Privacera Platform master publication

S3 browser

:
  1. Login to Privacera portal.

  2. On the Privacera portal, click and expand the Settings menu and click Data Source Registration from the left menu.

  3. On the Application page, click the +Add System.

    image19.jpg

    The Add System pop-up displays.

    1. Enter System Name in the Name field. (Mandatory) For example: AWS

    2. Enter the description in the Description field. (Optional)

      image20.jpg
    3. Click Save.

      The Application page displays with newly added system.

  4. Click on the Setting icon of the system, and then click +Add Application.

    image21.jpg
  5. Select AWS S3 Application as application.

    image22.jpg
  6. Under the Add New Properties, add the following properties:

    • explorer_proxy_enable=true

    • explorer_proxy_host=dataserver

    • explorer_proxy_port=8181

    • explorer_proxy_protocol=http

    • explorer_protocol=http

      image23.jpg

Test Connection: This option allows you to test & verify the connection on clicking Test Connection.

  1. Click Next. The Success pop-up message displays.

  2. To Enable an application, select the Edit icon.

    image24.jpg

    The Edit Application pop-up displays.

  3. On the Edit Application, change the status to Enable (if the status is not enabled).

    image25.jpg
  4. Click Save.

    The Success pop-up message displays.

  5. Now, expand the Data Inventory menu and click the File Explorer from the left menu.

    image26.jpg

    All the S3 Buckets will be displayed on the File Explorer page.

S3 browser use cases

Denied use cases

To execute Denied use cases, you need to disable the relevant S3 Policy, by performing the following steps:

  1. Login to EC2 instance. /${PRIVACERA_HOST}:${PRIVACERA_PORT}/public/index.html

  2. On the Privacera home page, expand the Access Management and click the Resource Policies from the left menu.

  3. Create the S3 Policy in Privacera.

    image27.jpg
  4. Disable the S3 Policy.

    image28.jpg
  5. Click Save.

  6. Now, expand the Data Inventory and click the File Explorer from the left menu.

Check read access

  • Go to ${S3_BUCKET}

  • Click on ${S3_FILE}

  • No data will be seen.

  • Go to /${PRIVACERA_HOST}:${PRIVACERA_PORT}/public/index.html#/ranger/audit?_k=h2kgd0

  • There will be denied audit.

Check download access

  • Go to ${S3_BUCKET}

  • Click Download for ${S3_FILE}

  • Empty file will be downloaded.

  • Go to /${PRIVACERA_HOST}:${PRIVACERA_PORT}/public/index.html#/ranger/audit?_k=h2kgd0

  • There will be denied audit.

Check delete access

  • Go to ${S3_BUCKET}

  • Click Delete for ${S3_FILE}

  • File will not be deleted.

  • Go to http://${PRIVACERA_HOST}:${PRIVACERA_PORT}/public/index.html#/ranger/audit?_k=h2kgd0

  • There will be denied audit.

Check upload access

  • Go to ${S3_BUCKET}

  • Create a new file and upload it.

  • Click Upload and upload ${YOUR_S3_FILE}

  • File will not be uploaded.

  • Go to /${PRIVACERA_HOST}:${PRIVACERA_PORT}/public/index.html#/ranger/audit?_k=h2kgd0

  • There will be denied audit.

Allowed use cases

To execute Allowed use cases, you need to enable the relevant S3 Policy, by performing the following steps:

  1. Login to EC2 instance. http://${PRIVACERA_HOST}:${PRIVACERA_PORT}/public/index.html

  2. On the Privacera home page, expand the Access Management and click the Resource Policies from the left menu.

  3. Update the S3 Policy.

    image29.jpg
  4. Now, expand the Data Inventory and click the File Explorer from the left menu.

Check read access

  • Go to ${S3_BUCKET}

  • Click on ${S3_FILE}

  • Data will be seen.

  • Go to /${PRIVACERA_HOST}:${PRIVACERA_PORT}/public/index.html#/ranger/audit?_k=h2kgd0

  • There will be allowed audit.

Check download access

  • Go to ${S3_BUCKET}

  • Click Download for ${S3_FILE}

  • Empty file will be downloaded.

  • Go to /${PRIVACERA_HOST}:${PRIVACERA_PORT}/public/index.html#/ranger/audit?_k=h2kgd0

  • There will be denied audit.

Check delete access

  • Go to ${S3_BUCKET}

  • Click Delete for ${S3_FILE}

  • File will not be deleted.

  • Go to /${PRIVACERA_HOST}:${PRIVACERA_PORT}/public/index.html#/ranger/audit?_k=h2kgd0

  • There will be denied audit.

Check upload access

  • Go to ${S3_BUCKET}

  • Create a new file and upload it.

  • Click Upload and upload ${YOUR_S3_FILE}

  • File will be uploaded and seen in the listing.

  • Go to /${PRIVACERA_HOST}:${PRIVACERA_PORT}/public/index.html#/ranger/audit?_k=h2kgd0

  • There will be allowed audit.