Versions Compared

Old Version 2

changes.mady.by.user Octavian Chiriac

Saved on

compared with

New Version 3

changes.mady.by.user Octavian Chiriac

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languagejs
themeDJango
titleSample Distribution Profile
linenumberstrue
{
"data_sinks": [
       { 
       "sink": "sftp_sink",
       "type": "sftp",
       "credentials": {
           "user_id": "eagle",
           "password": "eagle1"
       },
       "cfg": {
           "host": "inno-mlperfapp01",
           "port": 22,
           "compression_codec": "gzip"
       }
     },
       { 
       "sink": "sftp_extracts",
       "type": "sftp",
       "credentials": {
           "user_id": "eagle",
           "password": "eagle1"
       },
       "cfg": {
           "host": "inno-mlperfapp01",
           "port": 22,
           "compression_codec": "gzip",
           "location": "extracts"
       }
     }
   ]
}

...

The above RTR will create a credentials configuration which can be referred with the "credentials":  "clientcredentials/sftpcrendentials" element in the distribution profile file.


Data Encryption

The data to be distributed can be encrypted. Currently only GPG is supported. The encryption is enabled using the encryption_policy element in the distribution profile as shown in the example below.

Code Block
languagejs
themeDJango
titleSample of Distribution With Encryption Profile
linenumberstrue
{
"data_sinks": [
       { 
       "sink": "sftp_sink",
       "type": "sftp",
       "credentials": " "clientcredentials/sftpcrendentials",
       "cfg": {
           "host": "inno-mlperfapp01",
           "port": 22,
           "compression_codec": "gzip"
       }
     },
       { 
       "sink": "sftp_extracts",
       "type": "sftp",
       "encryption_policy": { 
		"codec" : "gpg",
		 "credentials" : {
                        "client_id": "eaglekey"
		 }
	},
       "credentials":  "clientcredentials/sftpcrendentials",
       "cfg": {
           "host": "inno-mlperfapp01",
           "port": 22,
           "compression_codec": "gzip",
           "location": "extracts"
       }
     }
   ]
}

The encryption_policy has a codec element specifying the encryption type. Currently only gpg is supported.

The credentials/client_id specifies the GPG destination name.

The "credentials" element can be an embedded configuration as shown in the example or a string with a reference to the encrypted configuration as shown in Encrypted Credentials section.


The "encryption_policy" can be a string reference to an encryption policy configuration stored in eagle/estar/tpe/dynamic/metadata/encryptions/polycyname.json files.

For example if we have a file eagle/estar/tpe/dynamic/metadata/encryptions/gpgpolicy.json with the following content:

Code Block
languagejs
themeDJango
titleSample Encrypton Policies File
linenumberstrue
{
  "encryption_policies" :  {
	"gpg_policy" : {
		"codec" : "GPG",
		"armor": "gpgarmor",
		"credentials" : "eagle_certificates/gpgcert"
	}
  }
}

 we can refer to it from the distribution profile as:

"encryption_policy": "gpgpolicy/gpg_policy"

The GPG encryption policy currently supports the following parameters:

"armor" - the armor for GPG - please refer to GPG documentation for description

"credentials"/"client_id" - the recipient, for which we should have a certificate imported in GPG