Configuring the Policy Editor to publish policies to a deployment package store - PingAuthorize

Configuring the Policy Editor to publish policies to a deployment package store - PingAuthorize - 9.1

PingAuthorize

bundle

pingauthorize-91

ft:publication_title

PingAuthorize

Product_Version_ce

PingAuthorize 9.1

category

ContentType

Product

Productdocumentation

paz-91

pingauthorize

ContentType_ce

Product documentation

Use an options file to configure the Policy Editor.

To use the Deployment Manager feature, you must configure the Policy Editor to publish policies to a deployment package store in the options file’s deploymentPackageStores section.

For more information, see Using the Deployment Manager.

Make a copy of the default options file.
```
$ cp config/options.yml my-options.yml
```

To define a deployment package store or stores for the Policy Editor to publish policies to, edit the deploymentPackageStores section of the new options file.

The file contains commented out examples of different deployment package store types.

Duplicate the desired deployment package store type, uncomment, and modify its values according to your deployment.

Important:

The use of indentation in the options.yml file is important. When removing comment hashes, ensure that you retain valid YAML file indentation structure.
For an Azure deployment package store, record the prefix you define for the deployment package store. You will need the prefix for PingAuthorize Server configuration.

deploymentPackageStores:
  # Define deployment package store publishing targets here.
  #
  # - name: Filesystem store
  #   description: File system directory store
  #   type: filesystem
  #   path: /path/to/deployment-package-store/
  # - name: Signed filesystem store
  #   description: Signed file system directory store
  #   type: filesystem
  #   path: /path/to/signed-deployment-package-store/
  #   securityLevel: signed
  #   keystore:
  #     resource: /path/to/deployment-package-signing-keystore.jks
  #     password: keystore-password
  #   signingKey:
  #     alias: signing-cert-alias
  #     password: private-key-password
  # - name: S3 bucket store
  #   description: AWS S3 bucket store
  #   type: s3bucket
  #   securityLevel: unsigned-or-signed
  #   config:
  #     bucket: store-bucket-name
  #     prefix: store-prefix
  #     endpoint: https://s3-bucket-endpoint.aws-region.amazonaws.com
  #     region: aws-s3-bucket-region
  #     accessKey: aws-access-key
  #     secretKey: aws-secret-key
  #  Other deployment package store types omitted for brevity...

Stop the Policy Editor.
```
$ bin/stop-server
```

Run setup using the --optionsFile argument.

$ bin/setup demo \
  --adminUsername admin \
  --generateSelfSignedCertificate \
  --decisionPointSharedSecret pingauthorize \
  --hostname  <pap-hostname> \
  --port  <pap-port> \
  --adminPort  <admin-port> \
  --licenseKeyFile  <path-to-license> \
  --optionsFile my-options.yml

Start the Policy Editor.
```
$ bin/start-server
```
To verify that your deployment package store or stores are available in the Policy Editor, go to Branch Manager > Deployment Manager.