After you created and installed an Edge site, you can create a connection to Amazon Web Services.
Available vaults
|
You can use a vault to add your data source information to your Edge site connection. |
None
AWS Secrets Manager
Azure Key Vault
CyberArk Vault
Google Secret Manager
HashiCorp Vault
|
|
|
|
Before you begin
- You have created and installed an Edge site.
- You have added a vault to your Edge site.
Required permissions
- You have a global role that has the Manage connections and capabilities global permission, for example, Edge integration engineer.
- You have the following Amazon Bedrock API permissions:
bedrock:ListCustomModelsbedrock:ListFoundationModelsbedrock:ListCustomModels
For details about these API permissions, go to Amazon Bedrock Permission APIin the AWS documentation.
Steps
- Open an Edge site.
-
On the main toolbar, click
, and then click
Settings.
The Collibra settings page opens. -
In the tab pane, click Edge.
The Sites tab opens and shows a table with an overview of the Edge sites. - In the table, click the name of the Edge site whose status is Healthy.
The Edge site page opens.
-
On the main toolbar, click
- In the Connections section, click Create connection.
The Create connection page appears. - Select the AWS connection to connect to Amazon S3.
- Enter the required information.
Field Description Required Name The name of the Edge AWS connection.
YesDescription The description of the connection.
No
Vault The vault where you store your data source values. No
Authentication type The type of authentication you use. The possible values are IAM and EC2.
Use type EC2 AWS if you want to connect to an AWS EC2 instance that is configured with role based authentication. For more details, go to Prepare S3 for Edge.
Yes
Access Key ID The access key ID of the programmatic AWS user.
How to use your vault...To use your vault, do the following:- In the Value Type field, select Vault Key.
- Enter the query value to identify the secret in your vault.Example
To use your vault, do the following:- In the Value Type field, select Vault Key.
- Enter the required information:
Name Description Secret Engine Type Select one of the following:
- Key Value
- Database
Engine Path The engine path to your vault where the value is stored. Secret Path The secret path to your vault where the value is stored. Field The name of the field to your vault where the value is stored.
Note Only available if you selected Key Value in the Secret Engine Type field.
Role The role specified in the Database engine.
Note Only available if you selected Database in the Secret Engine Type field.
Example
To use your vault, do the following:- In the Value Type field, select Vault Key.
- Enter the required information:
Name Description Vault Name The name of your Azure Key Vault in your Azure Key Vault service where the value is stored. Secret Name The name of the secret in your vault where the value is stored. Example
To use your vault, do the following:- In the Value Type field, select Vault Key.
- Enter the required information:
Name Description Secret Name The name of the secret in your vault where the value is stored. Field If the secret stored in your AWS Secrets Manager is a JSON value, for example
{"pass1": "my-password", "pass2": "my-password2"}, then you need to specify the Field to point to the exact JSON value that should be used. For example,Secret Name: edge-db-customer; Field: pass.Note If the secret stored in your AWS Secrets Manager is a plain string value, for example
my-password, then you do not need to specify the Field.Example
To use your vault, do the following:- In the Value Type field, select Vault Key.
- Enter the name of the secret in your vault where the value is stored.
Example
Yes for IAM authentication type. Secret Access Key The secret access key of the programmatic AWS user.
How to use your vault...To use your vault, do the following:- In the Value Type field, select Vault Key.
- Enter the query value to identify the secret in your vault.Example
To use your vault, do the following:- In the Value Type field, select Vault Key.
- Enter the required information:
Name Description Secret Engine Type Select one of the following:
- Key Value
- Database
Engine Path The engine path to your vault where the value is stored. Secret Path The secret path to your vault where the value is stored. Field The name of the field to your vault where the value is stored.
Note Only available if you selected Key Value in the Secret Engine Type field.
Role The role specified in the Database engine.
Note Only available if you selected Database in the Secret Engine Type field.
Example
To use your vault, do the following:- In the Value Type field, select Vault Key.
- Enter the required information:
Name Description Vault Name The name of your Azure Key Vault in your Azure Key Vault service where the value is stored. Secret Name The name of the secret in your vault where the value is stored. Example
To use your vault, do the following:- In the Value Type field, select Vault Key.
- Enter the required information:
Name Description Secret Name The name of the secret in your vault where the value is stored. Field If the secret stored in your AWS Secrets Manager is a JSON value, for example
{"pass1": "my-password", "pass2": "my-password2"}, then you need to specify the Field to point to the exact JSON value that should be used. For example,Secret Name: edge-db-customer; Field: pass.Note If the secret stored in your AWS Secrets Manager is a plain string value, for example
my-password, then you do not need to specify the Field.Example
To use your vault, do the following:- In the Value Type field, select Vault Key.
- Enter the name of the secret in your vault where the value is stored.
Example
Yes for IAM authentication type. - Click Create.
The connection is added to the Edge site.
The fields become read-only.
What's next?
You can now add the AWS Bedrock AI capability to an Edge site.