Documentation updates
April 4, 2023
- New deployment step: back up the secrets that contain the DS master and TLS keys
-
A new step to back up the Kubernetes secrets that contain the DS master and TLS keys has been added to the instructions for deploying the CDM.
It is extremely important to back up these secrets and retain them in a secure location. Loss of these secrets could result in the inability to restore data from backups.
- Secret generation documentation corrected
-
The Secret Agent operator page previously stated that the Secret Agent operator generates all secrets required for a ForgeRock Identity Platform deployment.
This page has been corrected to state that the Secret Agent operator generates all secrets required for a ForgeRock Identity Platform deployment except for the DS master and TLS keys. In version 7.3, the DS operator calls the certificate manager to generate these two keys.
- Secret management recommendations changed
-
The recommendation that you always configure cloud secret management has been relaxed. ForgeRock now recommends that you configure cloud secret management only when you have multiple deployments that need to use the same secrets.
- Base Docker images page updated
-
The Base Docker images page has been significantly updated. A new section, Create Docker images for use in production, explains how to build customized Docker images for the ForgeRock Identity Platform that:
-
Contain customized configuration profiles for AM, IDM, and, optionally, IG.
-
Must be based on your own base Docker images.
-
Must not be based on ForgeRock’s evaluation-only Docker images.
-
September 3, 2020
- Miscellaneous documentation fixes
-
-
The name of the IG base image has been corrected in Step 7 of the procedure to build your own base Docker images.
-
An additional issue was found with the sample for building the Docker base images for AM: several additional scripts needed execute permission. This documentation update works around this issue.
-
The descriptions of CDK and CDM now mention jobs that run to completion when you deploy the platform:
amster
,forgeops-secret
, andldif-importer
. -
A step to run
skaffold delete
has been added to the procedures for removing the CDK and the CDM removal pages.
-