Data Quality Gates Prerequisites

This guide covers the common setup steps shared across DQ Gates deployment options: local Python and Snowflake UDFs.

System requirements

Local environment capable of running Python 3.10-3.13 (any platform: Windows, macOS, Linux) or a virtual machine that follows the same requirements.

Python 3.13 support is available from DQ Gates version 1.1.1. Earlier versions support Python 3.9-3.12.
Network connectivity to your Ataccama ONE instance.
Ability to install Python packages and run Python scripts or Jupyter notebooks.

Prepare Ataccama ONE

You need an active Ataccama ONE account with access to the DQ firewalls that you want to use.

Authentication setup

DQ Gates authenticates to Ataccama ONE using OpenID Connect (OIDC).

To set up authentication:

Create an API client by following the instructions in Create an API client.
Copy and securely store the generated Client ID and Client Secret. These credentials are used in the next step, Configure Ataccama ONE connection in the .env file.

Configure Ataccama ONE connection in the .env file

Create an .env file in your project directory using the following template. This file stores the environment variables needed to connect to Ataccama ONE during deployment.

The .env file example with Ataccama ONE connection settings

ATACCAMA_INSTANCE_URL="https://myenv.ataccama.one/"
ATACCAMA_PLATFORM_VERSION="saas"
ATACCAMA_CLIENT_ID="myclient"
ATACCAMA_CLIENT_SECRET="secret"
ATACCAMA_KEYCLOAK_HOST="myenv.ataccama.one"
ATACCAMA_KEYCLOAK_REALM="myrealm"

Set the following variables:

ATACCAMA_INSTANCE_URL: The URL of your Ataccama ONE instance.
ATACCAMA_PLATFORM_VERSION: Set to saas.
ATACCAMA_CLIENT_ID, ATACCAMA_CLIENT_SECRET: Use credentials from your API client (see Authentication setup).
ATACCAMA_KEYCLOAK_HOST, ATACCAMA_KEYCLOAK_REALM: Copy values from your login screen URL. The URL format is <ATACCAMA_KEYCLOAK_HOST>/auth/realms/<ATACCAMA_KEYCLOAK_REALM>/, for example, myenv.ataccama.one/auth/realms/myrealm/.

Next steps

After you complete the prerequisites, continue with the installation guide for your environment:

Post-installation configuration

Firewall filtering

Available from DQ Gates version 1.1.0.

This section applies to firewall-based runtimes such as local Python and Snowflake UDFs deployment.

Filter which firewalls to retrieve using AQL filters or Python predicates.

Using AQL filters. Filter firewalls when fetching them from Ataccama ONE.

AQL filter example

# Retrieve all firewalls (default)
firewalls = list(client.get_firewall_definitions())

# Retrieve only enabled firewalls
firewalls = list(client.get_firewall_definitions(filter="enabled=true"))

# Fetch firewalls whose name contains 'GATES' (case insensitive)
firewalls = list(client.get_firewall_definitions(filter="name LIKE 'GATES'"))

# Fetch firewalls with specific names (case sensitive)
firewalls = list(client.get_firewall_definitions(filter="name in ('CUSTOMERS', 'EMAILS')"))

# Combine predicates (enabled + deployment timestamp)
firewalls = list(
    client.get_firewall_definitions(
        filter="enabled=true and deploymentInfo.timestamp > '2025-09-01'",
    )
)

# Fetch by service IDs
firewalls = list(client.get_firewall_definitions(filter=["C10nSBQA78", "UID1Wy4ivg"]))

Using Python predicates. Filter the in-memory list after fetching.

Python predicates example

# Firewalls whose name starts with 'GATES'
firewalls_to_deploy = [fw for fw in firewalls if fw.name.startswith("GATES")]

# Firewalls that contain 'finance' in the description
firewalls_to_deploy = [
    fw for fw in firewalls
    if fw.description and 'finance' in fw.description.lower()
]

# Limit to specific firewall IDs
selected_ids = ["C10nSBQA78", "UID1Wy4ivg"]
firewalls_to_deploy = [fw for fw in firewalls if fw.firewall_id in selected_ids]

Was this page useful?