Skip to content

Portal

The following table contains the list of custom properties that can be configured for the Portal service. To use a custom property from the table, just add it to the following YML file in the custom-vars folder configured as per your environment:

  • vars.portal.yml
Property Description Values Default Value
PORTAL_ENABLE
PORTAL_INSTALL
PORTAL_IMAGE_NAME
PORTAL_IMAGE_TAG
PORTAL_SERVER_MODE
PORTAL_SSL_ENABLE
PORTAL_SSL_SELF_SIGNED
PORTAL_UI_SSO_ENABLE
AAD_SSO_ENABLE
PORTAL_LIQUIBASE_ENABLE
PORTAL_PORT
PORTAL_PROTOCOL
PORTAL_PROTOCOL_URL
PORTAL_PORT_EXTERNAL Property to change the default port number for Portal. 6868
PORTAL_SERVICE_NAME
PORTAL_HOST_NAME
PORTAL_SVC_IP
PORTAL_INGRESS_IP
PORTAL_EXTERNAL_HOST
PORTAL_URL
PORTAL_EXTERNAL_URL
PORTAL_INGRESS_URL
PORTAL_URL_IP
SAML_ENTITY_ID
SAML_BASE_URL
SAML_METADATA_FILEPATH
SAML_GLOBAL_LOGOUT Enabled by default. The global logout for SAML is enabled. Once a logout is initiated, all the sessions you've accessed from the browser would be terminated from the Identity Provider (IDP). true, false true
SAML_EMAIL_ATTRIBUTE Property to customize the email assertion attribute of SAML.    http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
SAML_USERNAME_ATTRIBUTE Property to customize the username assertion attribute of SAML.   http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
SAML_LASTNAME_ATTRIBUTE Property to customize the lastname assertion attribute of SAML.   http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
SAML_FIRSTNAME_ATTRIBUTE Property to customize the firstname assertion attribute of SAML.   http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname
PRIVACERA_PORTAL_DATASOURCE_URL
PRIVACERA_PORTAL_DATASOURCE_USERNAME
PRIVACERA_PORTAL_DATASOURCE_PASSWORD
PRIVACERA_PORTAL_DATASOURCE_DRIVER_CLASS_NAME
PRIVACERA_PORTAL_DATASOURCE_DIALECT
PRIVACERA_PORTAL_KEYSTORE_ALIAS
PRIVACERA_PORTAL_KEYSTORE_PASSWORD
PRIVACERA_PORTAL_TRUSTSTORE_PASSWORD
PRIVACERA_PORTAL_RANGER_ADMIN_TRUST_STORE
PRIVACERA_PORTAL_SSL_TRUSTSTORE
PRIVACERA_PORTAL_SSL_TRUSTORETYPE
PRIVACERA_PORTAL_SSL_KEYSTORETYPE
PRIVACERA_PORTAL_KEYSTORE_FILENAME
PRIVACERA_PORTAL_SSL_KEY_STORE
PRIVACERA_PORTAL_RANGER_USER_PASSWORD
PRIVACERA_PORTAL_TOPIC_DYNAMIC_PREFIX
PRIVACERA_PORTAL_SSL_SIGNED_PEM_FULL_CHAIN
PRIVACERA_PORTAL_SSL_SIGNED_PEM_PRIVATE_KEY
PRIVACERA_PORTAL_SSL_PKCS12_PASSWORD
PRIVACERA_PORTAL_SSL_SIGNED_CERT_FORMAT
PRIVACERA_PORTAL_SSL_SIGNED_PKCS12_ALIAS
PRIVACERA_PORTAL_SSL_SIGNED_PKCS12_FILE
PORTAL_PADMIN_DEFAULT_PASSWORD
PORTAL_PADMIN_PASSWORD
PRIVACERA_PORTAL_HIVE_USER_PASSWORD
PRIVACERA_PORTAL_AUTH_TOKEN
PRIVACERA_PORTAL_ATLAS_USER_PASSWORD
DATASERVER_SVC_IP
DATASERVER_ENDPOINT_HOSTNAME
PORTAL_LDAP_BIND_PASSWORD
PORTAL_LDAP_ENABLE
PORTAL_LDAP_SSL_ENABLED
PORTAL_LDAP_ADD_ETCHOST
PORTAL_LDAP_IP
PORTAL_LDAP_HOST
PORTAL_LDAP_SSL_PM_GEN_TS
PORTAL_LDAP_SSL_TRUSTSTORE_FILE
PORTAL_LDAP_SSL_TRUSTSTORE_TYPE
PORTAL_LDAP_SSL_TRUSTSTORE_PASSWORD
PORTAL_LDAP_SSL_AUTO_GEN_TRUSTSTORE_FILE

Privacera Manager can create a certificate automatically with a certain name. In this property, give a name for the certificate. 

client_ldaps_truststore.cer OR client_ldaps_truststore.jks OR client_ldaps_truststore.p12 client_ldaps_truststore.cer
PORTAL_LDAP_SSL_AUTO_GEN_TRUSTSTORE_TYPE

Privacera Manager can create a certificate automatically of a specific type. In this property, give a type for the certificate. 

cer, jks, p12 cer
PORTAL_SOLR_BASIC_AUTH_ENABLED
PORTAL_SOLR_BASIC_AUTH_USER
PORTAL_SOLR_BASIC_AUTH_PASSWORD
PRIVACERA_ACCESS_REQUEST_MANAGER_PASSWORD
PRIVACERA_ACCESS_REQUEST_MANAGER_USER
PRIVACERA_PORTAL_SECRETS_FILE
PORTAL_ENCRYPT_SECRETS
PRIVACERA_PORTAL_SECRETS_KEYSTORE_PASSWORD
PORTAL_ENCRYPT_PROPS_LIST
AWS_PORTAL_LB_CERTIFICATE_ARN
PORTAL_LB_SSL_CERT
PORTAL_LB_SSL_PORT
PORTAL_LB_TARGET_PORT
PORTAL_LB_BACKEND_PROTOCOL
PORTAL_K8S_PVC_NAME
PORTAL_K8S_PVC_STORAGE_SIZE_MB
PORTAL_K8S_PVC_STORAGE_SIZE
PORTAL_K8S_LOADBALANCER_EXTERNAL
PORTAL_K8S_ANNOTATION_LOADBALANCER_ANNOTATION
PORTAL_K8S_STORAGE_PROVISIONER
PORTAL_K8S_SC_NAME
PORTAL_K8S_PV_ENCRYPTED
PORTAL_K8S_PV_KEY
PORTAL_K8S_CPU_REQUESTS
PORTAL_K8S_CPU_LIMITS
PORTAL_K8S_REPLICAS
PORTAL_HELM_CHART_VERSION
PRIVACERA_PORTAL_DATASERVER_ENABLE_APP_DAO_CREATE
PRIVACERA_PORTAL_DATASERVER_ENABLE
PRIVACERA_PORTAL_DATASERVER_PROXY_HOST
PRIVACERA_PORTAL_DATASERVER_PROXY_PORT
PRIVACERA_PORTAL_DATASERVER_PROXY_PROTOCOL
PRIVACERA_PORTAL_DATASERVER_EXPLORER_PROTOCOL
PRIVACERA_PORTAL_DATASERVER_ADLS_STORAGE_TYPE
PRIVACERA_PORTAL_RANGER_SERVICE_NAME
PRIVACERA_PORTAL_RANGER_CLUSTER_NAME
PRIVACERA_ACCESS_REQUEST_MANAGER_ENABLE
PRIVACERA_ACCESS_REQUEST_MANAGER_PROCESS_KEY
PRIVACERA_ACCESS_REQUEST_MANAGER_PROJECT_ROLES_FILE
PRIVACERA_PORTAL_K8S_HA_ENABLE
PRIVACERA_PORTAL_ELECTION_NODE_PATH
PRIVACERA_PORTAL_ZK_CONNECTION_STRING
PRIVACERA_PORTAL_ELECTION_ZK_RETRY
PRIVACERA_PORTAL_ELECTION_ZK_RETRY_SLEEP_IN_MS
PRIVACERA_PORTAL_ELECTION_RETRY_COUNT
PRIVACERA_PORTAL_ELECTION_RETRY_SLEEP_INTERVAL_SEC
PORTAL_K8S_READINESS_PROBE_DELAY_SECS Time in seconds to delay the Kubernetes readiness probe for the Portal pod. 120
PORTAL_K8S_READINESS_PROBE_FAILURE_THRESHOLD Failure threshold is the number of times Kubernetes will try to perform the readiness probe for the Portal pod. 6
PORTAL_K8S_READINESS_PROBE_PERIOD_SECS Time in seconds to perform the Kubernetes readiness probe for the Portal pod. 30
PORTAL_K8S_LIVENESS_PROBE_DELAY_SECS Time in seconds to delay the Kubernetes liveness probe for the Portal pod. 400
PORTAL_K8S_LIVENESS_PROBE_PERIOD_SECS Time in seconds to perform the Kubernetes liveness probe for the Portal pod. 30
PORTAL_K8S_LIVENESS_PROBE_FAILURE_THRESHOLD Failure threshold is the number of times Kubernetes will try to perform the liveness probe for the Portal pod. 3
PORTAL_K8S_STARTUP_PROBE_ENABLED Enable the startup probe for the Portal pod. true, false false
PORTAL_K8S_STARTUP_PROBE_PERIOD_SECS Time in seconds to perform the Kubernetes startup probe for the Portal pod. 30
PORTAL_K8S_STARTUP_PROBE_DELAY_SECS Time in seconds to delay the Kubernetes startup probe for the Portal pod. 400
PORTAL_K8S_STARTUP_PROBE_FAILURE_THRESHOLD Failure threshold is the number of times Kubernetes will try to perform the startup probe for the Portal pod. 3
PORTAL_K8S_NETWORKING_LOADBALANCER_IP
PORTAL_K8S_NETWORKING_LOADBALANCER_SOURCE_RANGES
PORTAL_TOPOLOGIES
PORTAL_K8S_SERVICE_ACCOUNT
PORTAL_DATABRICKS_REPORT_ENABLE

Property to enable/disable offline reporting in Databricks.

Note: Do not set this property, if a Discovery service is already running in your environment.

true,false false
SAML_MAX_AUTH_AGE_SEC it is the maximum time in seconds that a users is allowed by IDP to be logged in since his initial authentication. The default time is 7889400 seconds (3 months). 7889400
SAML_RESPONSE_SKEW_SEC It is the maximum difference between local time and time of the assertion creation which still allows messages to be processed. It determines the maximum difference between the clocks of the IDP and SP machines. 600
SAML_FORCE_AUTHN When the property is set to true, IDP is required to re-authenticate a user even if the user has an existing session and not rely on any previous authentication events. true,false true
Memory Variables
PORTAL_HEAP_MIN_MEMORY_MB Minimum Java Heap memory in MB used by Privacera Portal. For example, PORTAL_HEAP_MIN_MEMORY_MB: "1024"
PORTAL_HEAP_MIN_MEMORY Minimum Java Heap memory used by Privacera Portal. Setting this value will override PORTAL_HEAP_MIN_MEMORY_MB. For example, PORTAL_HEAP_MIN_MEMORY: "1g"
PORTAL_HEAP_MAX_MEMORY_MB Maximum Java Heap memory in MB used by Privacera Portal. For example, PORTAL_HEAP_MAX_MEMORY_MB: "1024"
PORTAL_HEAP_MAX_MEMORY Maximum Java Heap memory used by Privacera Portal. Setting this value will override PORTAL_HEAP_MAX_MEMORY_MB. For example, PORTAL_HEAP_MAX_MEMORY: "1g"
PORTAL_K8S_MEM_REQUESTS_MB Minimum amount of kubernetes memory in MB to be requested by Privacera Portal. For example, PORTAL_K8S_MEM_REQUESTS_MB: "1024"
PORTAL_K8S_MEM_REQUESTS Minimum amount of kubernetes memory to be used by Privacera Portal. Setting this value will override PORTAL_K8S_MEM_REQUESTS_MB. For example, PORTAL_K8S_MEM_REQUESTS: "1G"
PORTAL_K8S_MEM_LIMITS_MB Maximum amount of kubernetes memory in MB to be requested by Privacera Portal. For example, PORTAL_K8S_MEM_LIMITS_MB: "1024"
PORTAL_K8S_MEM_LIMITS Maximum amount of kubernetes memory to be used by Privacera Portal. Setting this value will override PORTAL_K8S_MEM_LIMITS_MB. For example, PORTAL_K8S_MEM_LIMITS: "1G"
PORTAL_CPU_MIN Minimum amount of kubernetes CPU to be requested by Privacera Portal. For example, PORTAL_CPU_MIN: "0.5"
PORTAL_CPU_MAX Maximum amount of kubernetes CPU to be used by Privacera Portal. For example, PORTAL_CPU_MAX: "0.5"