Integration of Privacera and AWS Lake Formation Provides Customers with More Data Security Options
Many organizations are using AWS Lake Formation to manage data security and access management for Amazon Athena, Amazon Redshift Spectrum, or Presto with Amazon EMR, but they want to be able to manage other sources with a single central data security platform. Thus, allowing organizations to apply consistent and un-siloed data security and access policies across all their data sources, reduce the effort required to manage data security and access policies, make data more accessible, and enhance their security posture.
Privacera is an AWS Data & Analytics Software Competency Partner and has delivered two new solutions that integrate Privacera and AWS Lake Formation to extend AWS Lake Formation across AWS and non-AWS data and analytical environments. These two new integrated solutions allow AWS customers to augment their usage of AWS Lake Formation, while having the choice to author, manage, and monitor data security and access policies in a single central location, using either AWS Lake Formation or Privacera. These solutions are purpose-built for AWS customers that want or need to use Lake Formation as part of their overall data security governance solution but require additional functional capabilities or source support that Privacera can provide.
Privacera, a leading unified data security governance platform provider, offers a complete unified data security governance solution for most AWS data and analytics services, like Amazon S3, Amazon EMR, Amazon Redshift, and Amazon RDS, and third-party services that run on AWS, like Databricks and Snowflake. Privacera also supports multi and hybrid-cloud architectures. Now, Privacera has extended its integration with AWS services to include AWS Lake Formation, allowing customers to either create and manage data security and access policies centrally in AWS Lake Formation with Privacera extending AWS Lake Formation source support, or centrally create and manage data security and access policies in Privacera and leverage AWS Lake Formation integration with AWS services.
Both Privacera solutions for AWS Lake Formation provide data security and access policy authorship and maintenance from one safe and convenient location to help organizations reduce overall data policy creation, management, and monitoring complexities.
AWS Lake Formation as the Central Data Security Policy Store
This solution is ideal for customers who have an AWS services-first approach in building their data architecture and are using or planning to use AWS Lake Formation for centralized data governance. If you are using or planning on using AWS Lake Formation for Amazon Athena, Amazon Redshift Spectrum, Redshift data sharing, or Amazon EMR Presto, but also need to extend AWS Lake Formation to Databricks, Trino, or Amazon EMR Spark and Hive using this solution should meet your needs.
Privacera has integrated with AWS Lake Formation through the AWS Lake Formation API to provide native connectivity to Databricks, Trino, and Amazon EMR Spark and Hive.
This AWS Lake Formation solution allows AWS users to create and manage all data access policies in AWS Lake Formation, including Databricks, Trino, and Amazon EMR Spark and Hive, taking advantage of AWS Lake Formation’s integration with Amazon Athena, Amazon Redshift Spectrum, and AWS Glue.
This solution enables:
- Data access policy creators can use the AWS Lake Formation UI and capabilities that they are familiar with to leverage AWS Glue and ensure consistency in policies.
- Privacera automatically pulls Databricks, Amazon EMR, and Trino Policies that were created in Lake Formation.
- Privacera automatically translates the Databricks, Amazon EMR, and Trino Policies into source native policies for enforcement.
- Lake Formation directly enforces policies for AWS Lake Formation-supported sources.
- Amazon S3 access is managed consistently with Amazon Redshift, Amazon Athena, Amazon EMR, Trino, and Databricks permissions that are centrally managed in AWS Lake Formation.
- AWS Lake Formation and Privacera both use AWS CloudTrail to provide an integrated and holistic view of an organization’s data access and security policies, as well as what data is being accessed, when, and who is accessing it.
This solution provides unified, cross-account, fine-grained data security governance across Amazon Redshift, Amazon Athena, Amazon EMR, Databricks, and Trino.
Privacera as the Central Data Security Policy Store
This solution is ideal for customers that have complex data and analytics ecosystems, and want to have unified data security governance natively on sources, such as Amazon S3, Snowflake, Databricks with or without Unity Catalog, Amazon EMR, Amazon Athena, Amazon Redshift, Amazon RDS, and many more, but also want to leverage AWS Lake Formation that need fine-grained access control on Amazon Redshift Spectrum, or who wish to use AWS Lake Formation to enforce access controls on Amazon Athena. This solution also can be used in a multi or hybrid-cloud architecture.
This solution also integrates with AWS Lake Formation through the AWS Lake Formation application API, but this solution allows AWS users to create and manage all data access policies in Privacera using the Privacera UI and capabilities that they know.
This solution enables:
- Data access policy creators can use the Privacera UI and capabilities that they are familiar with to ensure consistency in policies.
- Privacera automatically translates and pushes the data security and access policies into native AWS Lake Formation policies for Amazon Athena or Amazon Redshift Spectrum.
- AWS Lake Formation automatically enforces policies for AWS-supported sources.
- Privacera translates data security and access policies to supported sources to natively enforce the data access controls.
- Privacera’s integration with AWS Glue allows organizations the option of leveraging AWS Glue if they desire.
This solution provides unified, cross-account, fine-grained data security governance across over 50 data sources and data governance and security services and products. It also allows users to benefit from unique Privacera capabilities, such as:
● Custom conditions, that allow data access and security to be applied based on a condition, such as completion of PII training
● Wild carding for access controls, which allows organizations with well-defined naming conventions to broadly allocate data access to resources based on their naming conventions, which also will apply to future resources based on that naming convention
● Compliance workflows, which allow compliance rules to be created once and applied across your data ecosystem
● Governed Data Stewardship, which allows organizations to create virtual business data domains/sets and delegate data security and access ownership to data stewards while providing data security guardrails
Delivering Solutions to Meet Your Requirements
Privacera is committed to delivering data security governance solutions to meet our customers’ needs. Privacera can be used with or without AWS Lake Formation depending on your needs, but if you are currently using or planning on using AWS Lake Formation, Privacera has 2 new integrated solutions for you that can either extend AWS Lake Formation into additional sources or that can leverage AWS Lake Formation to power data security for Amazon Redshift Spectrum or Amazon Athena. These solutions allow AWS Lake Formation and Privacera users to benefit from source access and unique capabilities from both AWS Lake Formation and Privacera creating a better together solution that, in certain scenarios, is more powerful than each independent product.