Skip to main content

Importing SecureAuth Configuration Using Import Job

This article provides instructions on configuring import job for importing the SecureAuth platform configuration.

About Import Job

The SecureAuth platform enables DevSecOps engineers to import its configuration according to the GitOps approach, where all configuration is stored within a Git repository. There is possibility to declarativly import configuration that stores tenants, servers, clients and much more.

To learn more about declarative configuration, see Declarative Configuration.

Prerequisites

  • Kubernetes cluster v1.16+

  • Helm v3.0+

Configure Import Job

There are two ways to proceed with import:

  • Helm chart built-in job

    This import job is recommended to be used for the SecureAuth platform deployed on Kubernetes with Helm Charts. For other deployments using the dedicated acp-cd Helm Chart described below is more convenient.

    It will create Helm hook to create K8s job which utilizes SecureAuth import command.

    Enable migrate job and provide data sample:

    importJob:
  enabled: true
  data:
    policies:
      - tenant_id: mytenant
        server_id: myworkspace
        id: block_test_policy
        policy_name: block_test
        language: cloudentity
        type: api
        validators:
          - name: "false"

  • Dedicated acp-cd helm chart

    As the configuration for declarative import could be complex, it will make values file less readable then it should. Additionally import job is done once ACP is running so it could be considered as provisioning task, not deployment one. For those reasons, you have a choice to use dedicated acp-cd helm chart to configure your SecureAuth deployment.

    To learn more about acp-cd, see the Install acp-cd Helm Chart documentation.

In this section: