Skip to main content

Privacera Documentation

Table of Contents

Set up PEG and Cryptography with Ranger KMS on Privacera Platform

This topic covers how to set up and use Privacera Cryptography and Privacera Encryption Gateway (PEG) using Ranger KMS.

CLI configuration

  1. SSH to the instance where Privacera is installed.

  2. Create a crypto configuration file, and set the value of the Ranger KMS Master Key Password.

    cd ~/privacera/privacera-manager
    cp config/sample-vars/vars.crypto.yml config/custom-vars/
    vi config/custom-vars/vars.crypto.yml

    Assign a password to the RANGER_KMS_MASTER_KEY_PASSWORD such as "Str0ngP@ssw0rd".

    RANGER_KMS_MASTER_KEY_PASSWORD: "<PLEASE_CHANGE>"
  3. Run the following command.

    cp config/sample-vars/vars.peg.yml config/custom-vars/
  4. (Optional) If you want to customize PEG configuration further, you can add custom PEG properties. For more information, refer to PEG custom properties.

    For example, by default, the username and password for the PEG service is padmin/padmin. If you choose to change it, refer to Add custom properties using Privacera Manager on Privacera Platform.

  5. Run Privacera Manager to update the Privacera Platform configuration:

    cd ~/privacera/privacera-manager
    ./privacera-manager.sh update

    If this is a Kubernetes deployment, update all Privacera services:

    ./privacera-manager.sh update