AWS S3 File Explorer¶
With this feature, users don't need to be provided with IAM Role nor access to AWS Console. From Privacera Portal itself, users can access the S3 buckets and objects. This feature is available for both PrivaceraCloud and Privacera Self Managed. All policies and access controls configured in Privacera will be applied to the S3 buckets and objects accessed through the Privacera Portal.
Pre-requisite
Privacera DataServer requires IAM role to access AWS services like S3, Glue, DynamoDB, etc. Make sure they are configured and running before using the AWS CLI with Privacera DataServer. Below are links to few of the AWS services. Others can be found the Connectors Section.
- Privacera DataServer is configured and running.
- AWS S3 IAM Role is configured for Privacera DataServer.
Common Use Cases¶
- Data Engineers can explore the S3 buckets and objects to check the data to see if their jobs are working as expected.
- Data Scientists can download/upload the data from/to S3 buckets to do their analysis.
- ML Engineers can upload training data to S3 buckets and download the model artifacts from S3 buckets.
Accessing S3 File Explorer¶
This is available only for Self Managed, not for the Data Plane.
- On the Privacera portal, navigate to Data Inventory -> File Explorer.
-
Locate and click on the created S3 application (e.g.,
default).
-
Access the file you wish to read from the listed buckets.
-
To check the success or failure of the resource policy, go to Access Management -> Audits.
- Allowed indicates successful access.
- Denied indicates failure.
Limitations¶
- It is not recommended to use the S3 File Explorer for large files. The file explorer is designed for small files.
- The S3 File Explorer is not available for Data Plane.
- In PrivaceraCloud, the S3 File Explorer is only available if cross-account access is enabled to provide access to PrivaceraCloud
- Prev topic: AWS