Prerequisites
Deploy Quickstart
To get started, follow the instructions from the Anjuna Policy Manager Secure Deployments repo on Github. The repo includes scripts to quickly deploy the Anjuna Policy Manager.
Installing the Anjuna Policy Manager CLI
Once you have a running instance of the Anjuna Policy Manager (APM), you can perform administrative operations using the APM CLI.
Access the Anjuna Resource Center to get the Anjuna Policy Manager — anjuna-policy-manager.2.0.0003.tar.gz
Extract the APM tarfile:
$ tar -xvzf anjuna-policy-manager.2.0.0003.tar.gz
Optional - Install the APM CLI on your system:
$ sudo mv anjuna-policy-manager /usr/local/bin
Configuring the Anjuna Policy Manager CLI
The APM CLI needs to know how to connect to and verify the APM Server.
In the apm-secure-deployments scripts,
these configuration steps are automatically performed by client_env.sh .
The following manual steps are only necessary if you deploy the APM in a different way.
|
First, set the address of the APM Server:
$ export ANJUNA_ADDR="https://<anjuna policy manager server hostname>:8200"
Alternatively, set the --addr
command-line parameter when you call the APM CLI.
Second, set the management authentication token of the APM Server:
$ export ANJUNA_TOKEN="<anjuna policy manager token>"
Alternatively, set the --token
command-line parameter when you call the APM CLI.
Third, set the CA certificate to verify the APM’s TLS certificate against it:
$ export ANJUNA_CACERT="<path to ca cert file, PEM-encoded>"
Alternatively, set the --ca-cert
command-line parameter when you call the APM CLI.
Suppose you are not using an FQDN (fully qualified domain name) for the Anjuna Policy Manager.
In that case,
you must update your local /etc/hosts
file in order to point the APM’s
hostname to the right IP address.
This operation requires root permissions (sudo
).
$ echo "<ip address> <apm hostname, defaults to apm-server.test>" | sudo tee -a /etc/hosts