Skip to main content

Privacera Platform master publication

Discovery in GCP
:
Discovery

This topic allows you to set up the GCP configuration for installing Privacera Discovery in a Docker and Kubernetes environment.

Prerequisites

Ensure the following prerequisites are met:

  • Create a service account and add the following roles. For more information, refer to Creating a new service account.

    • Editor

    • Owner

    • Private Logs Viewer

    • Kubernetes Engine Admin (Required only for a Kubernetes environment)

  • Create a Bigtable instance and get the Bigtable Instance ID. For more information, refer to Creating a Cloud Bigtable instance.

CLI configuration
  1. SSH to the instance where Privacera is installed.

  2. Configure your environment.

    • Configure Discovery for a Kubernetes environment. You need to set the Kubernetes cluster name. For more information, see Discovery (Kubernetes Mode)

    • For a Docker environment, you can skip this step.

  3. Run the following commands.

    cd ~/privacera/privacera-manager
    cp config/sample-vars/vars.discovery.gcp.yml config/custom-vars/
    vi config/custom-vars/vars.discovery.gcp.yml
    
  4. Edit the following properties. For property details and description, refer to the Configuration Properties below.

    BIGTABLE_INSTANCE_ID: "<PLEASE_CHANGE>"
    DISCOVERY_BUCKET_NAME: "<PLEASE_CHANGE>"
    
  5. (Optional) If you want to customize Discovery configuration further, you can add custom Discovery properties. For more information, refer to Discovery Custom Properties.

    For example, by default, the username and password for the Discovery service is padmin/padmin. If you choose to change it, refer to Add Custom Properties.

  6. For real-time scanning, run the following.

    cd ~/privacera/privacera-manager
    cp config/sample-vars/vars.pkafka.gcp.yml config/custom-vars/
    

    Note

    • Recommended: Use Google Sink based approach to enable real-time scan of applications on different projects, click here.

    • Optional: Use Google Logging API based approach to enable real-time scan of applications on different projects, click here.

  7. Run the following commands.

    cd ~/privacera/privacera-manager
    ./privacera-manager.sh update
    
Configuration properties

Property

Description

Example

BIGTABLE_INSTANCE_ID

Get the value by navigating to **Navigation Menu->Databases->BigTable->Check the instance id column**.

BIGTABLE_INSTANCE_ID: "table_1"

DISCOVERY_BUCKET_NAME

Give a name where the Discovery will store it's metadata files.

DISCOVERY_BUCKET_NAME="bucket_1"