Skip to content

Add UserInfo in S3 Requests sent via Dataserver

This feature enables logging of the privacera-username trying to access the S3 data via Privacera Dataserver in AWS Cloudwatch logs. You can see theprivacerar-usernameas a request parameter{privacera-user: callingUser}` in the AWS CloudWatch Logs for that particular resource which the callingUser is trying to access.

Refer sample value which will be seen in AWS Cloudwatch logs.

Note: This feature is currently supported for the following:

Steps#

  1. If you are revising an existing AWS Data Server configuration:

    1. In Settings: Datasource open for editing the existing datasource application (Click on the edit (pen) icon.)

    2. Click on Application Properties tab and add the following property in Add Custom Properties section.

      dataserver.aws.request.include.userinfo=true 
      
    3. Save this configuration.

  2. Else, if you are creating a new AWS S3 Databricks connection:

    1. In Settings: Datasource, select a datasource system and open + Add Application.

    2. Select DATA SERVER.

    3. Enter Application Name, Description, and Code.

    4. Select Cloud environment AWS.

    5. Under Add New Properties, in the Add Custom Properties edit box, add the following property.

      dataserver.aws.request.include.userinfo=true
      

      Save this configuration.

    6. Back in the Datasource main dialog, open the just added Dataserver application for edit (click on pen icon), then click on Application Properties. Provide your AWS credentials as Access Key/Secret Key or provide an IAM Role, as specified in paragraph AWS Account Access.


Last update: August 20, 2021