Integrations
Integrations
Breadcrumbs

Denodo

Integration model

Metadata extraction

For the extraction of metadata from an object, the methods offered by the driver com.denodo.vdp.jdbc.Driver are used, through which access to the definition of schemas and tables is obtained.

The plugin extracts the following attributes, which must have the same names in the attribute_definition table, field name, so that they appear in the template:

  • catalog with the catalog value in the database

  • schema with the schema value in the database

  • physicalName and name with the same value, the table name

  • path with the concatenation of catalog, schema and table values

  • infrastructure with the selected value

  • technology with the selected value

  • zone with the selected value

  • tags are the view-level labels that the tables have.


It also sends the following attributes related to the fields of the requested resource:

  • name and physicalName with the field value

  • defaultValue with the default value defined for the field

  • fieldDataType with the data type defined for the field

  • length with the field size

  • incrementalField indicating whether it is an incremental field

  • position position of the field

  • precision with the precision value of the field

  • nullable indicating whether the field is nullable

  • pk indicating whether the field is a pk

  • description with the value for the field

  • tags are the column-level labels that the tables have.


The attributes to be created in Anjana must have the following types:

Attribute name

Attribute type

Catalog

INPUT_TEXT

Schema

INPUT_TEXT

PhysicalName

INPUT_TEXT

Path

INPUT_TEXT

Infrastructure

SELECT

Technology

SELECT

Zone

SELECT

Tags

ARRAY_ALPHANUMERICAL

Name

INPUT_TEXT

DefaulValue

INPUT_TEXT

FieldDataType

INPUT_TEXT

Length

INPUT_NUMBER

IncrementalField

INPUT_CHECKBOX

Position

INPUT_NUMBER

Precision

INPUT_NUMBER

Nullable

INPUT_CHECKBOX

Pk

INPUT_CHECKBOX

Description

ENRICHED_TEXT_AREA_INTERNATIONAL


The plugin is capable of extracting metadata from the following types of Denodo elements:

  • Database table views

  • Interfaces

  • Derived

Tables with special characters in their name

This technology allows characters such as "/" in the name; if they are being used, the path-separator must be configured with a character other than "/". See File extraction for more details.

Data sampling

Using the Java driver com.denodo.vdp.jdbc.Driver, a simple SELECT query is executed to access a limited number of elements from the table to retrieve a sample of the stored data. Additionally, the values of sensitive fields are replaced by asterisks.

If any type of View is incorrectly defined in Denodo, sampling will not be possible. Similarly, if the implementations associated with Interface-type Views are modified after having been created, sampling will also fail.

Active governance

Through queries, Denodo roles can be created/deleted when a DSA is approved or expires, and the necessary permissions on the table view (Read, Write) are managed when datasets are added or expire in a DSA.

The Ldap or Entra ID plugin must be deployed to allow group creation.

Object editing

When a non-native entity is activated or deactivated, through queries, permissions on the corresponding tables for Denodo roles are granted or revoked.

Required credentials

Metadata extraction

User with the necessary privileges to perform SELECT on the views of the tables to be governed (Connect, Metadata and Execute).

Data sampling

User with the necessary privileges to perform SELECT on the views of the tables to be governed (Connect, Metadata and Execute).

Active governance

To perform active governance operations, the following roles are required on the connection user specified in the yml:

  • create_role -> Required to create roles.

  • assignprivileges -> Required to perform grant/revoke.

  • drop_role-> Required to delete roles.

Object editing

When a non-native entity is activated or deactivated in Anjana, the plugin will grant or revoke permissions on the corresponding tables. To perform these actions, the connection user specified in the yml must have the following permission:

  • assignprivileges -> Required to perform grant/revoke.

Authentication and authorization

With Ldap

For the Denodo plugin to work, it is necessary to enable authentication and authorization with Ldap in Denodo. To do this, follow these steps:

https://community.denodo.com/docs/html/browse/8.0/en/vdp/administration/server_configuration/server_authentication/ldap_authentication/ldap_authentication

For both authentication and authorization to work, users must not exist in Denodo, only in Ldap; this way it connects to Ldap to authenticate and authorize.

With Entra ID

For the Denodo plugin to work, it is necessary to enable authentication and authorization with EntraID in Denodo. To do this, follow these steps:

https://community.denodo.com/kb/en/tag/Azure%20AD

For both authentication and authorization to work, users must not exist in Denodo, only in EntraID; this way it connects to EntraID to authenticate and authorize.

Tag updates

It is possible for the plugin to automatically update the tags modified in Anjana in Denodo from all datasets that are governed and are approved or deprecated. This synchronization is performed through a batch whose configuration is done via a crontab command that defines the frequency at which the action is to be executed.

To perform tag update operations, the following roles are required on the connection user specified in the yml:

  • manage_tags -> Required to create tags.

  • assign_tags -> Required to assign tags to columns.

In the following example the process runs Monday through Friday every hour from 7:00 to 22:00:

YAML
totplugin:
  batch:
    tags:
      cron: 0 0 7-22 * * MON-FRI


Additionally, the triplet ARI must be configured to specify which Anjana objects will be acted upon.

YAML
totplugin:
  connection:
    - ...
      aris:
        ari: "anja:totplugin:updateTags:/jdbc/denodo/denodo/"


There is also the option to configure the separator that Anjana uses to retrieve the values of a list-type attribute. Normally this value does not need to be changed, but if it does, the following configuration can be modified:

YAML
totplugin:
  anjana:
    attributeSeparator: "_-"

The tags attribute of datasets and dataset fields must be named 'tags' in the attribute_definition table and be of type ARRAY_ALPHANUMERICAL.


Configuration

Connectivity

The plugin's connectivity is achieved through:

  • JDBC protocol. The connection URL to the VDP must be provided as explained in the example configuration file

  • Port. The standard VDP port is usually 9999, although this may vary depending on the context in which the plugin is installed

Case sensitive queries

The Denodo plugin launches queries including tag names, roles, schemas and datasources in double quotes to make them case sensitive, but it is also necessary to configure the following property in the Denodo portal:

att_1_for_171868349.png

Check available tags in Denodo

There are two options:

  • In the tags section of Denodo

att_2_for_171868349.png


  • By running this query

SQL
SELECT column_name, tag_name from GET_VIEW_TAGS() WHERE INPUT_DATABASE_NAME = 'dev' and INPUT_VIEW_NAME= 'anjana_adherence_cart';


They appear like this:

att_4_for_171868349.png