跳转至

Oracle NetSuite SuiteAnalytics

Connect Foundry to Oracle NetSuite via SuiteAnalytics Connect to sync data from your NetSuite ERP to Foundry.

:::callout{theme="note"} SuiteAnalytics needs to be enabled on your NetSuite instance. See NetSuite documentation ↗ to enable it. :::

Supported capabilities

Capability Status
Exploration 🟢 Generally available
Batch syncs 🟢 Generally available
Incremental 🟢 Generally available

Setup

  1. Open the Data Connection application and select + New Source in the upper right corner of the screen.
  2. Select JDBC from the available connector types.
  3. Follow the additional configuration prompts to continue the setup of your connector using the information in the sections below.

Learn more about setting up a connector in Foundry.

Authentication

You can authenticate with SuiteAnalytics with a username/password combination. We recommend the use of service user credentials rather than individual user credentials.

Configure user roles and permissions in NetSuite

In NetSuite, to control access, each user is assigned one or more roles, and each role is a collection of permissions that define what tasks the user can perform and what data they can access. We recommend the following configuration for the user that will connect to Foundry:

  1. Create a dedicated role with appropriate permissions.
  2. From NetSuite’s tool bar, select Setup > Users/Roles > Manage Roles > New and provide an explicit name to the role. We recommend using foundry-role.
  3. Add system-wide permissions to the role by navigating to the bottom of the role page and selecting Permissions > Setup. Select SuiteAnalytics Connect, select Add then Save.
    • Note: NetSuite documentation recommends adding the SuiteAnalytics Connect: Read All permission, but it is irrelevant for NetSuite2.com data source (see here for details ↗). Adding this permission will not have any effect.
  4. Add table permissions to the role for tables you want to be able to query from Foundry by navigating to the bottom of the role page and selecting Permissions > Lists. Select the tables you want, select Add then Save.
  5. Assign the new role to a user.
  6. From NetSuite’s tool bar, select Setup > Users/Roles > Manage Users. Select the user you want to use to connect to Foundry, and select Edit.
  7. Navigate to the Access tab and make sure the Give Access checkbox is ticked.
  8. In the Roles tab, select the newly created role (foundry-role) from the dropdown list, select Add then Save.
    • Note: NetSuite documentation alternatively recommends using the Data Warehouse Integrator role instead of a custom one. However, this role requires access with token-based authentication (see here for more details ↗), which is not available in Foundry.

To verify that you added the correct permissions, log in as the user you have assigned the new role to, and check that you can view all the data that you expect.

Networking

The SuiteAnalytics connector requires network access to the NetSuite Connect instance to which you want to connect.

Foundry worker connection

If your connection runs on a Foundry worker, the appropriate egress policies must be added when setting up the source.

The service host and port that need to be allowed can be found on NetSuite's configuration homepage at https://<YOUR_ACCOUNT_ID>.app.netsuite.com/app/external/odbc/suiteAnalyticsConnectDownload.nl. To access this page without your NetSuite account ID:

  1. Log in to the homepage of your NetSuite account.
  2. Find the bottom-left Settings panel and select Set Up SuiteAnalytics Connect.

The service host is typically of the form \.connect.api.netsuite.com and the port 1708.

If such an egress policy does not exist, you can request a new one; otherwise you can add it.

:::callout{theme="warning"} Because this is using a non-HTTPS protocol, you will need to add both:

  • A DNS policy referencing your service host by name, and
  • A CIDR policy referencing explicitly the IP range. You can get the IP range of your NetSuite instance by running nslookup you-service-host in a terminal. IP addresses of NetSuite services may change at any time without notice. :::

Connection details

Option Required? Description
URL Yes In the form jdbc:ns://<SERVICE_HOST>:<SERVICE_PORT> where SERVICE_HOST and SERVICE_PORT can be retrieved from NetSuite's configuration homepage. Typically of the form jdbc:ns://<ACCOUNT_ID>.connect.api.netsuite.com:1708
Driver class Yes Needs to be com.netsuite.jdbc.openaccess.OpenAccessDriver
Drivers Yes For Foundry worker, upload the latest JDBC driver from NetSuite's configuration homepage. For legacy agent worker connections, the same JDBC driver must be properly signed before upload on the agent — contact Palantir Support. See how to add drivers to an agent for more details.
Credentials Yes The username and password of the user used to connect to Foundry.
JDBC properties Yes The entire list of available properties is described here ↗. The following properties are mandatory:

  - CustomProperties : (AccountID=<ACCOUNT_ID>;RoleID=<ROLE_ID>)
The ROLE_ID is the Internal ID associated with the role you assigned to the user (foundry-role). You can find this value next to the role name on the Setup > Users/Roles > Manage Roles page. If Internal ID is not displayed, see how to turn it on ↗.

  - NegotiateSSLClose : false

  - ServerDataSource : NetSuite2.com
As of November 8, 2021, new Connect users can access the Connect Service using the NetSuite2.com data source only. See Oracle NetSuite's documentation ↗ for more details.

  - encrypted : 1

Other connection parameters are the same as for any JDBC source.

Creating a sync

The NetSuite SuiteAnalytics source can be explored to discover tables and create new syncs. You can also manually create new syncs from the overview page of the source.


中文翻译

Oracle NetSuite SuiteAnalytics

通过 SuiteAnalytics Connect 将 Foundry 连接到 Oracle NetSuite,从而将 NetSuite ERP 中的数据同步到 Foundry。

:::callout{theme="note"} 需要在 NetSuite 实例上启用 SuiteAnalytics。请参阅 NetSuite 文档 ↗ 以启用该功能。 :::

支持的功能

功能 状态
数据探索 (Exploration) 🟢 正式发布
批量同步 (Batch syncs) 🟢 正式发布
增量同步 (Incremental) 🟢 正式发布

设置

  1. 打开 数据连接 (Data Connection) 应用,在屏幕右上角选择 + 新建数据源 (+ New Source)
  2. 从可用的连接器类型中选择 JDBC
  3. 按照后续配置提示,使用以下各节中的信息继续设置连接器。

了解更多关于在 Foundry 中 设置连接器 的信息。

身份验证

您可以使用 用户名/密码 组合对 SuiteAnalytics 进行身份验证。我们建议使用服务用户凭据,而非个人用户凭据。

在 NetSuite 中配置用户角色和权限

在 NetSuite 中,为了控制访问权限,每个用户被分配一个或多个角色,每个角色包含一组权限,用于定义用户可以执行的任务以及可以访问的数据。对于将连接到 Foundry 的用户,我们建议进行以下配置:

  1. 创建一个具有适当权限的专用角色。
  2. 在 NetSuite 的工具栏中,选择 设置 (Setup) > 用户/角色 (Users/Roles) > 管理角色 (Manage Roles) > 新建 (New),并为该角色提供一个明确的名称。我们建议使用 foundry-role
  3. 为该角色添加系统级权限:导航到角色页面底部,选择 权限 (Permissions) > 设置 (Setup)。选择 SuiteAnalytics Connect,然后选择 添加 (Add),最后点击 保存 (Save)
    • 注意:NetSuite 文档建议添加 SuiteAnalytics Connect: Read All 权限,但该权限对于 NetSuite2.com 数据源无关紧要(详情请参见 此处 ↗)。添加此权限不会产生任何效果。
  4. 为角色添加表权限:导航到角色页面底部,选择 权限 (Permissions) > 列表 (Lists)。选择您希望从 Foundry 查询的表,然后选择 添加 (Add),最后点击 保存 (Save)
  5. 将新角色分配给用户。
  6. 在 NetSuite 的工具栏中,选择 设置 (Setup) > 用户/角色 (Users/Roles) > 管理用户 (Manage Users)。选择您要用于连接 Foundry 的用户,然后选择 编辑 (Edit)
  7. 导航到 访问 (Access) 选项卡,确保 授予访问权限 (Give Access) 复选框已勾选。
  8. 角色 (Roles) 选项卡中,从下拉列表中选择新创建的角色 (foundry-role),然后选择 添加 (Add),最后点击 保存 (Save)
    • 注意:NetSuite 文档也建议使用 数据仓库集成器 (Data Warehouse Integrator) 角色代替自定义角色。但是,该角色需要基于令牌的身份验证(详情请参见 此处 ↗),而 Foundry 不支持这种验证方式。

要验证您是否添加了正确的权限,请以分配了新角色的用户身份登录,并检查您是否可以查看所有预期的数据。

网络

SuiteAnalytics 连接器需要能够通过网络访问您要连接的 NetSuite Connect 实例。

Foundry 工作节点 (Foundry worker) 连接

如果您的连接运行在 Foundry 工作节点 上,则在设置数据源时必须添加相应的 出站策略 (egress policies)

需要允许的 服务主机 (service host)端口 (port) 可以在 NetSuite 的配置主页上找到,地址为 https://<YOUR_ACCOUNT_ID>.app.netsuite.com/app/external/odbc/suiteAnalyticsConnectDownload.nl。 如果您没有 NetSuite 账户 ID,可以通过以下方式访问此页面:

  1. 登录您的 NetSuite 账户主页。
  2. 找到左下角的 设置 (Settings) 面板,选择 设置 SuiteAnalytics Connect (Set Up SuiteAnalytics Connect)

服务主机 (service host) 通常的格式为 \.connect.api.netsuite.com,端口为 1708

如果此类出站策略不存在,您可以 请求新建一个;否则,您可以 添加它

:::callout{theme="warning"} 由于使用的是非 HTTPS 协议,您需要同时添加以下两项:

  • 一个按名称引用服务主机的 DNS 策略,以及
  • 一个明确引用 IP 范围的 CIDR 策略。您可以通过在终端中运行 nslookup your-service-host 来获取 NetSuite 实例的 IP 范围。NetSuite 服务的 IP 地址可能随时更改,恕不另行通知。 :::

连接详情

选项 是否必需 描述
URL 格式为 jdbc:ns://<SERVICE_HOST>:<SERVICE_PORT>,其中 SERVICE_HOSTSERVICE_PORT 可从 NetSuite 的配置主页 获取。通常格式为 jdbc:ns://<ACCOUNT_ID>.connect.api.netsuite.com:1708
Driver class 必须为 com.netsuite.jdbc.openaccess.OpenAccessDriver
Drivers 对于 Foundry 工作节点,请从 NetSuite 的配置主页 上传最新的 JDBC 驱动程序。对于传统的 代理工作节点 (agent worker) 连接,相同的 JDBC 驱动程序在上传到代理之前必须进行正确签名——请联系 Palantir 支持。有关更多详情,请参阅如何 向代理添加驱动程序
Credentials 用于连接 Foundry 的用户的 用户名 (username)密码 (password)
JDBC properties 所有可用属性的完整列表请参见 此处 ↗。以下属性是必需的:

  - CustomProperties : (AccountID=<ACCOUNT_ID>;RoleID=<ROLE_ID>)
ROLE_ID 是与您分配给用户的角色 (foundry-role) 关联的内部 ID。您可以在 设置 (Setup) > 用户/角色 (Users/Roles) > 管理角色 (Manage Roles) 页面上角色名称旁边找到此值。如果未显示内部 ID,请参阅 如何开启此功能 ↗

  - NegotiateSSLClose : false

  - ServerDataSource : NetSuite2.com
自 2021 年 11 月 8 日起,新的 Connect 用户只能使用 NetSuite2.com 数据源访问 Connect 服务。有关更多详情,请参阅 Oracle NetSuite 的文档 ↗

  - encrypted : 1

其他连接参数与任何 JDBC 数据源 相同。

创建同步

可以通过 探索 NetSuite SuiteAnalytics 数据源来发现表并创建新的同步。 您也可以从数据源的概览页面 手动创建新的同步