mirror of
				https://github.com/open-metadata/OpenMetadata.git
				synced 2025-10-25 15:55:15 +00:00 
			
		
		
		
	 5d6e18dc28
			
		
	
	
		5d6e18dc28
		
			
		
	
	
	
	
		
			
			* Added mark delete logic * Final test and optimization * After merge fixes * Added include tags for dash pipelines dbt * added docs and fixed test * Fixed py tests * Added UI changes for following newly added fields: - markDeletedDashboards - markDeletedMlModels - markDeletedPipelines - markDeletedTopics - includeTags * Fixed failing unit tests * updated json files of localization for other languages * Improved localization changes * added localization changes for other languages * Updated mark deleted desc * updated the ingestion fields descriptions in the ingestion form for UI * automated localization changes for other languages * updated descriptions for includeTags field for dbtPipeline and databaseServiceMetadataPipeline json * fixed issue where includeTags field was being sent in the dbtConfigSource * Added flow to input taxonomy while adding BigQuery service. --------- Co-authored-by: Aniket Katkar <aniketkatkar97@gmail.com>
		
			
				
	
	
		
			285 lines
		
	
	
		
			8.4 KiB
		
	
	
	
		
			Markdown
		
	
	
	
	
	
			
		
		
	
	
			285 lines
		
	
	
		
			8.4 KiB
		
	
	
	
		
			Markdown
		
	
	
	
	
	
| ---
 | |
| title: Run Quicksight Connector using the CLI
 | |
| slug: /connectors/dashboard/quicksight/cli
 | |
| ---
 | |
| 
 | |
| # Run Quicksight using the metadata CLI
 | |
| 
 | |
| In this section, we provide guides and references to use the Quicksight connector.
 | |
| 
 | |
| Configure and schedule Quicksight metadata and profiler workflows from the OpenMetadata UI:
 | |
| - [Requirements](#requirements)
 | |
| - [Metadata Ingestion](#metadata-ingestion)
 | |
| 
 | |
| ## Requirements
 | |
| 
 | |
| <InlineCallout color="violet-70" icon="description" bold="OpenMetadata 0.12 or later" href="/deployment">
 | |
| To deploy OpenMetadata, check the <a href="/deployment">Deployment</a> guides.
 | |
| </InlineCallout>
 | |
| 
 | |
| To run the Ingestion via the UI you'll need to use the OpenMetadata Ingestion Container, which comes shipped with
 | |
| custom Airflow plugins to handle the workflow deployment.
 | |
| 
 | |
| ### Python Requirements
 | |
| 
 | |
| To run the Quicksight ingestion, you will need to install:
 | |
| 
 | |
| ```bash
 | |
| pip3 install "openmetadata-ingestion[quicksight]"
 | |
| ```
 | |
| 
 | |
| ## Metadata Ingestion
 | |
| 
 | |
| All connectors are defined as JSON Schemas.
 | |
| [Here](https://github.com/open-metadata/OpenMetadata/blob/main/openmetadata-spec/src/main/resources/json/schema/entity/services/connections/dashboard/quickSightConnection.json)
 | |
| you can find the structure to create a connection to Quicksight.
 | |
| 
 | |
| In order to create and run a Metadata Ingestion workflow, we will follow
 | |
| the steps to create a YAML configuration able to connect to the source,
 | |
| process the Entities if needed, and reach the OpenMetadata server.
 | |
| 
 | |
| The workflow is Quicksightled around the following
 | |
| [JSON Schema](https://github.com/open-metadata/OpenMetadata/blob/main/openmetadata-spec/src/main/resources/json/schema/metadataIngestion/workflow.json)
 | |
| 
 | |
| ### 1. Define the YAML Config
 | |
| 
 | |
| This is a sample config for Quicksight:
 | |
| 
 | |
| ```yaml
 | |
| source:
 | |
|   type: Quicksight
 | |
|   serviceName: local_Quicksight
 | |
|   serviceConnection:
 | |
|     config:
 | |
|       type: QuickSight
 | |
|       awsConfig:
 | |
|         awsAccessKeyId: key
 | |
|         awsSecretAccessKey: secret
 | |
|         awsRegion: ap-south-1
 | |
|         awsSessionToken: token
 | |
|       awsAccountId: account-id
 | |
|       identityType: identityType
 | |
|   sourceConfig:
 | |
|     config:
 | |
|       type: DashboardMetadata
 | |
|       overrideOwner: True
 | |
|       markDeletedDashboards: True
 | |
|       includeTags: True
 | |
|       # dbServiceNames:
 | |
|       #   - service1
 | |
|       #   - service2
 | |
|       # dashboardFilterPattern:
 | |
|       #   includes:
 | |
|       #     - dashboard1
 | |
|       #     - dashboard2
 | |
|       #   excludes:
 | |
|       #     - dashboard3
 | |
|       #     - dashboard4
 | |
|       # chartFilterPattern:
 | |
|       #   includes:
 | |
|       #     - chart1
 | |
|       #     - chart2
 | |
|       #   excludes:
 | |
|       #     - chart3
 | |
|       #     - chart4
 | |
| sink:
 | |
|   type: metadata-rest
 | |
|   config: {}
 | |
| workflowConfig:
 | |
|   # loggerLevel: DEBUG  # DEBUG, INFO, WARN or ERROR
 | |
|   openMetadataServerConfig:
 | |
|     hostPort: <OpenMetadata host and port>
 | |
|     authProvider: <OpenMetadata auth provider>
 | |
| ```
 | |
| 
 | |
| #### Source Configuration - Service Connection
 | |
| 
 | |
| - **awsConfig**
 | |
|   - **AWS Access Key ID**: Enter your secure access key ID for your Glue connection. The specified key ID should be authorized to read all databases you want to include in the metadata ingestion workflow.
 | |
|   - **AWS Secret Access Key**: Enter the Secret Access Key (the passcode key pair to the key ID from above).
 | |
|   - **AWS Region**: Enter the location of the amazon cluster that your data and account are associated with.
 | |
|   - **AWS Session Token (optional)**: The AWS session token is an optional parameter. If you want, enter the details of your temporary session token.
 | |
|   - **Endpoint URL (optional)**: Your Glue connector will automatically determine the AWS Glue endpoint URL based on the region. You may override this behavior by entering a value to the endpoint URL.
 | |
| 
 | |
| - **identityType**: The authentication method that the user uses to sign in.
 | |
| - **awsAccountId**: AWS Account ID
 | |
| - **namespace**: The Amazon QuickSight namespace that contains the dashboard IDs in this request ( To be provided when identityType is `ANONYMOUS` )
 | |
| #### Source Configuration - Source Config
 | |
| 
 | |
| The `sourceConfig` is defined [here](https://github.com/open-metadata/OpenMetadata/blob/main/openmetadata-spec/src/main/resources/json/schema/metadataIngestion/dashboardServiceMetadataPipeline.json):
 | |
| 
 | |
| - `dbServiceNames`: Database Service Name for the creation of lineage, if the source supports it.
 | |
| - `dashboardFilterPattern` and `chartFilterPattern`: Note that the `dashboardFilterPattern` and `chartFilterPattern` both support regex as include or exclude. E.g.,
 | |
| - `includeTags`: Set the Include tags toggle to control whether or not to include tags as part of metadata ingestion.
 | |
| - `markDeletedDashboards`: Set the Mark Deleted Dashboards toggle to flag dashboards as soft-deleted if they are not present anymore in the source system.
 | |
| 
 | |
| ```yaml
 | |
| dashboardFilterPattern:
 | |
|   includes:
 | |
|     - users
 | |
|     - type_test
 | |
| ```
 | |
| 
 | |
| #### Sink Configuration
 | |
| 
 | |
| To send the metadata to OpenMetadata, it needs to be specified as `type: metadata-rest`.
 | |
| 
 | |
| #### Workflow Configuration
 | |
| 
 | |
| The main property here is the `openMetadataServerConfig`, where you can define the host and security provider of your OpenMetadata installation.
 | |
| 
 | |
| For a simple, local installation using our docker containers, this looks like:
 | |
| 
 | |
| ```yaml
 | |
| workflowConfig:
 | |
|   openMetadataServerConfig:
 | |
|     hostPort: 'http://localhost:8585/api'
 | |
|     authProvider: openmetadata
 | |
|     securityConfig:
 | |
|       jwtToken: '{bot_jwt_token}'
 | |
| ```
 | |
| 
 | |
| We support different security providers. You can find their definitions [here](https://github.com/open-metadata/OpenMetadata/tree/main/openmetadata-spec/src/main/resources/json/schema/security/client).
 | |
| You can find the different implementation of the ingestion below.
 | |
| 
 | |
| <Collapse title="Configure SSO in the Ingestion Workflows">
 | |
| 
 | |
| ### Openmetadata JWT Auth
 | |
| 
 | |
| ```yaml
 | |
| workflowConfig:
 | |
|   openMetadataServerConfig:
 | |
|     hostPort: 'http://localhost:8585/api'
 | |
|     authProvider: openmetadata
 | |
|     securityConfig:
 | |
|       jwtToken: '{bot_jwt_token}'
 | |
| ```
 | |
| 
 | |
| ### Auth0 SSO
 | |
| 
 | |
| ```yaml
 | |
| workflowConfig:
 | |
|   openMetadataServerConfig:
 | |
|     hostPort: 'http://localhost:8585/api'
 | |
|     authProvider: auth0
 | |
|     securityConfig:
 | |
|       clientId: '{your_client_id}'
 | |
|       secretKey: '{your_client_secret}'
 | |
|       domain: '{your_domain}'
 | |
| ```
 | |
| 
 | |
| ### Azure SSO
 | |
| 
 | |
| ```yaml
 | |
| workflowConfig:
 | |
|   openMetadataServerConfig:
 | |
|     hostPort: 'http://localhost:8585/api'
 | |
|     authProvider: azure
 | |
|     securityConfig:
 | |
|       clientSecret: '{your_client_secret}'
 | |
|       authority: '{your_authority_url}'
 | |
|       clientId: '{your_client_id}'
 | |
|       scopes:
 | |
|         - your_scopes
 | |
| ```
 | |
| 
 | |
| ### Custom OIDC SSO
 | |
| 
 | |
| ```yaml
 | |
| workflowConfig:
 | |
|   openMetadataServerConfig:
 | |
|     hostPort: 'http://localhost:8585/api'
 | |
|     authProvider: custom-oidc
 | |
|     securityConfig:
 | |
|       clientId: '{your_client_id}'
 | |
|       secretKey: '{your_client_secret}'
 | |
|       domain: '{your_domain}'
 | |
| ```
 | |
| 
 | |
| ### Google SSO
 | |
| 
 | |
| ```yaml
 | |
| workflowConfig:
 | |
|   openMetadataServerConfig:
 | |
|     hostPort: 'http://localhost:8585/api'
 | |
|     authProvider: google
 | |
|     securityConfig:
 | |
|       secretKey: '{path-to-json-creds}'
 | |
| ```
 | |
| 
 | |
| ### Okta SSO
 | |
| 
 | |
| ```yaml
 | |
| workflowConfig:
 | |
|   openMetadataServerConfig:
 | |
|     hostPort: http://localhost:8585/api
 | |
|     authProvider: okta
 | |
|     securityConfig:
 | |
|       clientId: "{CLIENT_ID - SPA APP}"
 | |
|       orgURL: "{ISSUER_URL}/v1/token"
 | |
|       privateKey: "{public/private keypair}"
 | |
|       email: "{email}"
 | |
|       scopes:
 | |
|         - token
 | |
| ```
 | |
| 
 | |
| ### Amazon Cognito SSO
 | |
| 
 | |
| The ingestion can be configured by [Enabling JWT Tokens](https://docs.open-metadata.org/deployment/security/enable-jwt-tokens)
 | |
| 
 | |
| ```yaml
 | |
| workflowConfig:
 | |
|   openMetadataServerConfig:
 | |
|     hostPort: 'http://localhost:8585/api'
 | |
|     authProvider: auth0
 | |
|     securityConfig:
 | |
|       clientId: '{your_client_id}'
 | |
|       secretKey: '{your_client_secret}'
 | |
|       domain: '{your_domain}'
 | |
| ```
 | |
| 
 | |
| ### OneLogin SSO
 | |
| 
 | |
| Which uses Custom OIDC for the ingestion
 | |
| 
 | |
| ```yaml
 | |
| workflowConfig:
 | |
|   openMetadataServerConfig:
 | |
|     hostPort: 'http://localhost:8585/api'
 | |
|     authProvider: custom-oidc
 | |
|     securityConfig:
 | |
|       clientId: '{your_client_id}'
 | |
|       secretKey: '{your_client_secret}'
 | |
|       domain: '{your_domain}'
 | |
| ```
 | |
| 
 | |
| ### KeyCloak SSO
 | |
| 
 | |
| Which uses Custom OIDC for the ingestion
 | |
| 
 | |
| ```yaml
 | |
| workflowConfig:
 | |
|   openMetadataServerConfig:
 | |
|     hostPort: 'http://localhost:8585/api'
 | |
|     authProvider: custom-oidc
 | |
|     securityConfig:
 | |
|       clientId: '{your_client_id}'
 | |
|       secretKey: '{your_client_secret}'
 | |
|       domain: '{your_domain}'
 | |
| ```
 | |
| 
 | |
| </Collapse>
 | |
| 
 | |
| 
 | |
| ### 2. Run with the CLI
 | |
| 
 | |
| First, we will need to save the YAML file. Afterward, and with all requirements installed, we can run:
 | |
| 
 | |
| ```bash
 | |
| metadata ingest -c <path-to-yaml>
 | |
| ```
 | |
| 
 | |
| Note that from connector to connector, this recipe will always be the same. By updating the YAML configuration,
 | |
| you will be able to extract metadata from different sources.
 | |
| 
 |