PingAuthorize

Adding an Azure deployment package store

To use the Deployment Manager, add a deployment package store for read access to the PingAuthorize server.

About this task

Use the administrative console or dsconfig to add the deployment package store.


  • Administrative console

  • Dsconfig

Adding an Azure deployment package store using the administrative console

Before you begin

Set up your Azure storage account:

  • If you don’t already have an Azure storage account, create one.

  • Add a container to your storage account.

  • Record the Connection string value found in your account’s Access key settings.

For information on setting up an Azure storage account, see your Azure Blob Storage documentation.

Steps

  1. In the administrative console, go to Configuration > Authorization and Policies > Deployment Package Stores.

  2. Click New Deployment Package Store.

  3. In the New Deployment Package Store menu, select Azure Deployment Package Store.

  4. Complete the General Configuration fields.

    1. In the Name field, enter a name for the deployment package store.

    2. In the Poll Interval field, enter a value in seconds for how often the Azure store should be polled for changes.

      A value of 0 only updates on restart.

    3. In the Azure Blob Connection String field, enter the connection string shown in your Azure storage account’s Access key settings.

      Your connection string value is not displayed after you enter it. The page still displays Set Value.

    4. In the Azure Blob Container field, enter the name of your container.

    5. In the Azure Blob Prefix field, enter the prefix you defined for the deployment package store.

  5. Optional: Complete the Policy Security fields.

    If you select signed in the Deployment Package Security Level field, you must complete the Deployment Package Trust Store field.

  6. Click Save To PingAuthorize Server Cluster.

    Result:

    Your Azure deployment package store is displayed on the Deployment Package Stores page.

Next steps

Adding an Azure deployment package store using dsconfig

Steps

  • Run dsconfig with the create-deployment-package-store option:

    Choose from:

    • Create a store with an unsigned deployment package.

      dsconfig create-deployment-package-store \
        --store-name "<store-name>" \
        --type azure  \
        --set "poll-interval:<poll-interval>" \
        --set "azure-blob-connection-string:<blob-connection-string>"  \
        --set "azure-blob-container:<blob-container>"  \
        --set "azure-blob-prefix:<blob-prefix>"
    • Create a store with deployment-package-security-level set to signed.

      dsconfig create-deployment-package-store \
        --store-name "<store-name>"  \
        --type azure  \
        --set "poll-interval:<poll-interval>" \
        --set "azure-blob-connection-string:<blob-connection-string>"  \
        --set "azure-blob-container:<blob-container>"  \
        --set "azure-blob-prefix:<blob-prefix>"
        --set deployment-package-security-level:signed  \
        --set "deployment-package-trust-store:<trust-store-provider-name>"  \
        --set "deployment-package-verification-key-nickname:<key-nickname>"

Next steps