Configure Data Security Broker Manager

Prerequisites

Before you begin configuring Data Security Broker Manager, ensure you meet the following requirements:

• Data Security Broker Manager must have been installed.

• Load Balancer URL is required to access the Data Security Broker Manager.

  To obtain the Load_balancer_url of the dsb-nginx service, perform the following steps.

  • Log into your IBM Cloud account.

  • Select Resource List from the left navigation menu. Click Containers to view the list of clusters.

  • Select the cluster where you have installed the Data Security Broker Manager instance.

IBM Cloud® Kubernetes Service

• If you have installed the Data Security Broker Manager in a public IBM Cloud Kubernetes Service cluster, follow the below steps:

• Click Kubernetes Dashboard from the cluster, where you have installed Data Security Broker Manager.

• Select the namespace from the drop-down, on which you have installed the Data Security Broker Manager.

• Navigate to Services to view the list of Data Security Broker Manager services running in the namespace.

• Fetch the LoadBalancer IP from the External Endpoints column for the dsb-nginx service.

Red Hat® OpenShift®

• If you have installed the Data Security Broker Manager in a public Red Hat OpenShift cluster, click Openshift web console from the cluster.

• Click Projects in the left navigation menu and select the project from the drop-down, on which you have installed the Data Security Broker Manager.

• Navigate to Networking -> Routes to view the list of Data Security Broker Manager services running in the project.

• Fetch the Data Security Broker Manager URL from the Locations column for the dsb-nginx service.

If you have installed the Data Security Broker in a private VPC cluster, follow the instructions in the Deployment models for Data Security Broker section to fetch the Data Security Broker Manager URL.

To configure Data Security Broker Manager, perform the following steps

1. Copy the load_balancer_url from the Kubernetes dashboard for the IKS cluster or from the Openshift web console for the ROKS cluster.

2. Open a browser window and paste the load_balancer_url in the following format:

   https://<load balancer url without the port number>
   

   Example: If the LoadBalancer IP is http://150.238.243.117:443/, specify the IP in the format https://150.238.243.117

   The warning Your connection is not private is displayed.

3. Click Advanced, and click the Proceed to link at the bottom of the page.

4. The Getting Started dialog to proceed with the configuration of the Data Security Broker Manager appears.

5. Configure the basic System Settings by entering the Init Password, Organization name, Domain name, and Proxy access, and click Continue.

   

   • The Init Password field must contain the same password that you specified for the secrets.initPass parameter during the Data Security Broker Manager installation.
   • The domain name is part of the email, followed after the "@" character. For example, if the email specified is test@xyz.example.com, the domain name must be specified as example.com. The domain name that you enter must match in step 1 and step 2 or the domain name in step 2 can be a subset of the domain name specified in the step 1.
   • The proxy access name is the name that is responsible for the connectivity from Proxy to Data Security Broker Manager (the IP, or DNS, or the Service Name). For example, specify dsb-nginx, if you do not have any Proxy configured.

6. Create an Admin Account for the initial Data Security Broker Manager administrator by specifying the email address in the Configure Super Admin User page. This account is used to configure the subsequent components such as the keystore, data store connections, and Data Security Broker Shields. Click Continue.

7. Once you complete the configuration process for the Data Security Broker Manager, the next step is to log in to the Data Security Broker Manager using the steps mentioned in the Login to Data Security Broker Manager section.