This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Understanding the architecture

1 - For the Application Protector REST Approach

The architecture for installing the AWS Databricks protector using the Application Protector REST approach is depicted in the image below.

An outline of the steps in the workflow is explained below.

  1. Download the AWS Databricks build from the customer portal and extract the configurator script.
  2. Execute the configurator script to retrieve the IP address of the Application Protector REST server.
  3. Use the IP address to generate the CA, client, and server certificates.
  4. Store the content of the CA and the client certificates as Secrets in the Secret Manager.
  5. Create a Databricks Unity Catalog Service Credentials to access the Secrets from the Secret Manager .
  6. Execute the configurator script to create the Unity Catalog Batch Python UDFs.
  7. Edit the cluster configuration to include the environment variables and attach the initialization script.

2 - For the Cloud Protector Approach

The architecture for installing the AWS Databricks protector using the Cloud Protector approach is depicted in the image below.

An outline of the steps in the workflow is explained below.

  1. Install and configure the Cloud Protector.
  2. Create an AWS Databricks Unity Catalog Service Credential and connect it with the AWS IAM roles.
  3. Create a Databricks Compute.
  4. On a Linux staging machine, download and extract the installation package for AWS Databricks from the customer portal, for the Databricks Compute.
  5. Execute the configurator script to create the Batch Python UDFs at the Unity Catalog level.
  6. Attach an AWS Databricks Notebook to the Databricks Compute.
  7. Execute the Unity Catalog Batch Python UDFs to protect and unprotect data.