Skip to content

Overview

Before installing Privacera, there are prerequisites from your infrastructure team that must be met. In addition, depending on the desired Privacera services features, your security team could also have requirements.

The installer, Privacera Manager, needs to run on a host server. In AWS, it is an EC2 instance and in Azure/GCP it is Virtual Machine. Depending upon the deployment type, Privacera Manager might need appropriate privileges,

If the deployment type is on Docker containers, then generally the Privacera services and Privacera Manager runs on the same host. So the host machine configuration need to be higher and also depending on the Privacera services enabled, the host machine might need additional IAM privileges. Also, all the ports used by the services need to be made accessible on the host.

If Privacera is deployed in Kubernetes cluster, then the infrastructure team need to create a Kubernetes cluster and make it available for Privacera install. IAM and other privileges needs to configured for the NodeGroups in the Kubernetes Cluster. In the Kubernetes deployment. There are options available to customize StorageClass and other Kubernetes resources.

In the Docker deployment type, generally Privacera applications and Privacera Manager runs on the same virtual server. So host where Privacera Manager and Privacera will be installed needs all the IAM roles and ports opened for external connections.

  1. Host machine for running Privacera Manager.
  2. IAM roles for the host
  3. Ports to be open for the host

In the Kubernetes deployment type, the host that will run Privacera Manager needs the configs required to connect and create resources in the Kubernetes cluster.

  1. Host machine for running Privacera Manager.
  2. IAM roles for the host

Security#

Privacera provides flexibility to meet corporate security guidance. By default, it generates self-signed SSL certificates, but it provides the option to use CA signed SSL certificates. It also supports options to use your own encryption vault and other security requirements.


Last update: September 13, 2021