Skip to main content

Data Locker

Developer Documentation | Apptrove Platform

Overview

Data Locker enables you to stream data to your selected and owned storage solution, whether it is a bucket or data warehouse. It is the Apptrove solution for streaming data directly to your cloud storage, allowing seamless integration with your internal BI systems for comprehensive analysis and reporting.

Supported cloud storage platforms:

  • Google Cloud Storage (GCS)
  • Amazon Web Services (AWS)
  • Microsoft Azure

Bucket Cloud Storage Setup

Set up your cloud service using one of the following procedures based on your storage platform.

GCS Storage

note

The procedure in this section must be performed by your Google Cloud admin.

important

You can delete files from Data Locker 25 or more hours after they were written. Do not delete them before this threshold.

Prerequisites

Before granting permissions, ensure the following requirements are met:

  1. Create a dedicated bucket on GCS exclusively for Data Locker. No other service should write data to this bucket.
  2. Bucket name must start with at-datalocker- (e.g., at-datalocker-production).

Granting Data Locker Permissions

In the steps below, substitute data-locker-example with the name of the bucket you created for Data Locker.

  1. Sign in to your GCS Console.
  2. Navigate to Storage > Storage Browser.
  3. Select the bucket you previously created (e.g., data-locker-example).
  4. Go to the Permissions tab.
  5. Click + Add. The Add Members window opens.
  6. Complete the form as follows:
    • New members — Paste the following service account: apptrove-datalocker@trackier-mmp.iam.gserviceaccount.com
    • Select a role — Choose Cloud Storage > Storage Object Admin.
  7. Click Save.

AWS Storage

note

The procedure in this section must be performed by your AWS admin.

important

You can delete files from Data Locker 25 or more hours after they were written. Do not delete them before this threshold.

Prerequisites

Before granting permissions, ensure the following requirements are met:

  1. Create an AWS bucket with the name starting with the mandatory prefix at-datalocker-. The suffix is free text.
  2. Suggested bucket name format: at-datalocker-yyyy-mm-dd-hh-mm-<free-text> where yyyy-mm-dd-hh-mm is the current date and time, followed by any additional text you choose.

Creating a Bucket and Granting Apptrove Permissions

  1. Sign in to the AWS Console.
  2. Go to the S3 service.
  3. To create the bucket:
    • Click Create bucket.
    • Complete the Bucket name field: start with at-datalocker- followed by any text as described above.
    • Specify one of the supported AWS regions.
    • Click Create bucket.
  4. To grant Apptrove permissions:
    • Select the bucket.
    • Go to the Permissions tab.
    • In the Bucket policy section, click Edit. The Bucket policy window opens.
    • Paste the following policy snippet into the window:
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Apptrove_DataLocker_Access",
      "Effect": "Allow",
      "Principal": {
        "AWS": "arn:aws:iam::429528098617:user/apptrove-datalocker-prod"
      },
      "Action": [
        "s3:GetObject",
        "s3:ListBucket",
        "s3:DeleteObject",
        "s3:PutObject"
      ],
      "Resource": [
        "arn:aws:s3:::at-datalocker-my-bucket",
        "arn:aws:s3:::at-datalocker-my-bucket/*"
      ]
    }
  ]
}
  • In the snippet, replace at-datalocker-my-bucket with the bucket name you created.
  • Click Save changes.

Azure Storage

note

The procedure in this section must be performed by your Azure Cloud admin.

important

You can delete files from Data Locker 25 or more hours after they were written. Do not delete them before this threshold.

Setting Up a Storage Account for Data Locker

  1. In your Azure portal, go to Azure Storage Accounts and click Create to make a new storage account.
  2. In the Basics tab under Project details, select from the dropdowns:
    • A Subscription.
    • A Resource Group. (Optional: If no resource group exists, click Create new.)
  3. Under Instance details:
    • Enter a Storage account name.
    • Select a Region from the dropdown.
  4. Click Next: Advanced >.
  5. Under the Security tab, select Enable Hierarchical namespace.
  6. Click Review > Create.
  7. After deployment is complete, go back to Azure Storage Accounts and select the newly created storage account.
  8. Go to Access keys and copy your Storage account name and one of your keys.
  9. Go to Storage Browser > Blob Containers and click Add container:
    • Enter a Name for the new container.
    • Click Create.

Connecting Azure to Data Locker

  1. In Apptrove, go to Data Locker > New Connection.
  2. In the new connection form:
    • Enter a name for your connection.
    • Choose Azure Blob as the storage type.
    • Enter your Azure Container name in the Bucket Name field (the container created in step 9 above).
    • Enter the Storage account name copied in step 8.
    • Enter the Key copied in step 8.
  3. Click Test Connection.
  4. Click Save.

This document will be updated as additional platform setup details become available.