Skip to content

Microsoft SQL#

This topic describes how to connect Microsoft SQL (MS SQL) application to PrivaceraCloud.

Connect Application#

  1. Go the Setting > Applications.

  2. In the Applications screen, select MS SQL.

  3. Enter the application Name and Description, and then click Save.

    You can see Access Management and Data Discovery with toggle buttons.

    Note

    If you don't see Data Discovery in your application, enable it in Settings > Account > Discovery.

Enable Access Management#

  1. Click the toggle button to enable Access Management for MS SQL.

  2. In the BASIC tab, enter the values in the give fields and click Save. For property details and description, see table below:

    Note

    Make sure that the other properties are advanced and should be modified in consultation with Privacera.

    Property Description Example
    Service URL URL connection MS SQL repository.
    Format:
    jdbc:sqlserver://<JDBC_SQLSERVER_URL_WITH_PORT_NUMBER>
    Service name Connection service name.
    Service username Username database credential
    Service password Password database credential
    Authentication Authentication Mode: SqlPassword or ActiveDirectoryPassword'
    Audit Storage URL Audit storage URL. https://test.blob.core.windows.net/sqldbauditlogs/test

    Manage database list

    Manage schema list

    Manage user list

    Manage view list

    These three properties follow the same format. For each:

    Specify a list of zero or more names of databases, list of schemas, list of users, or list of views to be PrivaceraCloud managed.

    If left blank, all target {databases, schemas, users} in the repository will be managed.

    If set to none, no databases will be managed.

    Accepts single name or multiple names with comma separation.

    Regular expressions (Regex) can be used. (E.g. *xx will match to names company_xx, products_xx, and so on.

    Create service user boolean: if true will create new users during policy synchronization.
    Service new user password The password value to be assigned to any new user created during policy synchronization.
    Manage service user, group, or role boolean: if true will manage service users (group), (role)
    Ignore user list Data access user ignore list. Comma-separated names of data access users to be ignored (non-managed) by PrivaceraCloud. This list is seeded with the list of standard data access service and administrator user names normally created by PrivaceraCloud for each account. It can be edited or augmented with additional site-specific names to be excluded from PrivaceraCloud control. "admin,rangerusersync,keyadmin,rangertagsync,hive,s3,
    dynamodb,athena,glue,redshift,kinesis,lambda,mssql,
    adls,postgres,kafka,snowflake,powerbi,padmin"
    User, Role, or Group "Prefix" A string value to be prefixed to Users, Roles, or Groups that are auto-created during synchronization. "pc_user", "pc_role_", "pc_group_"
    Perform grant updates If set to true, all grants will be executed.
    If false - grant updates will be dry-run and not actually executed.

  3. In the ADVANCED tab, you can add custom properties.

  4. Using the IMPORT PROPERTIES button, you can browse and import application properties.

Enable Data Discovery#

Click the toggle button to enable the Data Discovery for your application.

  1. In the BASIC tab, enter values in the following fields.

    • JDBC URL
    • JDBC Username‚ÄČ
    • JDBC Password
  2. In the ADVANCED tab, you can add custom properties.

  3. Using the IMPORT PROPERTIES button, you can browse and import application properties.

  4. Click the TEST CONNECTION button to check if the connection is successful, and then click Save.

Add Data Source#

To add a resources using this connection as Discovery targets, see Discovery Scan Targets.


Last update: March 8, 2022