ibmcom/identity-brokerage
IBM Security Verify Identity Brokerage is a new gateway to directly integrate IBM® Security Verify with on-prem targets using IBM® Security Identity Manager Adapters. The on-prem targets can then be managed by performing Identity Provisioning and Account Synchronization operations on them from IBM® Security Verify.
docker pull ibmcom/identity-brokerage:latest
docker run --rm ibmcom/identity-brokerage:latest license
docker pull ibmcom/verify-bridge:latest
docker run --rm ibmcom/verify-bridge:latest license
NOTE: It is mandatory to accept the license for deploying IBM Verify Bridge for Authentication and IBM Security Verify Identity Brokerage with [parameter - LICENSE_ACCEPT: “yes”] in docker-compose.yml file.
version: '3'
volumes:
postgres-vol:
broker-vol:
services:
ib-init:
image: 'registry.access.redhat.com/ubi8/ubi'
container_name: ib-init
entrypoint: /bin/sh
command: -c " [ -d /postgres/certs ] && echo "exiting..." && exit 0; mkdir -p /broker/certs; mkdir -p /broker/common; chown -R 1001:1001 /broker/; yum install -y openssl; mkdir -p /postgres/certs; cd /postgres/certs; openssl req -new -text -passout pass:secret -subj /CN=ibdb -out server.req -keyout privkey.pem; openssl rsa -in privkey.pem -passin pass:secret -out server.key; openssl req -x509 -days 7300 -in server.req -text -key server.key -out server.crt; chmod 600 server.key; mkdir -p /postgres/ibdb/ilc_ib_data; mkdir -p /postgres/ibdb/ilc_ib_indx; mkdir -p /postgres/ibdb/ilc_ib_blob; chown -R 70:70 /postgres/;"
volumes:
- postgres-vol:/postgres
- broker-vol:/broker
ibdb:
image: postgres:12-alpine
container_name: ibdb
shm_size: 1gb
entrypoint: /bin/bash
command: -c "echo 'Starting'; while true; do echo 'waiting for ib-init to complete...' && sleep 2 ; [ -d /var/lib/postgresql/data/ibdb/ilc_ib_blob ] && break; done; /usr/local/bin/docker-entrypoint.sh postgres -c ssl=on -c ssl_cert_file=/var/lib/postgresql/data/certs/server.crt -c ssl_key_file=/var/lib/postgresql/data/certs/server.key;"
user: postgres
restart: always
depends_on:
- ib-init
environment:
POSTGRES_USER: "postgres"
POSTGRES_PASSWORD: "ideas"
POSTGRES_DB: "ibdb"
PGDATA: /var/lib/postgresql/data/db-files/
ports:
- "5432:5432"
volumes:
- postgres-vol:/var/lib/postgresql/data
identity-brokerage:
image: ibmcom/identity-brokerage
container_name: identity-brokerage
depends_on:
- ib-init
- ibdb
environment:
LICENSE_ACCEPT: "yes"
HOSTNAME: "identity-brokerage"
DB_SERVICE_NAME: "ibdb"
TRACE: "enabled"
SCIM_USER: "<>"
SCIM_USER_PASSWORD: "<>"
RECONCILIATION_FAILURETHRESHOLD_VALUE: "75"
restart: always
ports:
- "8443:8443"
volumes:
- broker-vol:/store
verify-bridge:
image: ibmcom/verify-bridge:latest
container_name: verify-bridge
depends_on:
- ib-init
- ibdb
- identity-brokerage
environment:
LICENSE_ACCEPT: "yes"
TRACE: "true"
TENANT_URI: "<>"
CLIENT_ID: "<>"
CLIENT_SECRET: "<>"
restart: always
NOTE:
docker-compose -f docker-compose.yml up -d
docker stop verify-bridge identity-brokerage ibdb
docker rm verify-bridge identity-brokerage ibdb
docker-compose -f docker-compose.yml pull
docker-compose -f docker-compose.yml up -d
docker ps
docker logs -f <container_name>
docker pull ibmcom/identity-brokerage