- Platform Release 6.5
- Privacera Platform Installation
- Privacera Platform User Guide
- Privacera Discovery User Guide
- Privacera Encryption Guide
- Privacera Access Management User Guide
- AWS User Guide
- Overview of Privacera on AWS
- Configure policies for AWS services
- Using Athena with data access server
- Using DynamoDB with data access server
- Databricks access manager policy
- Accessing Kinesis with data access server
- Accessing Firehose with Data Access Server
- EMR user guide
- AWS S3 bucket encryption
- Getting started with Minio
- Plugins
- How to Get Support
- Coordinated Vulnerability Disclosure (CVD) Program of Privacera
- Shared Security Model
- Privacera Platform documentation changelog
Data inventory
File explorer
File explorer
With the File Explorer, you can browse object resources (buckets, files and folders) in AWS, ADLS and GCS. You can upload and retrieve the data to and from the bucket. With resource policies you associate with the bucket, you can control access by granting or revoking permissions for users, groups, or roles.
Prerequisite
Be sure you have added the Dataserver data resource.
Configure resource policy
After the Dataserver is added, configure the default policy to add an Allow Condition as follows: metadata read permission for the public group for bucket name * and object path *.
For more information on creating a policy, see Creating Resource Based Policies.
View files and folders
To view the list of files and folders of a S3 bucket, do the following:
Navigate to Data Inventory > File Explorer.
Since the policy is enabled, all the S3 buckets are displayed on the File Explorer page.
On the File Explorer page, you can do the following actions:
Action
Description
Refresh
Refreshes the S3 buckets
Search
Allows to search for a particular bucket
Filter
Hides or shows columns
Create Folder
Allows to create a folder
Upload
Allows to upload a file. You can upload all those files formats that are supported by AWS S3.
Delete
Allows to delete file(s) or folder(s)
Calculate
Calculates folder size
Copy to Clipboard
Copies the object path
Use case: AWS S3
By managing the permissions in the policy, you can provide access control on the S3 bucket. In this use case, you will see how you can allow/restrict a user from uploading files to a S3 bucket, and view the activity in an audit log.
Create a policy with Read and Write permissions.
Upload a file by performing the following steps:
Navigate to Data Inventory > File Explorer.
Go to the S3 bucket where you want to upload the file.
Click Upload.
Add File popup is displayed.
Choose the file to upload and click Upload button.
The file is uploaded with a success message and seen in the listing.
Navigate to Access Manager > Audits to view the audit log for the upload action.
Edit the policy and remove the Write permission.
Upload a file by performing the following steps:
Navigate to Data Inventory > File Explorer.
Go to the S3 bucket where you want to upload the file.
Click Upload, Add File popup is displayed.
Choose the file to upload and click Upload button.
"Access Denied" error message is displayed.
Navigate to Access Manager > Audits to view the audit log for the denied upload action.