Amazon DynamoDB¶
The Amazon DynamoDB connector is a Palantir-provided driver for Amazon DynamoDB.
To create a new Amazon DynamoDB source, follow the standard setup flow for Palantir-provided drivers, then use the sections below for Amazon DynamoDB-specific configuration and networking. For the complete property reference, see the official Amazon DynamoDB driver documentation ↗.
Configuration¶
The properties below are mandatory or recommended.
| Property | Required? | Description | Default |
|---|---|---|---|
AuthScheme ↗ |
Mandatory | Specifies the type of authentication to use when connecting to Amazon DynamoDB. If this property is left blank, the default authentication is used. | AwsRootKeys |
AWSAccessKey ↗ |
Recommended | Specifies your AWS account access key. This value is accessible from your AWS security credentials page. | — |
AWSRegion ↗ |
Recommended | The hosting region for your Amazon Web Services. | NORTHERNVIRGINIA |
AWSSecretKey ↗ |
Recommended | Your AWS account secret key. This value is accessible from your AWS security credentials page. | — |
Domain ↗ |
Recommended | Specifies your AWS domain name. Use this property to set a custom domain name if your organization has associated one with AWS. | amazonaws.com |
Networking¶
The table below lists the domains that the source needs to be able to access in order to successfully run.
For each domain, add a corresponding egress policy. If the source is hosted on-premises and not directly reachable from Foundry, use an agent proxy egress policy instead; the agent host itself must also be able to reach the listed domains. See using an agent as a proxy for details.
| Domain | Required |
|---|---|
| dynamodb.\ |
Always. AWSRegion Mappings |
| sts.\ |
If AuthScheme=AwsIAMRoles,AwsMFA,TemporaryCredentials |
| cognito-idp.\ |
If AuthScheme=AwsCognitoBasic,AwsCognitoSrp |
| cognito-identity.\ |
If AuthScheme=AwsCognitoBasic,AwsCognitoSrp |
| \ |
If AuthScheme=Okta,ADFS,PingFederate, use SSOLoginURL property |
| \ |
If AuthScheme=AzureAD, Resource set in SSOProperties |
| \ |
If AuthScheme=Okta |
中文翻译¶
Amazon DynamoDB¶
Amazon DynamoDB 连接器是 Palantir 提供的用于 Amazon DynamoDB 的驱动程序。
要创建新的 Amazon DynamoDB 数据源,请遵循 Palantir 提供驱动程序的标准设置流程,然后使用以下各节进行 Amazon DynamoDB 特定的配置和网络设置。有关完整的属性参考,请参阅官方 Amazon DynamoDB 驱动程序文档 ↗。
配置¶
以下属性为必填或推荐项。
| 属性 | 是否必填 | 描述 | 默认值 |
|---|---|---|---|
AuthScheme ↗ |
必填 | 指定连接到 Amazon DynamoDB 时使用的身份验证类型。如果此属性留空,则使用默认身份验证。 | AwsRootKeys |
AWSAccessKey ↗ |
推荐 | 指定您的 AWS 账户访问密钥。此值可从您的 AWS 安全凭证页面获取。 | — |
AWSRegion ↗ |
推荐 | 您的 Amazon Web Services 托管区域。 | NORTHERNVIRGINIA |
AWSSecretKey ↗ |
推荐 | 您的 AWS 账户秘密密钥。此值可从您的 AWS 安全凭证页面获取。 | — |
Domain ↗ |
推荐 | 指定您的 AWS 域名。如果您的组织已将自定义域名与 AWS 关联,请使用此属性进行设置。 | amazonaws.com |
网络配置¶
下表列出了数据源为成功运行而需要能够访问的域名。
对于每个域名,请添加相应的出站策略。如果数据源部署在本地且无法直接从 Foundry 访问,请改用代理出站策略;代理主机本身也必须能够访问所列出的域名。详情请参阅使用代理作为代理服务器。
| 域名 | 必需条件 |
|---|---|
| dynamodb.\ |
始终需要。AWSRegion 映射 |
| sts.\ |
如果 AuthScheme=AwsIAMRoles,AwsMFA,TemporaryCredentials |
| cognito-idp.\ |
如果 AuthScheme=AwsCognitoBasic,AwsCognitoSrp |
| cognito-identity.\ |
如果 AuthScheme=AwsCognitoBasic,AwsCognitoSrp |
| \ |
如果 AuthScheme=Okta,ADFS,PingFederate, 使用 SSOLoginURL 属性 |
| \ |
如果 AuthScheme=AzureAD, 在 SSOProperties 中设置 Resource |
| \ |
如果 AuthScheme=Okta |