Deploying the PingIntelligence policy - PingIntelligence for APIs - 5.0

PingIntelligence
bundle
pingintelligence-50
ft:publication_title
PingIntelligence
Product_Version_ce
PingIntelligence for APIs 5.0
category
APISecurity
AdvancedAPICybersecurity
Capability
Environment
OS
Product
apisecurity
capability
linux
pi-50
pingintelligence
private
ContentType_ce
Page created: 12 May 2021 |
Page updated: 1 Nov 2021
| 1 min read

5.0 Capability API Security Advanced API Cybersecurity Linux On-Premises Operating System Hosting Environment PingIntelligence for APIs Product Installation User task Administration Configuration Integration

Use the PingIntelligence automated policy tool to deploy the shared flow.

Using the PingIntelligence automated policy tool, you deploy the shared flow either by the flow hook or the flow callout policy, which is configured in the command line. Choose either the included ASE self-signed certificate or a certificate authority (CA)-signed certificate.

Deploying the PingIntelligence policy for flow hook

Page created: 12 May 2021 |
Page updated: 1 Nov 2021
| 2 min read

5.0 Capability API Security Advanced API Cybersecurity Linux On-Premises Operating System Hosting Environment PingIntelligence for APIs Product Installation User task Administration Configuration Integration

With a flow hook, the PingIntelligence shared flow is applied to all APIs in the environment of an organization.

  1. Deploy the shared flow:

    • Deploy with self-signed certificate: To deploy the PingIntelligence policy with self-signed certificate, run the following command.

      /opt/pingidentity/pi/apigee/bin/deploy.sh -fh 
Checking Apigee connectivity
Apigee connectivity ... success
Generating policies

Deploying PI Apigee policy Flow Hook

1) PingIntelligence-Encrypted-Config-KVM status ... not-applicable
2) PingIntelligence-Config-KVM status ... not-applicable
3) ASE Server status ... deployed
4) Truststore status ... deployed
5) Upload pem file status ... deployed
6) Cache status ... deployed
7) Request policy upload status ... deployed
8) Response policy upload status ... deployed
9) Request policy deployment status ... deployed
10) Response policy deployment status ... deployed
11) Preproxy Flow hook status ... deployed
12) Postproxy Flow hook status ... deployed

Deployment of PI Policy finished successfully

    • Deploy with CA-signed certificate: To deploy the PingIntelligence policy with CA-signed certificate, run the following command.

      /opt/pingidentity/pi/apigee/bin/deploy.sh -fh -ca

Checking Apigee connectivity
Apigee connectivity ... success
Generating policies

Deploying PI Apigee policy Flow Hook

1) PingIntelligence-Encrypted-Config-KVM status ... not-applicable
2) PingIntelligence-Config-KVM status ... not-applicable
3) ASE Server status ... deployed
4) Truststore status ... not-applicable - running using CA signed certificate
5) Upload pem file status ... not-applicable - running using CA signed certificate
6) Cache status ... deployed
7) Request policy upload status ... deployed
8) Response policy upload status ... deployed
9) Request policy deployment status ... deployed
10) Response policy deployment status ... deployed
11) Preproxy Flow hook status ... deployed
12) Postproxy Flow hook status ... deployed

Deployment of PI Policy finished successfully
  2. After you deploy the flow hook using the PingIntelligence tool, to verify the status of the deployment, run the following command. 
    /opt/pingidentity/pi/apigee/bin/status.sh
Checking Apigee connectivity
Apigee connectivity ... success

Checking the PI Apigee Policy Flow Hook deployment status

1) PingIntelligence-Config-KVM status ... not applicable
2) PingIntelligence-Encrypted-Config-KVM status ... not applicable
3) ASE target status ... deployed
4) Cache status ... deployed
5) Truststore status ... deployed
6) Request Policy status ... deployed
7) Response Policy status ... deployed
8) Preproxy hook status ... deployed
9) Postproxy hook status ... deployed


PI Apigee Policy is already installed

Deploying the PingIntelligence policy for Flow Callout

Page created: 12 May 2021 |
Page updated: 1 Nov 2021
| 2 min read

5.0 Capability API Security Advanced API Cybersecurity Linux On-Premises Operating System Hosting Environment PingIntelligence for APIs Product Installation User task Administration Configuration Integration

In the Flow Callout, the PingIntelligence policy is applied on a per API basis in the environment of an organization.

  1. Deploy the shared flow:
    • Deploy with self-signed certificate: To deploy the PingIntelligence policy with self-signed certificate, run the following command.
      /opt/pingidentity/pi/apigee/bin/deploy.sh -fc 
Checking Apigee connectivity
Apigee connectivity ... success
Generating policies

Deploying PI Apigee policy Flow Call Out

1) PingIntelligence-Encrypted-Config-KVM status ... not-applicable
2) PingIntelligence-Config-KVM status ... not-applicable
3) ASE Server status ... deployed
4) Truststore status ... deployed
5) Upload pem file status ... deployed
6) Cache status ... deployed
7) Request policy upload status ... deployed
8) Response policy upload status ... deployed
9) Request policy deployment status ... deployed
10) Response policy deployment status ... deployed
11) Preproxy Flow call out status ... deployed
12) Postproxy Flow call out status ... deployed

Deployment of PI Policy finished successfully
    • Deploy with CA-signed certificate: To deploy the PingIntelligence policy with CA-signed certificate, run the following command.
      bin/deploy.sh -fc -ca

Checking Apigee connectivity
Apigee connectivity ... success
Generating policies

Deploying PI Apigee policy Flow Call Out

1) PingIntelligence-Encrypted-Config-KVM status ... not-applicable
2) PingIntelligence-Config-KVM status ... not-applicable
3) ASE Server status ... deployed
4) Truststore status ... not-applicable - running using CA signed certificate
5) Upload pem file status ... not-applicable - running using CA signed certificate
6) Cache status ... deployed
7) Request policy upload status ... deployed
8) Response policy upload status ... deployed
9) Request policy deployment status ... deployed
10) Response policy deployment status ... deployed
11) Preproxy Flow call out status ... deployed
12) Postproxy Flow call out status ... deployed

Deployment of PI Policy finished successfully
  2. After deploying the Flow Call Out using the PingIntelligence tool, to verify the status of the deployment, run the following command. 
    /opt/pingidentity/pi/apigee/bin/status.sh
Checking Apigee connectivity
Apigee connectivity ... success

Checking the PI Apigee Policy Flow Call Out deployment status

1) PingIntelligence-Config-KVM status ... not applicable
2) PingIntelligence-Encrypted-Config-KVM status ... not applicable
3) ASE target status ... deployed
4) Cache status ... deployed
5) Truststore status ... deployed
6) Request Policy status ... deployed
7) Response Policy status ... deployed
8) Preproxy call out status ... deployed
9) Postproxy call out status ... deployed


PI Apigee Policy is already installed