Set up Iceberg
Configure your Iceberg catalog to enable Atlan to connect and crawl your data lakehouse assets. This guide covers REST catalog setup, authentication configuration, and network access requirements.
Prerequisites
Before you begin, make sure you have:
- Access to your Iceberg REST catalog endpoint
- REST catalog URI and authentication credentials (client ID and client secret)
- Network connectivity from Atlan to your Iceberg catalog
Configure authentication
The Iceberg connector supports REST catalog connections with token authentication. You use client ID and client secret to securely authenticate with your REST catalog.
- Contact your Iceberg catalog administrator and request REST catalog credentials
- You receive a client ID and client secret
- Combine them in the format
client-id:client-secret(for example,myapp:secret123key) - Keep this token secure—anyone with this token can access your catalog
- When you create the connection in Atlan, provide these values:
- REST Catalog URI: Your Iceberg REST catalog endpoint URL (for example,
https://your-catalog.com/api/rest) - Token: Your client credentials in format
client-id:client-secret - Catalog Name: Unique identifier for this catalog instance (for example,
production-catalog) - Warehouse Name: Identifier for the warehouse within the catalog (for example,
warehouse-1) - Scope: Access scope for the catalog, typically
PRINCIPAL_ROLE:lake_readersfor read-only access
- REST Catalog URI: Your Iceberg REST catalog endpoint URL (for example,
Verify network connectivity
Before crawling, confirm Atlan can reach your Iceberg catalog:
- HTTPS access: Your REST catalog endpoint must be available via HTTPS
- Firewall rules: Permit outbound connections from Atlan to your catalog endpoint
- DNS resolution: Your catalog hostname must be resolvable from Atlan's network
Next steps
- Crawl Iceberg assets: Configure and run the crawler to extract metadata from Iceberg