Overview

The DOCC Platform User Guide provides comprehensive documentation for all platform features and capabilities. Use these guides to get the most out of your data operations.

Quick Comparison

DOCCFS Mount (Traditional Approach)

What is DOCCFS Mount?

DOCCFS Mount is the traditional approach where you directly mount cloud storage (S3, Azure Blob, GCS) as a virtual filesystem. Each mount contains its own credentials and configuration, providing immediate access to your data.

Key Characteristics

Direct Access Model

• Each mount is self-contained with its own credentials
• Direct mapping between mount point and storage location
• Immediate access once configured

Simple Configuration

• Single-step setup process
• All configuration in one place
• Quick to get started

Basic Security

• Credentials stored per mount
• Simple read/write permissions
• Basic encryption support

When to Use DOCCFS Mount

Ideal for:

• Development and Testing: Quick setup for development environments
• Small Teams: Simple access patterns without complex governance needs
• Proof of Concepts: Rapid prototyping and experimentation
• Single-Purpose Access: Dedicated access to specific storage locations
• Legacy Integrations: Existing systems that expect direct mount points

Use Cases:

• Data science experimentation
• Development environment data access
• Simple ETL processes
• Personal or team-specific data storage
• Migration from traditional file systems

Configuration Example

{
  "name": "analytics-data",
  "basePath": "/doccfs/analytics",
  "provider": "S3",
  "config": {
    "bucketName": "company-analytics",
    "region": "us-east-1",
    "prefix": "datasets/"
  },
  "authConfig": {
    "accessKeyId": "AKIA...",
    "secretAccessKey": "..."
  },
  "policyConfig": {
    "allowRead": true,
    "allowWrite": true,
    "quotaGB": 100
  }
}

DOCC Catalog Volume (Modern Governance Approach)

What is DOCC Catalog Volume?

DOCC Catalog Volume is a modern, governance-first approach that separates credential management from storage access. It provides enterprise-grade controls, audit trails, and centralized management of storage resources.

Key Characteristics

Separation of Concerns

• Storage Credentials: Centralized, reusable authentication
• External Locations: Governed pointers to storage paths
• Clear separation between "how to authenticate" and "what to access"

Enterprise Governance

• Workspace-level access controls
• Comprehensive audit logging
• Policy enforcement
• Compliance-ready features

Advanced Security

• Centralized credential management
• Role-based access control
• Cross-account access patterns
• Credential rotation without downtime

When to Use DOCC Catalog Volume

Ideal for:

• Production Environments: Enterprise-grade governance and security
• Large Organizations: Multiple teams with different access needs
• Compliance Requirements: Audit trails and governance controls
• Multi-Workspace Environments: Different access patterns per workspace
• Credential Management: Centralized security and rotation

Use Cases:

• Production data lakes
• Multi-tenant environments
• Regulated industries (finance, healthcare)
• Cross-team data sharing
• Enterprise data governance
• Data mesh architectures

Overview

DOCC Catalog Volume represents a modern approach to cloud storage access that prioritizes governance, security, and scalability. Unlike traditional mount-based approaches, it separates the concerns of authentication (how to connect) from authorization (what to access).

Architecture

The DOCC Catalog Volume architecture consists of two main components:

Storage Credentials

Centralized authentication configurations that define how to connect to cloud storage providers. These are reusable across multiple external locations.

External Locations

Governed pointers to specific storage paths that reference storage credentials for authentication. Each location can have workspace-specific access controls.

Setup Guide

Step 1: Create Storage Credentials

First, create storage credentials that define how to authenticate with your cloud storage provider.

AWS S3 Example (IAM User)

POST /api/v1/catalog/storage-credentials
Content-Type: application/json

{
  "name": "s3-production-credentials",
  "credentialType": "ACCESS_KEY",
  "providerType": "AWS_S3",
  "credentialConfig": {
    "accessKeyId": "AKIA...",
    "secretAccessKey": "...",
    "region": "us-east-1"
  }
}

AWS S3 Example (Assume Role)

POST /api/v1/catalog/storage-credentials
Content-Type: application/json

{
  "name": "s3-assume-role-credentials",
  "credentialType": "ASSUME_ROLE",
  "providerType": "AWS_S3",
  "credentialConfig": {
    "roleArn": "arn:aws:iam::123456789012:role/DataPlatformRole",
    "externalId": "unique-external-id",
    "region": "us-east-1"
  }
}

Step 2: Create External Locations

Create external locations that point to specific storage paths using the credentials.

POST /api/v1/catalog/external-locations
Content-Type: application/json

{
  "name": "analytics-data-lake",
  "url": "s3://company-data-lake/analytics/",
  "credentialName": "s3-production-credentials",
  "comment": "Production analytics data lake"
}

Step 3: Configure Workspace Access

Grant workspace-level access to the external location.

POST /api/v1/catalog/external-locations/analytics-data-lake/permissions
Content-Type: application/json

{
  "workspaceId": "ws-analytics-team",
  "permissions": ["READ", "WRITE"],
  "grantedBy": "admin@company.com"
}

Overview

DOCC Platform provides flexible data store configuration options to meet various organizational requirements, from simple development setups to enterprise-grade production environments.

Quick Comparison

Overview

The Integration section covers all aspects of connecting your DOCC Platform with external systems, configuring storage solutions, and setting up compute engines for optimal data processing performance.