Skip to content

Azure Discovery#

What this does#

This topic allows you to setup the Azure configuration for installing Privacera Discovery.

Prerequisites#

Ensure the following prerequisites are met:

Azure Storage Account

  • Create an Azure storage account. For more information, refer to Microsoft's documentation Create a storage account.
  • Create a private-access container. For more information, refer to Microsoft's documentation Create a container.
  • Get the access key. For more information, refer to Microsoft's documentation View account access keys.

Azure Cosmos DB Account

  • Create an Azure Cosmos DB, For more information, refer to Microsoft's documentation Cosmos DB.
  • Get the URI from the Overview section.
  • Get the Primary Key from the Settings > Keys section.
  • Set the consistency to Strong in the Settings > Default Consistency section.

Configuration#

  1. SSH to the Privacera Host VM.

  2. Configure your environment.

    • Configure Discovery for a Kubernetes environment. You need to set the Kubernetes cluster name. For more information, see Discovery (Kubernetes Mode)

    • For a Docker environment, you can skip this step.

  3. ​Run the following commands.

    cd ~/privacera/privacera-manager  
    cp config/sample-vars/vars.kafka.yml config/custom-vars 
    vi config/custom-vars/vars.kafka.yml
    
  4. Run the following commands.

    cd ~/privacera/privacera-manager  
    cp config/sample-vars/vars.discovery.azure.yml config/custom-vars 
    vi config/custom-vars/vars.discovery.azure.yml
    
  5. Edit the following properties. For property details and description, click here.

    DISCOVERY_FS_PREFIX: "<PLEASE_CHANGE>"
    DISCOVERY_AZURE_STORAGE_ACCOUNT_NAME: <PLEASE_CHANGE>"
    DISCOVERY_COSMOSDB_URL: <PLEASE_CHANGE>"
    DISCOVERY_COSMOSDB_KEY: "<PLEASE_CHANGE>"
    DISCOVERY_AZURE_STORAGE_ACCOUNT_KEY: "<PLEASE_CHANGE>"
    CREATE_AZURE_RESOURCES: "false"
    DISCOVERY_AZURE_RESOURCE_GROUP: "<PLEASE_CHANGE>"
    DISCOVERY_AZURE_COSMOS_DB_ACCOUNT: "<PLEASE_CHANGE>"
    DISCOVERY_AZURE_LOCATION: "<PLEASE_CHANGE>"
    
  6. (Optional) If you want to customize Discovery configuration further, you can add custom Discovery properties. For more information, refer to Discovery Custom Properties.

    For example, by default, the username and password for the Discovery service is padmin/padmin. If you choose to change it, refer to Add Custom Properties.

  7. To configure real-time scan for audits, refer to Pkafka.

  8. Run the following commands.

    cd ~/privacera/privacera-manager  
    ./privacera-manager.sh update
    

Last update: July 23, 2021