Configuration
Configuration
Breadcrumbs

Plugin Capabilities

Introduction

This document is a guide to present:

  • Plugin capabilities

  • Plugin restrictions or limitations

Tot Plugin Capabilities

Active Governance

Allows delegating the provisioning of user groups to which data access permissions are subsequently assigned for resources governed by the product being exploited.

YAML
totplugin:
  server:
    url: https://tot1server.anjanadata.local:15000/tot/
  connection:
    - name: plugin1
      aris:
        - ari: "anja:totplugin:im:/azure/ad/pre/"
      technology:
        clientId: "aaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee"
        tenantId: "aaaaaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeee"
        secret: "aaaaaaaabbbbbbbbcccccccceeeeeeeeddddddddd"
        scopes: "https://graph.microsoft.com/.default"
        groupPrefix: Dsa_


Furthermore, it is capable of creating data resources in the product, which are exploited when an entity is created in Anjana as governed in a triplet with active governance configuration.

YAML
totplugin:
  server:
    url: https://tot1server.anjanadata.local:15000/tot/
  connection:
    - name: plugin1
      aris:
        - ari: "anja:totplugin:extract:/azure/files/pre/"
        - ari: "anja:totplugin:sample:/azure/files/pre/"
        - ari: "anja:totplugin:edit:/azure/files/pre/"
        - ari: "anja:totplugin:im:/azure/files/pre/"
          imAri: "anja:totplugin:im:/azure/ad/pre/"
      technology:
        storageAccount: totpluginazure
        key: "aaaaaaaaabbbbbbbbbbcccccccccccddddddddeeeeeeeefffffff=="
        sampleRows: 15
        pathSeparator: "/"


In the example above, what happens step by step is:

  1. For the plugin to which identity management is delegated, the triplet is set the same as in its configuration but starting with "imAri" below the triplet that manages permissions.

  2. The identity management plugin (imAri triplet source) will create a group, grant memberships to users and return an identifier to the "- ari: anja:totplugin:im:" triplet.

  3. The triplet that manages permissions (- ari: anja:totplugin:im:) with the received identifier will grant permissions through the specific technology (GRANT, ACL, …)

Data Sampling

Through the resolution of the logical connection provided by the triplet, the plugin connects to the data resource and retrieves the first X rows of its content. It is also possible to obfuscate information from certain sampling columns based on the "pi" attribute of DATASET_FIELDS and the obfuscationString configuration.

sampleRows: 15 → Maximum number of rows we will be able to see.

ofuscationString: "***" → Text string with which the information received from sampling will be replaced.

YAML
totplugin:
  server:
    url: https://tot1server.anjanadata.local:15000/tot/
  connection:
    - name: plugin1
      aris:
        - ari: "anja:totplugin:extract:/azure/files/pre/"
        - ari: "anja:totplugin:sample:/azure/files/pre/"
        - ari: "anja:totplugin:im:/azure/files/pre/"
          imAri: "anja:totplugin:im:/azure/ad/pre/"
      technology:
        storageAccount: totpluginazure
        key: "aaaaaaaaabbbbbbbbbbcccccccccccddddddddeeeeeeeefffffff=="
        sampleRows: 15
        pathSeparator: "/"


Metadata Extraction

Through the resolution of the logical connection provided by the triplet, the plugin is able to connect to the data resource and return its metadata.

YAML
totplugin:
  server:
    url: https://tot1server.anjanadata.local:15000/tot/
  connection:
     - name: plugin1
      aris:
        - ari: "anja:totplugin:extract:/azure/files/pre/"
        - ari: "anja:totplugin:sample:/azure/files/pre/"
        - ari: "anja:totplugin:im:/azure/files/pre/"
          imAri: "anja:totplugin:im:/azure/ad/pre/"
      technology:
        storageAccount: totpluginazure
        key: "aaaaaaaaabbbbbbbbbcccccccccccddddddddeeeeeeeefffffff=="
        sampleRows: 15
        pathSeparator: "/"


Object Editing

Through the resolution of the logical connection provided by the triplet, the plugin is able to connect to the data resource and generate changes in it motivated by the activation/deactivation of entities in Anjana.

YAML
totplugin:
  server:
    url: https://tot1server.anjanadata.local:15000/tot/
  connection:
    - name: plugin1
      aris:
        - ari: "anja:totplugin:extract:/azure/files/pre/"
        - ari: "anja:totplugin:sample:/azure/files/pre/"
        - ari: "anja:totplugin:edit:/azure/files/pre/"
        - ari: "anja:totplugin:im:/azure/files/pre/"
          imAri: "anja:totplugin:im:/azure/ad/pre/"
      technology:
        storageAccount: totpluginazure
        key: "aaaaaaaaabbbbbbbbbbcccccccccccddddddddeeeeeeeefffffff=="
        sampleRows: 15
        pathSeparator: "/"

Other capabilities

There are other plugin-level capabilities such as tag updates that are specific to each technology.

Limitations or restrictions

  • Each plugin can manage multiple connections, so if the infrastructure requires connecting to, for example, two different SQL Servers, a single SQL Server plugin can include both connections.

  • It is also possible to deploy more than one plugin, each with a different connection.

    • It should be noted that this approach implies greater resource consumption in the infrastructure.

  • In any case, it should be noted that triplets cannot be shared between different plugins or between connections of the same plugin. Each triplet must be unique.