Azure CLI#
Enable Azure CLI#
-
In the Privacera Portal, click LaunchPad from the left menu.
-
Under the Azure Services section, click
to open the Azure CLI dialog. This dialog provides the means to download an Azure CLI setup script specific to your installation. It also provides a set of usage instructions. -
In Azure CLI, under Configure Script, click Download Script to save the script on your local machine. If you will be running Azure CLI on another system such as a 'jump server' copy it to that host.
-
Alternatively, use 'wget' to pull this script down to your execution platform, as shown below. Substitute your installation's Privacera Platform host domain name or IPv4 address for "<PRIVACERA_PORTAL_HOST>".
wget http://<PRIVACERA_PORTAL_HOST>:6868/api/cam/download/script -O privacera_azure.sh # USE THE "--no-check-certificate" option for HTTPS - and remove the # below # wget --no-check-certificate https://<PRIVACERA_PORTAL_HOST>:6868/api/cam/download/script -O privacera_azure.sh -
Copy the downloaded script to home directory.
cp privacera_azure.sh ~/ cd ~/ -
Set this file to be executable:
chmod a+x . ~/privacera_azure.sh
-
-
Under the Azure Cli Generate Token section, first, generate a platform token.
Note
All the commands should be run with a space between the dot (.) and the script name (
~/privacera_azure.sh).-
Run the following command:
. ~/privacera_azure.sh --config-token -
Select/check Never Expired to generate a token that does not expire. Click Generate.
-
-
Enable the Proxy or the endpoint and run one of the two commands shown below.
. ~/privacera_azure.sh --enable-proxyor:
. ~/privacera_azure.sh --enable-endpoint -
Under the Check Status section, run the command below.
. ~/privacera_azure.sh --status -
To disable both the proxy and the endpoint, under the Azure Access section, run the commands shown below.
. ~/privacera_azure.sh --disable-proxy . ~/privacera_azure.sh --disable-endpoint
Azure CLI Examples#
List files in container
az storage blob list --container-name ${AZURE_CONTAINER_NAME} --output table
az storage blob upload --container-name ${AZURE_CONTAINER_NAME} --name ${BLOB_NAME} --file ${FILE_TO_UPLOAD}
Example:
az storage blob upload --container-name cust-data --name customer_data/customer_data_new.csv --file customer_data.csv
Download a file
az storage blob download --container-name ${AZURE_CONTAINER_NAME} --name ${BLOB_NAME_TO_DOWNLOAD} --file ${FILE_TO_WRITE}
az storage blob download --container-name cust-data --name customer_data/customer_data.csv --file customer_data.csv_new --output table
Azure Rest APIs#
Azure offers rest APIs to access their ADLS storage (like Azure CLI). Following examples show how to access ADLS storage using Rest APIs in more secured way using Privacera.
Export Data Server Properties
export DATASERVER_URL=<dataserver-url>
export AZURE_ADLS_STORAGE_ACCOUNT_NAME=<azure-storage-account-name>
export AZURE_ADLS_CONTAINER_NAME=<azure-container-name>
export PRIVACERA_TOKEN="<privacera-access-token>|<privacera-secret-token>"
Download Data Server CA certificates
curl -s -k "${DATASERVER_URL}/services/certificate" -o /tmp/cacerts
chmod 400 /tmp/cacerts
List containers
curl -v -X GET "${DATASERVER_URL}/${AZURE_ADLS_STORAGE_ACCOUNT_NAME}/?comp=list" -H "Authorization: Bearer ${PRIVACERA_TOKEN}" -H "x-ms-version: 2018-11-09" --cacert /tmp/cacerts
List BLOBs
curl -v -X GET "${DATASERVER_URL}/${AZURE_ADLS_STORAGE_ACCOUNT_NAME}/${AZURE_ADLS_CONTAINER_NAME}?restype=container&comp=list" -H "Authorization: Bearer ${PRIVACERA_TOKEN}" -H "x-ms-version: 2018-11-09" --cacert /tmp/cacerts
Upload BLOB
curl -v -X PUT "${DATASERVER_URL}/${AZURE_ADLS_STORAGE_ACCOUNT_NAME}/${AZURE_ADLS_CONTAINER_NAME}/{FILE_NAME}" -H "Authorization: Bearer ${PRIVACERA_TOKEN}" -H "x-ms-version: 2018-11-09" -d'@{FILE_TO_UPLOAD}' -H "x-ms-blob-type: BlockBlob" --cacert /tmp/cacerts
Download BLOB
curl -v -X GET "${DATASERVER_URL}/${AZURE_ADLS_STORAGE_ACCOUNT_NAME}/${AZURE_ADLS_CONTAINER_NAME}/{FILE_TO_DOWNLOAD}" -H "Authorization: Bearer ${PRIVACERA_TOKEN}" -H "x-ms-version: 2018-11-09" --cacert /tmp/cacerts -o {FILE_NAME}