Note: this component stores cluster-wide configuration data and is mirrored across all servers in the topology within the the same cluster.
Note: changes to cluster-wide configuration objects are immediately and automatically mirrored across all servers within the same cluster, so offline changes are not supported.
An S3 Deployment Package Store represents a location in an AWS S3 Buckets from which deployment packages may be imported.
↓Parent Component
↓Properties
↓dsconfig Usage
The S3 Deployment Package Store component inherits from the Deployment Package Store
The properties supported by this managed object are as follows:
| General Configuration Basic Properties: | Advanced Properties: |
|---|---|
| ↓ poll-interval | None |
| ↓ s3-bucket-name | |
| ↓ s3-bucket-prefix | |
| ↓ s3-server-endpoint | |
| ↓ s3-region-name | |
| ↓ s3-access-key-id | |
| ↓ s3-secret-key | |
| Policy Security Basic Properties: | Advanced Properties: |
| None | ↓ deployment-package-security-level |
| ↓ deployment-package-trust-store | |
| ↓ deployment-package-verification-key-nickname |
| Property Group | General Configuration |
| Description | Specifies how often the PingAuthorize Server server scans the Deployment Package Store for new deployment packages. If the value of poll-interval is 0, then the server will not scan for new packages after the store is initialized. |
| Default Value | 0 s |
| Allowed Values | A duration. Lower limit is 0 seconds. |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
| Property Group | General Configuration |
| Description | The name of the S3 bucket to poll for deployment packages. |
| Default Value | None |
| Allowed Values | A string |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
| Property Group | General Configuration |
| Description | The prefix value of the S3 bucket to poll for deployment packages. |
| Default Value | None |
| Allowed Values | A string |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
| Property Group | General Configuration |
| Description | The endpoint of the S3 server. |
| Default Value | The server endpoint will be automatically determined by the region. |
| Allowed Values | A string |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Property Group | General Configuration |
| Description | The region of the S3 server. |
| Default Value | The default region provider chain will be used to determine the region. |
| Allowed Values | A string |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Property Group | General Configuration |
| Description | The access key ID used to authenticate to the S3 bucket. |
| Default Value | None |
| Allowed Values | A string |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Property Group | General Configuration |
| Description | The secret key used to authenticate to the S3 bucket. |
| Default Value | None |
| Allowed Values | A string |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
deployment-package-security-level (Advanced Property)
| Property Group | Policy Security |
| Description | Specifies how the PingAuthorize Server server verifies the integrity of a deployment package loaded from this Deployment Package Store. All deployment packages include a message digest that the PingAuthorize Server server uses to verify that the contents of a deployment package have not been altered. A deployment package may also be cryptographically signed. By default, this property is set to "unsigned", meaning that the PingAuthorize Server server will accept any deployment package with a valid digest but will not verify the deployment package's signature, if one is present. Configure this property to "signed" to additionally require that a deployment package was created by a trusted Policy Editor. If this property is set to "signed", then the following properties must also be configured:
|
| Default Value | unsigned |
| Allowed Values | unsigned - The deployment package signature will not be verified. signed - The deployment package must be signed and trusted. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
deployment-package-trust-store (Advanced Property)
| Property Group | Policy Security |
| Description | Specifies the trust manager provider containing the public signing key certificate used to verify a deployment package. This is only used if the value of the deployment-package-security-level property is "signed". The trust manager provider specified by this property must refer to a trust store containing the public signing key certificate used by the Policy Editor that created the deployment package. |
| Default Value | None |
| Allowed Values | The DN of any File Based Trust Manager Provider. Any trust manager provider assigned to the Deployment Package Store must be enabled. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
deployment-package-verification-key-nickname (Advanced Property)
| Property Group | Policy Security |
| Description | Specifies the nickname (also called the alias) of the public signing key certificate used to verify a deployment package. This is only used if the value of the deployment-package-security-level property is "signed". The value of this property must refer to the public signing key certificate included in the trust store designated by the deployment-package-trust-store property. |
| Default Value | None |
| Allowed Values | A string |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
To list the configured Deployment Package Stores:
dsconfig list-deployment-package-stores
[--property {propertyName}] ...
To view the configuration for an existing Deployment Package Store:
dsconfig get-deployment-package-store-prop
--store-name {name}
[--tab-delimited]
[--script-friendly]
[--property {propertyName}] ...
To update the configuration for an existing Deployment Package Store:
dsconfig set-deployment-package-store-prop
--store-name {name}
(--set|--add|--remove) {propertyName}:{propertyValue}
[(--set|--add|--remove) {propertyName}:{propertyValue}] ...
To create a new S3 Deployment Package Store:
dsconfig create-deployment-package-store
--store-name {name}
--type s3
--set s3-bucket-name:{propertyValue}
--set s3-bucket-prefix:{propertyValue}
[--set {propertyName}:{propertyValue}] ...
To delete an existing Deployment Package Store:
dsconfig delete-deployment-package-store
--store-name {name}