Skip to content

RDS - Aurora DB#

PostgreSQL#

This topic allows you to configure External RDS Aurora DB with PostGres flavour for Portal, Ranger, Ranger KMS, Access Request Manager.

Pre-requisites

Before you begin, ensure the following pre-requisites are met:

  • Create RDS Aurora DB with PostGres flavour with a database name. You'll need to use the database name in the Configuration section below.

    Note

    The RDS database name which you will be entering in the Configuration section below should be created in advance. Privacera does not create a RDS database, but only creates table schemas.

  • If you have installed Privacera using the internal Maria DB and wish to move from the internal database to an external PostgreSQL DB, then you will have to delete the Maria DB container/pod. For more information, see Service Commands.

Configuration

  1. SSH to instance as ${USER}.

  2. Run the following command.

    cd ~/privacera/privacera-manager
    cp config/sample-vars/vars.external.db.postgres.yml config/custom-vars/
    vi config/custom-vars/vars.external.db.postgres.yml
    
  3. In this file set values for the following:

    Set the following as False.

    DB_INSTALL_MARIADB: "false"
    

    Enter the hostname of the AWS PostgreSQL server, and the name of the database you want to connect to. Get the name of the database from the Prerequisites section above.

    EXTERNAL_DB_HOST: "<PLEASE_CHANGE>"
    EXTERNAL_DB_NAME: "<PLEASE_CHANGE>"
    

    Enter the credentials of the user who has access to the database.

    EXTERNAL_DB_USER: "<PLEASE_CHANGE>"
    EXTERNAL_DB_PASSWORD: "<PLEASE_CHANGE>"
    

    (Optional) Enter a database name for Privacera Portal, Privacera Ranger, and Privacera Ranger KMS. It is recommended to provide different names for the 3 databases.

    PRIVACERA_PORTAL_DB_NAME: "{{EXTERNAL_DB_NAME}}"
    PRIVACERA_RANGER_DB_NAME: "{{EXTERNAL_DB_NAME}}"
    PRIVACERA_RANGER_KMS_DB_NAME: "{{EXTERNAL_DB_NAME}}"
    

    Save and Exit.

  4. Run the following command.

    cd ~/privacera/privacera-manager
    ./privacera-manager.sh update
    

MySQL#

This topic allows you to configure External RDS Aurora DB with MySQL flavour for Portal, Ranger, Ranger KMS, Access Request Manager.

Pre-requisites

Before you begin, ensure the following pre-requisites are met:

  • Create RDS Aurora DB with MySQL flavour with a database name. You'll need to use the database name in the Configuration section below.

    Note

    The RDS database name which you will be entering in the Configuration section below should be created in advance. Privacera does not create a RDS database, but only creates table schemas.

  • If you have installed Privacera using the internal Maria DB and wish to move from the internal database to an external MySQL DB, then you will have to delete the Maria DB container/pod. For more information, see Service Commands.

Configuration

  1. SSH to instance as ${USER}.

  2. Run the following command.

    cd ~/privacera/privacera-manager
    cp config/sample-vars/vars.external.db.mysql.yml config/custom-vars/
    vi config/custom-vars/vars.external.db.mysql.yml
    
  3. In this file set values for the following:

    Set the following as False.

    DB_INSTALL_MARIADB: "false"
    

    Enter the hostname of the AWS MySQL server, and the name of the database you want to connect to. Get the name of the database from the Prerequisites section above.

    EXTERNAL_DB_HOST: "<PLEASE_CHANGE>"
    EXTERNAL_DB_NAME: "<PLEASE_CHANGE>"
    

    Enter the credentials of the user who has access to the database.

    EXTERNAL_DB_USER: "<PLEASE_CHANGE>"
    EXTERNAL_DB_PASSWORD: "<PLEASE_CHANGE>"
    

    (Optional) Enter a database name for Privacera Portal, Privacera Ranger, and Privacera Ranger KMS. It is recommended to provide different names for the 3 databases.

    PRIVACERA_PORTAL_DB_NAME: "{{EXTERNAL_DB_NAME}}"
    PRIVACERA_RANGER_DB_NAME: "{{EXTERNAL_DB_NAME}}"
    PRIVACERA_RANGER_KMS_DB_NAME: "{{EXTERNAL_DB_NAME}}"
    

    Save and Exit.

  4. Run the following command.

    cd ~/privacera/privacera-manager
    ./privacera-manager.sh update
    

Note

Make sure you're familiar with encryption for Aurora. See the Aurora documentation.