Integration

Integrate Cloud Pak with Verify¶

The final step is to deploy the JobSpec to triggers the Cloud Pak to Verify integration.

1.Apply JobSpec into cluster

#oc apply -f 3-execute

Wait 5 mins before continuing with post checks.

2.Post checks- Check Verify job logs

Get job pod name, example output below.

#oc get pods -n verify

NAME                            READY   STATUS      RESTARTS   AGE

cp4x-verify-integration-k8rt9   0/1     Completed   0          16h

Check HTTP return codes are 200, example of successful job run below.

#oc logs cp4x-verify-integration-k8rt9 -n verify | egrep "200 |complete$"

< HTTP/1.1 200 OK

< HTTP/1.1 200 OK

< HTTP/2 200

< HTTP/2 200

< HTTP/2 200

< HTTP/2 200

< HTTP/2 200

< HTTP/2 200

< HTTP/2 200

< HTTP/1.1 200 OK

Verify integration complete

If log output doesn’t match above review job logs to troubleshoot issue. To retry Verify integration delete the job and reapply job spec yaml

3.Log into CP console

Get CP console URL

#oc get route cp-console -n ibm-common-services

Browse to https://cp-console-url and confirm it shows “Enterprise SAML“ as authentication type. If not available check Verify job logs for errors.

Click “Enterprise SAML“ then link “Sign in with IBMid“ show below.

Continue sign in with w3 credentials to access the console. Note: User access to CloudPak’s should now be managed via Verify instance. Admins need to add you as a CP user to have access to CP specific services.

4.Limit API permission in Verify

Update API account permissions created in Section "Configure Verify". API accounts should always be given least privileges possible.

Congratulation you've successfully integrated your Cloud Pak with Security Verify.