This process is two-fold:

  • Policy writers use the Policy Editor to publish policies in a deployment package to a deployment package store.
  • Updated deployment packages are picked up by the PingAuthorize Policy Decision Service from the deployment package store.

    You configure the interval that the server checks for updates in the store during setup.

This feature allows a policy writer to deploy new policies without the manual process of exporting a deployment package that is then uploaded into the server through the administrative console.

About deployment package stores

Deployment package stores that can be used with Deployment Manager are either based on a directory or an Amazon Simple Storage Service (Amazon S3) bucket. Package stores hold deployment packages in a central location that the Policy Editor publishes to and the PingAuthorize server reads from.

Using the Deployment Manager

To use the Deployment Manager you must:

  1. Define a deployment package store.

    Amazon S3 buckets must be configured with a secret key and an access key for use. For a filesystem store, you must have a directory on the filesystem that the Policy Editor has read-write access to.

  2. Use an options file to configure the Policy Editor to publish policies to a store.
  3. Create and deploy deployment packages to the deployment package store.
  4. Add the deployment package store for read access to the PingAuthorize Server.
  5. Configure the Policy Decision Service to read from your deployment package store.