- Platform Release 6.5
- Privacera Platform Installation
- Privacera Platform User Guide
- Privacera Discovery User Guide
- Privacera Encryption Guide
- Privacera Access Management User Guide
- AWS User Guide
- Overview of Privacera on AWS
- Configure policies for AWS services
- Using Athena with data access server
- Using DynamoDB with data access server
- Databricks access manager policy
- Accessing Kinesis with data access server
- Accessing Firehose with Data Access Server
- EMR user guide
- AWS S3 bucket encryption
- Getting started with Minio
- Plugins
- How to Get Support
- Coordinated Vulnerability Disclosure (CVD) Program of Privacera
- Shared Security Model
- Privacera Platform documentation changelog
Overview of Privacera on AWS
Get started
This document covers the features of Privacera Platform on AWS.
Note
The AWS IAM best practices resource is helpful for configuring your AWS Identity and Access Management to support the use of Privacera.
Privacera Components
Privacera provides the following features:
Fine-grained Access Management: Privacera leverages Apache Ranger to provide column and row-level access control.
Automated Discovery and Classification: Privacera automatically scans structured and unstructured data to identify and tag it.
Encryption and Masking: Privacera uses format-preserving and other encryption techniques to anonymize data at rest.
Monitoring of User Access: Privacera analyzes user access history to determine if sensitive data is uploaded, moved, or accessed inappropriately.
Privacera Portal
Privacera Portal is the primary user interface for the Launch Pad and the Privacera Access Management.
Launch Pad
To view the Launch Pad page, on the Privacera home page, click Launch Pad. The Launch Pad page displays with the following features:
AWS Console: Login directly to your AWS Console through this menu option.
AWS CLI: You can access AWS CLI through a generated Privacera token.
Privacera Token: You can manage Privacera Tokens for access management.
Databricks: Databricks is required for accessing your assets such as UI, API, and Command-line interface (CLI).
Access Management
Privacera leverages Privacera Access Management for policy management. Access Management provides a robust policy management layer leveraging several architectural techniques to control access to data. Key benefits include providing:
Single pane of glass for all access policies.
Performance and scalability
Column- and record-level security for a variety of different Data Sources.
Application | Current State | Privacera Solution | Policy Enforcement Point |
|---|---|---|---|
PrestoDB | PrestoDB Authorization | Ranger - Column Level | Plug-In |
EMR - Hive | SQL StdAuthorization | Ranger - Column Level, Dynamic Column Masking, Dynamic Column Encryption/Decryption, Dynamic Row Level Filtering | Plug-In |
EMR - Spark | IAM Policies (Bucket level) | Ranger - File/Object Level | Data Access Server |
Databricks | Databricks Access Control and S3 IAM policies | Ranger - Column Level, File Level, Dynamic Column Masking, Dynamic Column Encryption/Decryption, Dynamic Row Level Filtering | Plug-In |
AWS S3 | IAM Policies (Bucket level) | Ranger - File Level | Data Access Server |
Redshift | Database Grant/Revoke | Ranger - Table Level, Column Level | PolicySync |
Athena | IAM Policies | Ranger - Column Level | JDBC Proxy |
DynamoDB | IAM Policies | Ranger - Column Level | Data Access Server / Role Mapping |
Kinesis / Firehose | IAM Policies | Ranger - Stream Level | Data Access Server / Role Mapping |
Lambda | IAM Policies | Ranger - Function Level | Data Access Server |
Architecture Overview
