Skip to main content

Privacera Platform

Table of Contents

Configure policies for AWS services

:

Use Privacera Access Management to configure resource-based services and add access policies to them.

Configure data access server environment in Privacera

  1. In the Privacera Portal home page, go to the left navigation, and then click Launch Pad.

  2. Click AWS Cli and follow the prompts. For more information about AWS CLi, see Enable AWS CLI.

Configure proxy for user

  • In the terminal prompt, enable the proxy.

    ~/privacera_aws.sh --enable-proxy

Use S3 with data access server

  1. In the terminal prompt, list the contents of test-bucket. (${test-bucket}) is mentioned as an example across the document. You can change the bucket name as per your choice.

    aws s3 ls s3://test-bucket
  2. In the terminal prompt, copy a local file to test-bucket.

    aws s3 cp srcFile.txt s3://test-bucket/dstFile.txt

    It will show the following result: upload failed: ./srcFile.txt to s3://test-bucket/dstFile.txt An error occurred (403) when calling the PutObject operation: Forbidden. This indicates that the current user doesn’t have permission to perform this operation.

Configure S3 policy in Privacera Portal

Create a policy to allow the user access to test-bucket for READ and WRITE operations.

  1. In the Privacera Portal home page, go to the left navigation, and click Access Management > Resource Policies.

  2. In the Resource Policies page, click privacera_s3.

  3. Click Add New Policy.

  4. Enter the following policy details in the fields:

    • Policy Name: s3_test_policy

    • Bucket Name: test-bucket (S3 Bucket Name)

    • Object Path: * (File/Directory/Object Path Inside Bucket)

    • In the Allow Conditions section, select:

      • In the Select User dropdown, select a username to which you want to grant access

      • In the Permissions section, click Add Permission, and select read, metadata read, write, and metadata write.

  5. Click Save.

Copy file to S3 bucket
  1. In the terminal prompt, copy the local file to test-bucket.

    aws s3 cp srcFile.txt s3://test-bucket/dstFile.txt
  2. Verify that the copy was successful.

    aws s3 ls s3://test-bucket/