--- title: Deploying the PingIntelligence policy for AWS description: Using the PingIntelligence Amazon Web Services (AWS) policy tool, deploy the PingIntelligence policy in AWS @Lambda in the North Virginia (US-East-1) region. component: pingintelligence version: 5.2 page_id: pingintelligence:pingintelligence_integrations:pingintelligence_deploy_policy canonical_url: https://docs.pingidentity.com/pingintelligence/5.2/pingintelligence_integrations/pingintelligence_deploy_policy.html revdate: April 3, 2024 section_ids: about-this-task: About this task steps: Steps result: Result: next-steps: Next steps --- # Deploying the PingIntelligence policy for AWS Using the PingIntelligence Amazon Web Services (AWS) *(tooltip: \
\

An Amazon subsidiary providing cloud computing platforms.\

\
)* policy tool, deploy the PingIntelligence policy in AWS @Lambda in the North Virginia (US-East-1) region. ## About this task The Lambda function pushes the PingIntelligence policy to the Amazon CloudFront in the local AWS instances. ThePingIntelligence Lamba policy communicates with PingIntelligence ASE to pass request and response metadata and check whether the client request should be blocked or passed to the AWS gateway. | | | | - | --------------------------------------------------------------------------------------- | | | At present, the policy must be initially deployed in North Virginia (US-East-1) region. | To deploy the PingIntelligence policy: ## Steps 1. Run the following command: ``` /opt/pingidentity/pi/aws/bin$ deploy.sh -ca ``` | | | | - | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | When the `deploy.sh` script is run without `ca` option, the policy is deployed using the self-signed certificate, which is included in the PingIntelligence policy. By the running the policy tool, the following two policies are deployed:- Request Lambda - Response Lambda | ### Result: ``` Deploying PI AWS Policy with CA-signed certificate 1) Create IAM Role named PI-Role - status... done 2) Create a policy named LambdaEdgeExecution-PI - status... done 3) Attach LambdaEdgeExecution-PI Policy to Role PI-Role... done 4) Generating policy... done 5) Deploying PI-ASE-Request Lambda... done 6) Fetching PI-ASE-Request Lambda version... done 7) Deploying PI-ASE-Response Lambda... done 8) Fetching PI-ASE-Response Lamda version... done 9) Deploying PI-ASE-Request Lamda CloudFront... done 10) Deploying PI-ASE-Response Lambda CloudFront... done Successfully deployed PI AWS Policy. ``` 2. To check the status of the PingIntelligence policy deployment, run the `status.sh` command: ``` /opt/pingidentity/pi/aws/bin$ status.sh Checking the PI AWS Policy deployment status 1) IAM Role named PI-Role deployment - status... deployed 2) IAM Policy named LambdaEdge-PI deployment - status... deployed 3) PI-ASE-Request Lamda deployment - status... deployed 4) PI-ASE-Response Lamda deployment - status... deployed 5) PI-ASE-Request Lamda CloudFront deployment - status... deployed 6) PI-ASE-Response Lamda CloudFront deployment - status... deployed PI AWS Policy is already installed. ``` ## Next steps PingIntelligence API discovery is a process to discover, and report APIs from your API environment. The discovered APIs are reported in the PingIntelligence Dashboard. APIs are discovered when a global API JavaScript Object Notation (JSON) *(tooltip: \
\

An open, lightweight data-interchange format that uses human-readable text to store and transmit data.\

\
)* is defined in the ASE. For more information, see [API discovery and configuration](../managing_pingintelligence_for_apis/pingintelligence_api_discovery_configuration.html). You can edit the discovered API's JSON definition in the Dashboard before adding them to ASE. For more information on editing and configuring API discovery, see [Discovered APIs](../managing_pingintelligence_for_apis/pingintelligence_discovered_apis.html).