Data Subject Request Web Application Server

PreviousTwingate and LightBeam Integration Guide NextGenerate CSR for LightBeam

Last updated 11 months ago

Data Subject Request Web Application Server

Overview

The LightBeam Web Application Server plays a pivotal role in creating and hosting online forms that cater to data subject requests (DSRs). This guide has been designed to provide clear instructions for installing, configuring, and operating this server on your local system.

Upon successful deployment, this application enables you to create forms, host these forms on a secure platform, submit requests through these forms, and finally, verify these requests via email. This guide also includes detailed information on configuring SMTP for email functionality and managing the rate limiter.

This LightBeam Web Application Server is a separate entity from the LightBeam platform, requiring independent installation and operation.

Pre-requisites

Before embarking on the installation process, ensure that you have access to a Kubernetes cluster and Helm.

, also known as K8s, is an open-source system for automating the deployment, scaling, and management of containerized applications.

helps you manage Kubernetes applications — Helm Charts help you define, install, and upgrade even the most complex Kubernetes application.

Installation Procedure

Follow these instructions for the deployment of the LightBeam Web Application Server:

1. Retrieving the LightBeam Repository

Begin by retrieving the LightBeam repository by executing these commands:

git clone https://github.com/lightbeam/lightbeam-chart.git
cd lightbeam-chart

2. Deploying the LightBeam Web Portal Using Helm (Critical Configuration):

IMPORTANT: This is a critical configuration step. The deployment process will not be successful without completing this step.

You can deploy the LightBeam web portal with Helm using the following command:

helm install lightbeam-web charts/lightbeam-web-portal/
--namespace lightbeam-web
--create-namespace
--set lightbeamGatewayAuth.username=lbadmin
--set lightbeamGatewayAuth.password="[PASSWORD]"
--set lightbeamGatewayAuth.endpoint="[ENDPOINT]"

Replace [PASSWORD] and [ENDPOINT] with appropriate values for your deployment.

3. Load Balancer and DNS Configuration

Load Balancer Creation for lightbeam-web-proxy:
- When the lightbeam-web-proxy service is deployed using Helm in a Kubernetes environment, an AWS Elastic Load Balancer (ELB) is automatically created. This ELB serves as the public-facing endpoint for the LightBeam Web Application.
- The Helm chart for lightbeam-web-proxy is configured to request a LoadBalancer type service from Kubernetes. Kubernetes interacts with AWS to provision an ELB and associates it with the service.
- The ELB automatically distributes incoming application traffic across multiple targets, such as EC2 instances, in multiple Availability Zones, increasing the fault tolerance of the application.
DNS Configuration:
- Configure DNS settings to point to a domain (e.g., dsr.example.com) to the ELB's DNS name (e.g., example.elb.us-east-1.amazonaws.com). This setup allows users to access the LightBeam Web Application through a user-friendly domain name instead of an IP address.

4. SMTP Configuration

The LightBeam web portal requires SMTP configuration to function properly.

LightBeam, by default, fetches the SMTP configuration from the LightBeam application, Spectra.

If Spectra does not have SMTP configured, these properties need to be input during chart installation:

smtp:
  enabled: true
  host: ""
  port: ""
  sender: ""
  username: ""
  password: ""

5. Required Configuration to Start the Portal

This configuration section is essential to set up the LightBeam web portal.

It mandates specifying the deployment URL and a unique identifier for the web instance.

lightbeamWeb:
  url: "" # URL where the lightbeam web portal will be deployed.
  # Generate any UUID for lightbeamWebUniqueID. This UUID will be used to uniquely identify the Lightbeam web instance.
  lightbeamWebUniqueID: ""

Understanding the Configuration

url: "": This is a placeholder where you will later insert the URL where the LightBeam web portal will be deployed.

lightbeamWebUniqueID: "": This is where you provide a UUID (Universally Unique Identifier) that will be used to uniquely identify the LightBeam web instance.

Please note that the URL from lightbeamWeb.url will not be available at the time of installation.

About LightBeam

LightBeam automates Privacy, Security, and AI Governance, so businesses can accelerate their growth in new markets. Leveraging generative AI, LightBeam has rapidly gained customers’ trust by pioneering a unique privacy-centric and automation-first approach to security. Unlike siloed solutions, LightBeam ties together sensitive data cataloging, control, and compliance across structured and unstructured data applications providing 360-visibility, redaction, self-service DSRs, and automated ROPA reporting ensuring ultimate protection against ransomware and accidental exposures while meeting data privacy obligations efficiently. LightBeam is on a mission to create a secure privacy-first world helping customers automate compliance against a patchwork of existing and emerging regulations.