The Deployment Manager simplifies policy updates by enabling policy writers to deploy new policies to a central deployment package store to be read by the PingAuthorize server running in embedded mode.
This process is two-fold:
- Policy writers use the Policy Editor to publish policies in a deployment package to a deployment package store.
- Updated deployment packages are picked up by the PingAuthorize Policy Decision Service from the
deployment package store.Note:
You configure the interval that the server checks for updates in the store during setup.
This feature allows a policy writer to deploy new policies without the manual process of exporting a deployment package that is then uploaded into the server through the administrative console.
About deployment package stores
Deployment package stores that can be used with Deployment Manager are either based on a directory or an Amazon Simple Storage Service (Amazon S3) bucket. Package stores hold deployment packages in a central location that the Policy Editor publishes to and the PingAuthorize server reads from.
Using the Deployment Manager
To use the Deployment Manager you must:
- Define a deployment package store.Note:
Amazon S3 buckets must be configured with a secret key and an access key for use. For a filesystem store, you must have a directory on the filesystem that the Policy Editor has read-write access to.
- Use an options file to configure the Policy Editor to publish policies to a store.
- Create and deploy deployment packages to the deployment package store.
- Add the deployment package store for read access to the PingAuthorize Server.
- Add a new filesystem deployment package store:
- Add a new Amazon S3 deployment package store:
- Configure the Policy Decision Service to read from your deployment package store.