Example: Configure external PDP mode - PingDataGovernance

Example: Configure external PDP mode - PingDataGovernance - 8.2

PingDataGovernance

bundle

pingdatagovernance-82

ft:publication_title

PingDataGovernance

Product_Version_ce

PingDataGovernance 8.2

category

Product

pdg-82

pingdatagovernance

ContentType_ce

Page created: 22 Jul 2020 |

Page updated: 9 Feb 2021

| 1 min read

8.2 PingDataGovernance Product Administration User task Product documentation Content Type Data Governance Capability

To configure PingDataGovernance Server to use external PDP mode, use dsconfig or the Administrative Console to create a Policy External Server to represent the Policy Administration GUI, then assign the Policy External Server to the Policy Decision Service and set the PDP mode.

dsconfig create-external-server \
  --server-name "Policy Administration GUI" \
  --type policy \
  --set "base-url:https://<pap-hostname>:<pap-port>" \
  --set "shared-secret:datagovernance" \
  --set "branch:Default Policies" \

dsconfig set-policy-decision-service-prop \
  --set pdp-mode:external \
  --set "policy-server:Policy Administration GUI"

In this example, the shared-secret value corresponds to the decision point shared secret value chosen or generated while installing the Policy Administration GUI. The branch is the name of a policy branch in the Policy Administration GUI, and the decision-node value is the ID of a node in the policy tree that will be considered first during policy processing.

To find a decision node:

In the Policy Administration GUI, go to Policies.
Select the node that you want to use as the root node.
This is typically the top-level node of your policy tree.
Click the three-line icon and select Copy ID to clipboard.

Screen capture of the Polices tab showing the Copy ID to clipboard option.