Skip to content

What is a Runtime Plane?

Tip

Contact Privacera Support to turn on the Runtime Plane feature for your account. When it is enabled, open Settings → Runtime Plane in the portal.

Supported today: D2P deployment mode for Snowflake, Databricks Unity Catalog, Microsoft SQL Server — more connector types and modes will be added over time.

In everyday terms, a Runtime Plane is the Kubernetes namespace (namespace and related resources) where Privacera runs connectors — the components that connect to your data platforms. You define runtime planes and connectors in the portal. The Runtime Agent runs in that namespace: it manages connector workloads, keeps them aligned with what you configured.

How work flows (simple view)

  1. You change settings in the portal (connectors).
  2. The Runtime Agent polls Runtime Manager for configuration updates and applies what is needed in your runtime plane.
  3. The agent also sends status back — about itself and the connectors — so the control plane and portal stay up to date.
  4. Connectors poll the agent to pick up updates to the configuration properties they use.

Deployment types

Choose the deployment type based on where your Kubernetes cluster is located.

PrivaceraCloud Data-plane (D2P)

The Kubernetes cluster stays in your cloud account. Privacera assists with setup and ongoing configuration. Follow the portal guidance for your tenant.

D2P deployment architecture

Recommendation

For current releases, deploy your runtime plane using D2P so connectors run in your cloud account while you follow Privacera-managed control plane and portal flows. Use Settings → Runtime Plane and the assisted steps in the portal.

What to expect after you register a runtime plane

  1. You complete the flow in the portal (Settings → Runtime Plane). The UI explains each field.
  2. Depending on your setup, you may receive one-time material (for example keys) — save anything marked one-time before you close the dialog.
  3. D2P — Follow the assisted steps in the portal.
  4. You add and edit connectors in the portal; the agent applies changes and connectors receive updates through their poll cycle against the agent.

For provisioning details, one-time secrets, and Privacera Managed keys, see Getting Started and How Sensitive Data is Handled.

  • Getting Started — One-time secrets, D2P provisioning and day-two notes without repeating the portal form.
  • How Sensitive Data is Handled — Where secrets can live, Privacera Managed keys (API key and private encryption key), and how they are protected.
  • Runtime API Reference — HTTP APIs for the runtime plane (connector export, import, and related operations).