
    

    The following response should be displayed:

    DataServer is active: [https://ds.privaceracloud.com]
     Portal is active: [https://privaceracloud.com]
     Token is active
     Setting Privacera Cloud Access Manager configurations
     Privacera Cloud Access Manager configurations are active
  6. Run a command to test the installation:

    az storage blob list --container-name privacera --output table

    The following response should be displayed:

    Name                           Blob Type    Blob Tier    Length    Content Type              Last Modified              Snapshot
    -----------------------------  -----------  -----------  --------  ------------------------  -------------------------  ----------
    privacera                      BlockBlob    Hot                                              2021-01-19T14:03:02+00:00
    privacera/json                 BlockBlob    Hot                                              2021-01-19T14:03:02+00:00
    privacera/json/adls            BlockBlob    Hot                                              2021-05-27T12:31:03+00:00
    test_data.json.gz              BlockBlob    Hot          622       application/octet-stream  2021-05-21T08:48:06+00:00