Skip to main content

Support for Talend Control Plane and Data Plane with respect to your data privacy

Availability-noteBeta
Integrated into Talend's official support procedure, the support for Talend's Control Plane and Data Plane solution addresses both technical requests and data privacy requirements.
When you need Talend Support team to help handle technical issues, the following security measures are applied to ensure your data privacy:
  • A Talend support engineer can never access your Data Planes unless you grant the engineer a temporary access.
  • To grant this temporary access, do the following:
    1. Create a temporary Data Plane member of the Data Plane in question by sending the API request reading like this:
      curl -i -X POST 'https://api.<env>.cloud.talend.com/processing/data-planes/<data-plane-id>/members' \
         -H "Content-Type:application/json" \
         -H "Authorization:Bearer <personal_access_token_or_service_access_token>"
         -d \
      '{
         "duration": "1",
         "roleId": "projects-view", 
         "description": "Temporary user for Data Plane",
         "username": "Talend support team"
       }'

      The Engines - Manage (ID: TMC_CLUSTER_MANAGEMENT) permission is required to use all the endpoints described in this step.

      In the response, you obtain the credentials of this temporary Data Plane member. For further information about this endpoint, see Create Data Plane members.

      In this example,
      • The "duration": "1" field means this temporary Data Plane member is automatically deleted at the end of one hour. The maximum allowed duration is 48 hours. Alternatively, you can also delete this user with this API request:
        curl -i -X DELETE 'https://api.<env>.cloud.talend.com/processing/data-planes/<data-plane-id>/members/<member_id>'

        For further information, see Delete a Data Plane member.

      • The "roleId": "projects-view" field means the read-only role is granted to this temporary user. To grant more rights and permissions, send a request to this endpoint for all the available roles:
        curl -i -X GET 'https://api.<env>.cloud.talend.com/processing/data-planes/<data-plane-id>/members/roles'
        For further information about this endpoint, see List Data Plane user roles.
    2. Share the credentials with the Talend support engineer.
    3. On the Talend side, the Talend support engineer uses these credentials to log onto the data processing platform as a temporary user. This way, this engineer obtains the access to the Data Plane of which the temporary user is a member and downloads a Kubeconfig file that is restricted to this temporary member and the specific Data Plane.
    4. As mentioned above, this temporary Data Plane member is automatically deleted at the end of the time duration you defined when creating that member, or you can delete it manually by sending the API request to the dedicated endpoint.

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!