Set up Protect

Important 

In Collibra 2024.05, we launched a new user interface (UI) for Collibra Platform! You can learn more about this latest UI in the UI overview.

Use the following options to see the documentation in the latest UI or in the previous, classic UI:

Tip 

The information in this topic varies depending on the data source you select below.

Enable Protect

This section describes how to make Protect available on your Collibra environment.

  1. Contact Collibra Support or your representative to enable Protect on your Collibra environment.
  2. Ensure that the Protect global roles and global permissions are correctly set.

    Image of the Protect global roles

    Image of the Protect global roles

  3. Ensure that the following setting is enabled by Collibra: feature.protect.databricks
    Tip This can be done by adding the following JVM parameter via Collibra Console and then restarting the service: -Dfeature.protect.databricks=true

On the main toolbar, if you click , Protect is shown.

Set up Protect for AWS Lake Formation

This section describes how to establish a connection between AWS Lake Formation and Protect.

Steps

  1. Ingest data from the data source.
  2. Create an AWS connection from the Edge site to Amazon Athena.
    Tip When creating the connection, in the Connection provider field, select AWS connection. Additionally, ensure that the user associated with the Access Key ID used in the connection has the required permissions.
  3. Add the Protect for AWS Lake Formation capability to the Edge site
    Tip 
    • When adding the capability, in the Connection field, select the AWS connection created in step 2.
    • Don't add more than one Collibra Protect for AWS Lake Formation capability to the Edge site.

Set up Protect for BigQuery

This section describes how to establish a connection between BigQuery and Protect.

Steps

  1. Ingest data from BigQuery.
  2. Create a GCP connection from the Edge site to Google BigQuery.
    Tip 
    • Apart from the JDBC connection created for the Catalog ingestion, Protect for BigQuery requires an extra connection, which is the GCP connection. The GCP connection is necessary because Protect requires access to certain GCP APIs that cannot be reached through the JDBC connection alone. The GCP connection ensures that data protection is enforced.
    • When creating the connection, in the Connection provider field, select GCP connection. Additionally, ensure that the user associated with the GCP Service Account used in the connection has the required permissions.
  3. Add the Protect for BigQuery capability to the Edge site.
    Tip 
    • When adding the capability, in the Connection field, select the GCP connection created in step 2.
    • Don't add more than one Collibra Protect for Google BigQuery capability to the Edge site.
    • If the version of the capability is 1.97.1, ensure that the JSON content in the GCP Service Account field in the GCP connection you created is Base64 encoded. You can find the version of the capability in the Version column on the Capabilities tab.

Set up Protect for Databricks

This section describes how to establish a connection between Databricks and Protect.

Steps

  1. Ingest data from Databricks.
  2. Create a Username/Password JDBC connection from the Edge site to Databricks.
    Tip When creating the connection, in the Connection provider field, select Username/Password JDBC connection. Additionally, ensure that the user associated with the Databricks role used in the connection has the required privileges.
  3. Add the Protect for Databricks capability to the Edge site.
    Tip 
    • When adding the capability, in the Connection field, select the Username/Password JDBC connection created in step 2.
    • Don't add more than one Collibra Protect for Databricks capability to the Edge site.

Set up Protect for Snowflake

This section describes how to establish a connection between Snowflake and Protect.

Steps

  1. Ingest data from the data source.
  2. Create a Username/Password JDBC connection from the Edge site to Snowflake.
    Tip When creating the connection, in the Connection provider field, select Username/Password JDBC connection. Additionally, ensure that the user associated with the Snowflake role used in the connection has the required privileges.
  3. Add the Protect for Snowflake capability to the Edge site.
    Tip 
    • When adding the capability, in the Connection field, select the Username/Password JDBC connection created in step 2.
    • Don't add more than one Collibra Protect for Snowflake capability to the Edge site.

What's next?