The containers must be on the same Docker network to communicate properly.

Sign on to the Policy Administration GUI. For more information, see Signing on to the PingDataGovernance Policy Administration GUI and import a policy snapshot. You can find a set of default policies in the resource/policies/defaultPolicies.SNAPSHOT file.

To configure PingDataGovernance Server to use the Policy Administration GUI, use dsconfig or the Administrative Console to create a Policy External Server to represent the Policy Administration GUI, then assign the Policy External Server to the Policy Decision Service and configure it to use external PDP mode. Also, set the Trust Framework Version to the current version, v2.

Consider the following example. Assume a container named pingdatagovernance and that no files are needed from the file system. The following commands run dsconfig from within the container.

docker exec pingdatagovernance /opt/out/instance/bin/dsconfig create-external-server \
  --server-name "Policy Administration GUI" \
  --type policy \
  --set "base-url:https://<pap-hostname>:<pap-port>" \
  --set "shared-secret:2FederateM0re" \
  --set "branch:Default Policies"
docker exec pingdatagovernance /opt/out/instance/bin/dsconfig set-policy-decision-service-prop \
  --set pdp-mode:external \
  --set "policy-server:Policy Administration GUI" \
  --set trust-framework-version:v2

In the example, the base URL consists of the host name and port chosen for the Policy Administration GUI during setup. The shared secret value is 2FederateM0re by default. The branch name corresponds to the branch name that you chose when importing your policy snapshot.