SlideShare a Scribd company logo

Securing the Automation of Application Deployment with UrbanCode Deploy

IBM UrbanCode Products
IBM UrbanCode Products

If you are contemplating the automation of application deployment or already doing it today with UrbanCode Deploy, you want to know that the proper checks and approvals are occurring at the right stages in your deployment process. These approvals can ensure that an application meets all requirements before it can deployed to an environment. This risk is that unsecured applications are vulnerable to someone inadvertently changing them or running them too soon or at the wrong time. In this session you learn how to create teams and roles for a project and set up notifications and gates. You learn how to create authentication and authorization realms and permissions.

Software
1 of 26
Download to read offline
© IBM Corporation 1 Presented by: Securing the Automation of Application Deployment with UrbanCode Deploy Joanne Scouler WW Cloud Sales Enablement jscouler@us.ibm.com @joscouler on twitter Thomas Hudson Information Architect thudson@us.ibm.com November 5, 2015
© IBM Corporation 2 Security agenda – Steps in setting up security – Authorization – Authentication – Role configuration – Guidance on configuring roles and permissions – Security model – Security model example – Team configuration – Approvals and notifications – Statuses and gates
© IBM Corporation 3 Security objectives In this module you learn how to: • Create authorization realms and user groups • Manage users in authentication realms • Create and define roles and permissions for security • Create teams • Set up notifications and approvals • Set up statuses and gates
© IBM Corporation 4 Guidelines for setting up security 1. Create an authorization realm. Authorization realms handle user groups. 2. Create an authentication realm. The authentication realm is used to determine a user's identity within an authorization realm. (LDAP, AD, or SSO) 3. Create roles and define permissions for them. For most situations, the default permission types should be adequate. 4. Create or import users. 5. Create teams and assign users to them.
© IBM Corporation 5 IBM UrbanCode Deploy security
© IBM Corporation 6 Authorization realms The Authorization Realms pane is used to create authorization realms and user groups. Groups can be imported from external systems, such as LDAP.
© IBM Corporation 7 Authentication realms • Authentication realms determine user identity within authorization realms. • Users can be created manually or imported from external systems.
© IBM Corporation 8 Role configuration – Roles provide permissions to users. – A role is a set of permissions. Typically, the permissions in a role define a particular activity that a user might do. IBM® UrbanCode Deploy provides one role, the Administrator role, which has all available permissions. – Users are granted permissions by being assigned to roles. When assigned to a role, a user is automatically granted all permissions that are defined for the role. Typical activities include changing or running an item, such as an application process, or modifying security settings.
© IBM Corporation 9 Role configuration
© IBM Corporation 10 Guidance on configuring roles and permissions When defining the roles for your organization, start by keeping the roles simple, but sufficient to carry out the appropriate work. Role Permissions Configurator Resources (Create, Edit, View) Application (Create, Edit, Manage Snapshots, Run Comp Process, View) Environment (Create, Edit, Execute, View) Component (Create, Edit, Manage Versions, View) Component Template (Create, Edit, View) Release Engineer ( Resources (View) Application (View, Manage Snapshots, Run Component Applications) Environment (View and Execute) Component (View) Component Template (View) Approver Resources (View) Application (View) Environment (View and Execute) Component (View) Component Template (View)
© IBM Corporation 11 Kinds of permissions – Permissions generally fall into one of the following categories: • The ability to view, modify or work with a specific object. • The ability to create new object • The ability to see some element of the User Interface • The ability to manipulate the system/security as a whole, such as the ability to define users and groups – Permissions are cumulative • One user may be assigned multiple roles on multiple teams. When considering a specific capability, such as the ability to edit a certain object, a user may have multiple relevant roles in relationship to that object. Permissions are cumulative – as long as there is one role that provides the given Permission, the user has the Permission, even if other roles don't provide the Permission.
© IBM Corporation 12 Team and role-based security model
© IBM Corporation 13 Security model example
© IBM Corporation 14 Security model – Defining roles
© IBM Corporation 15 Security model – Defining roles
© IBM Corporation 16 Team lead role • It is useful to have role that manages team membership without requiring the Administrator. • Give the Add Team Members permission to the role designed to manage the team. • Users with this role can add and remove users from their team. • Access the team manager feature by selecting My Profile > My Teams.
© IBM Corporation 17 Defining and maintaining roles When you select an object, it lists all of the defined Types of that object. You define permissions by Type within a role. You can select the menus that the role will be able to see in the Web User Interface
© IBM Corporation 18 Mapping objects to a team • To create an object, you must have the Create permission for the object type. To create a component, for example, you must have a role with the Create Component permission. • When you create an object, such as a component, your teams are automatically mapped to the object. You can change your user preferences to modify this behavior. • To map a team to an existing object, you must have a role with the Manage Security permission.
© IBM Corporation 19 Steps for setting up approvals 1. Ensure that the users doing the approval belong to the appropriate role 2. Enable approvals on the desired environment 3. Identify the roles that will provide the approval 4. Define the approval process on the application
© IBM Corporation 20 Define statuses for components Define the set of component version statuses
© IBM Corporation 21 Define the gates on environments On the Application configuration, define the gates
© IBM Corporation 22 Resources – A Guide to Security Configuration in IBM UrbanCode Deploy – UrbanCode Deploy Knowledge Center
© IBM Corporation 23 Summary In this module you learned how to: • Create and define roles and permissions for security • Manage users in authentication realms • Create authorization realms and user groups • Create teams • Set up notifications and approvals • Create statuses and gates
© IBM Corporation 24 Learn More About IBM UrbanCode Deploy – Visit UrbanCode Online: • https://developer.ibm.com/urbancode/ – View UrbanCode Product Forums: • https://developer.ibm.com/answers/smart-spaces/23/urbancode.html – Request a Demo of IBM UrbanCode Deploy • https://ibm.biz/demo-urbancode-deploy
© IBM Corporation 25© IBM Corporation 25 Questions
© IBM Corporation 26© IBM Corporation 26 Accelerating Digital Business

Recommended

Helping Organizations Realize the Value of DevOps with Continuous Software De...
Helping Organizations Realize the Value of DevOps with Continuous Software De...Helping Organizations Realize the Value of DevOps with Continuous Software De...
Helping Organizations Realize the Value of DevOps with Continuous Software De...
IBM UrbanCode Products
 
Adopting DevOps in a Hybrid Cloud Featuring UrbanCode Deploy with Bluemix
Adopting DevOps in a Hybrid Cloud Featuring UrbanCode Deploy with BluemixAdopting DevOps in a Hybrid Cloud Featuring UrbanCode Deploy with Bluemix
Adopting DevOps in a Hybrid Cloud Featuring UrbanCode Deploy with Bluemix
IBM UrbanCode Products
 
IBM UrbanCode Deploy Quick Start Service Offering
IBM UrbanCode Deploy Quick Start Service OfferingIBM UrbanCode Deploy Quick Start Service Offering
IBM UrbanCode Deploy Quick Start Service Offering
IBM Rational software
 
Improving Software Delivery with DevOps & Software Defined Environments | The...
Improving Software Delivery with DevOps & Software Defined Environments | The...Improving Software Delivery with DevOps & Software Defined Environments | The...
Improving Software Delivery with DevOps & Software Defined Environments | The...
IBM UrbanCode Products
 
Fundamentals of Deploy and Release
Fundamentals of Deploy and ReleaseFundamentals of Deploy and Release
Fundamentals of Deploy and Release
IBM UrbanCode Products
 
Application slides
Application slidesApplication slides
Application slides
IBM Rational software
 
Avoiding the Release Weekend
Avoiding the Release Weekend Avoiding the Release Weekend
Avoiding the Release Weekend
IBM UrbanCode Products
 
The Next Generation of Continuous Delivery
The Next Generation of Continuous DeliveryThe Next Generation of Continuous Delivery
The Next Generation of Continuous Delivery
IBM UrbanCode Products
 

Recommended

Helping Organizations Realize the Value of DevOps with Continuous Software De...
Helping Organizations Realize the Value of DevOps with Continuous Software De...Helping Organizations Realize the Value of DevOps with Continuous Software De...
Helping Organizations Realize the Value of DevOps with Continuous Software De...
IBM UrbanCode Products
 
Adopting DevOps in a Hybrid Cloud Featuring UrbanCode Deploy with Bluemix
Adopting DevOps in a Hybrid Cloud Featuring UrbanCode Deploy with BluemixAdopting DevOps in a Hybrid Cloud Featuring UrbanCode Deploy with Bluemix
Adopting DevOps in a Hybrid Cloud Featuring UrbanCode Deploy with Bluemix
IBM UrbanCode Products
 
IBM UrbanCode Deploy Quick Start Service Offering
IBM UrbanCode Deploy Quick Start Service OfferingIBM UrbanCode Deploy Quick Start Service Offering
IBM UrbanCode Deploy Quick Start Service Offering
IBM Rational software
 
Improving Software Delivery with DevOps & Software Defined Environments | The...
Improving Software Delivery with DevOps & Software Defined Environments | The...Improving Software Delivery with DevOps & Software Defined Environments | The...
Improving Software Delivery with DevOps & Software Defined Environments | The...
IBM UrbanCode Products
 
Fundamentals of Deploy and Release
Fundamentals of Deploy and ReleaseFundamentals of Deploy and Release
Fundamentals of Deploy and Release
IBM UrbanCode Products
 
Application slides
Application slidesApplication slides
Application slides
IBM Rational software
 
Avoiding the Release Weekend
Avoiding the Release Weekend Avoiding the Release Weekend
Avoiding the Release Weekend
IBM UrbanCode Products
 
The Next Generation of Continuous Delivery
The Next Generation of Continuous DeliveryThe Next Generation of Continuous Delivery
The Next Generation of Continuous Delivery
IBM UrbanCode Products
 
UrbanCode Deploy course and product overview slides
UrbanCode Deploy course and product overview slidesUrbanCode Deploy course and product overview slides
UrbanCode Deploy course and product overview slides
IBM Rational software
 
UrbanCode Deploy and Docker Containers Connect the Dots
UrbanCode Deploy and Docker Containers Connect the DotsUrbanCode Deploy and Docker Containers Connect the Dots
UrbanCode Deploy and Docker Containers Connect the Dots
IBM UrbanCode Products
 
Mobile to mainframe - The Challenges and Best Practices of Enterprise DevOps
Mobile to mainframe - The Challenges and Best Practices of Enterprise DevOps Mobile to mainframe - The Challenges and Best Practices of Enterprise DevOps
Mobile to mainframe - The Challenges and Best Practices of Enterprise DevOps
IBM UrbanCode Products
 
Death to Manual Deployments
Death to Manual DeploymentsDeath to Manual Deployments
Death to Manual Deployments
IBM UrbanCode Products
 
Product Overview: The New IBM UrbanCode Deploy 6.0
Product Overview: The New IBM UrbanCode Deploy 6.0Product Overview: The New IBM UrbanCode Deploy 6.0
Product Overview: The New IBM UrbanCode Deploy 6.0
IBM UrbanCode Products
 
DMT-2467 Like the Features in Rational DOORS 9? Come Check Them Out in DOORS...
DMT-2467 Like the Features in Rational DOORS 9? Come Check Them Out in DOORS...DMT-2467 Like the Features in Rational DOORS 9? Come Check Them Out in DOORS...
DMT-2467 Like the Features in Rational DOORS 9? Come Check Them Out in DOORS...
IBM Rational software
 
Continuous Application Delivery to WebSphere - Featuring IBM UrbanCode
Continuous Application Delivery to WebSphere - Featuring IBM UrbanCodeContinuous Application Delivery to WebSphere - Featuring IBM UrbanCode
Continuous Application Delivery to WebSphere - Featuring IBM UrbanCode
IBM UrbanCode Products
 
Deployment Automation for Hybrid Cloud and Multi-Platform Environments
Deployment Automation for Hybrid Cloud and Multi-Platform EnvironmentsDeployment Automation for Hybrid Cloud and Multi-Platform Environments
Deployment Automation for Hybrid Cloud and Multi-Platform Environments
IBM UrbanCode Products
 
Introduction to IBM UrbanCode Deploy and Release
Introduction to IBM UrbanCode Deploy and ReleaseIntroduction to IBM UrbanCode Deploy and Release
Introduction to IBM UrbanCode Deploy and Release
Rob Cuddy
 
Adapting Deployment Pipelines for Complex Applications
Adapting Deployment Pipelines for Complex ApplicationsAdapting Deployment Pipelines for Complex Applications
Adapting Deployment Pipelines for Complex Applications
IBM UrbanCode Products
 
Extending uBuild and uDeploy with Plugins
Extending uBuild and uDeploy with PluginsExtending uBuild and uDeploy with Plugins
Extending uBuild and uDeploy with Plugins
IBM UrbanCode Products
 
Integrations, UI Enhancements and Cloud – See What’s New with IBM UrbanCode D...
Integrations, UI Enhancements and Cloud – See What’s New with IBM UrbanCode D...Integrations, UI Enhancements and Cloud – See What’s New with IBM UrbanCode D...
Integrations, UI Enhancements and Cloud – See What’s New with IBM UrbanCode D...
IBM UrbanCode Products
 
UCD components
UCD components UCD components
UCD components
IBM Rational software
 
How to Adopt Docker Within Your Enterprise Using IBM UrbanCode Deploy (Interc...
How to Adopt Docker Within Your Enterprise Using IBM UrbanCode Deploy (Interc...How to Adopt Docker Within Your Enterprise Using IBM UrbanCode Deploy (Interc...
How to Adopt Docker Within Your Enterprise Using IBM UrbanCode Deploy (Interc...
Michael Elder
 
Using Blueprints to Overcome Multi-speed IT Challenges
Using Blueprints to Overcome Multi-speed IT ChallengesUsing Blueprints to Overcome Multi-speed IT Challenges
Using Blueprints to Overcome Multi-speed IT Challenges
IBM UrbanCode Products
 
TheTricky Bits of Deployment Automation
TheTricky Bits of Deployment Automation TheTricky Bits of Deployment Automation
TheTricky Bits of Deployment Automation
IBM UrbanCode Products
 
Mastering DevOps Automation: Webinar
Mastering DevOps Automation: WebinarMastering DevOps Automation: Webinar
Mastering DevOps Automation: Webinar
Claudia Ring
 
Microservice Builder: A Microservice DevOps Pipeline for Rapid Delivery and P...
Microservice Builder: A Microservice DevOps Pipeline for Rapid Delivery and P...Microservice Builder: A Microservice DevOps Pipeline for Rapid Delivery and P...
Microservice Builder: A Microservice DevOps Pipeline for Rapid Delivery and P...
David Currie
 
UrbanCode Deploy DevOps Best Practices
UrbanCode Deploy DevOps Best PracticesUrbanCode Deploy DevOps Best Practices
UrbanCode Deploy DevOps Best Practices
Michael Elder
 
Improving Software Delivery with DevOps & Software Defined Environments
Improving Software Delivery with DevOps & Software Defined EnvironmentsImproving Software Delivery with DevOps & Software Defined Environments
Improving Software Delivery with DevOps & Software Defined Environments
Michael Elder
 
Security automation
Security automationSecurity automation
Security automation
Hexis Cyber Solutions
 
Best Practices for Workload Security: Securing Servers in Modern Data Center ...
Best Practices for Workload Security: Securing Servers in Modern Data Center ...Best Practices for Workload Security: Securing Servers in Modern Data Center ...
Best Practices for Workload Security: Securing Servers in Modern Data Center ...
CloudPassage
 

More Related Content

What's hot

Mobile to mainframe - The Challenges and Best Practices of Enterprise DevOps
Mobile to mainframe - The Challenges and Best Practices of Enterprise DevOps Mobile to mainframe - The Challenges and Best Practices of Enterprise DevOps
Mobile to mainframe - The Challenges and Best Practices of Enterprise DevOps
IBM UrbanCode Products
 
Product Overview: The New IBM UrbanCode Deploy 6.0
Product Overview: The New IBM UrbanCode Deploy 6.0Product Overview: The New IBM UrbanCode Deploy 6.0
Product Overview: The New IBM UrbanCode Deploy 6.0
IBM UrbanCode Products
 
Adapting Deployment Pipelines for Complex Applications
Adapting Deployment Pipelines for Complex ApplicationsAdapting Deployment Pipelines for Complex Applications
Adapting Deployment Pipelines for Complex Applications
IBM UrbanCode Products
 
TheTricky Bits of Deployment Automation
TheTricky Bits of Deployment Automation TheTricky Bits of Deployment Automation
TheTricky Bits of Deployment Automation
IBM UrbanCode Products
 

What's hot (20)

UrbanCode Deploy course and product overview slides
UrbanCode Deploy course and product overview slidesUrbanCode Deploy course and product overview slides
UrbanCode Deploy course and product overview slides
 
UrbanCode Deploy and Docker Containers Connect the Dots
UrbanCode Deploy and Docker Containers Connect the DotsUrbanCode Deploy and Docker Containers Connect the Dots
UrbanCode Deploy and Docker Containers Connect the Dots
 
Mobile to mainframe - The Challenges and Best Practices of Enterprise DevOps
Mobile to mainframe - The Challenges and Best Practices of Enterprise DevOps Mobile to mainframe - The Challenges and Best Practices of Enterprise DevOps
Mobile to mainframe - The Challenges and Best Practices of Enterprise DevOps
 
Death to Manual Deployments
Death to Manual DeploymentsDeath to Manual Deployments
Death to Manual Deployments
 
Product Overview: The New IBM UrbanCode Deploy 6.0
Product Overview: The New IBM UrbanCode Deploy 6.0Product Overview: The New IBM UrbanCode Deploy 6.0
Product Overview: The New IBM UrbanCode Deploy 6.0
 
DMT-2467 Like the Features in Rational DOORS 9? Come Check Them Out in DOORS...
DMT-2467 Like the Features in Rational DOORS 9? Come Check Them Out in DOORS...DMT-2467 Like the Features in Rational DOORS 9? Come Check Them Out in DOORS...
DMT-2467 Like the Features in Rational DOORS 9? Come Check Them Out in DOORS...
 
Continuous Application Delivery to WebSphere - Featuring IBM UrbanCode
Continuous Application Delivery to WebSphere - Featuring IBM UrbanCodeContinuous Application Delivery to WebSphere - Featuring IBM UrbanCode
Continuous Application Delivery to WebSphere - Featuring IBM UrbanCode
 
Deployment Automation for Hybrid Cloud and Multi-Platform Environments
Deployment Automation for Hybrid Cloud and Multi-Platform EnvironmentsDeployment Automation for Hybrid Cloud and Multi-Platform Environments
Deployment Automation for Hybrid Cloud and Multi-Platform Environments
 
Introduction to IBM UrbanCode Deploy and Release
Introduction to IBM UrbanCode Deploy and ReleaseIntroduction to IBM UrbanCode Deploy and Release
Introduction to IBM UrbanCode Deploy and Release
 
Adapting Deployment Pipelines for Complex Applications
Adapting Deployment Pipelines for Complex ApplicationsAdapting Deployment Pipelines for Complex Applications
Adapting Deployment Pipelines for Complex Applications
 
Extending uBuild and uDeploy with Plugins
Extending uBuild and uDeploy with PluginsExtending uBuild and uDeploy with Plugins
Extending uBuild and uDeploy with Plugins
 
Integrations, UI Enhancements and Cloud – See What’s New with IBM UrbanCode D...
Integrations, UI Enhancements and Cloud – See What’s New with IBM UrbanCode D...Integrations, UI Enhancements and Cloud – See What’s New with IBM UrbanCode D...
Integrations, UI Enhancements and Cloud – See What’s New with IBM UrbanCode D...
 
UCD components
UCD components UCD components
UCD components
 
How to Adopt Docker Within Your Enterprise Using IBM UrbanCode Deploy (Interc...
How to Adopt Docker Within Your Enterprise Using IBM UrbanCode Deploy (Interc...How to Adopt Docker Within Your Enterprise Using IBM UrbanCode Deploy (Interc...
How to Adopt Docker Within Your Enterprise Using IBM UrbanCode Deploy (Interc...
 
Using Blueprints to Overcome Multi-speed IT Challenges
Using Blueprints to Overcome Multi-speed IT ChallengesUsing Blueprints to Overcome Multi-speed IT Challenges
Using Blueprints to Overcome Multi-speed IT Challenges
 
TheTricky Bits of Deployment Automation
TheTricky Bits of Deployment Automation TheTricky Bits of Deployment Automation
TheTricky Bits of Deployment Automation
 
Mastering DevOps Automation: Webinar
Mastering DevOps Automation: WebinarMastering DevOps Automation: Webinar
Mastering DevOps Automation: Webinar
 
Microservice Builder: A Microservice DevOps Pipeline for Rapid Delivery and P...
Microservice Builder: A Microservice DevOps Pipeline for Rapid Delivery and P...Microservice Builder: A Microservice DevOps Pipeline for Rapid Delivery and P...
Microservice Builder: A Microservice DevOps Pipeline for Rapid Delivery and P...
 
UrbanCode Deploy DevOps Best Practices
UrbanCode Deploy DevOps Best PracticesUrbanCode Deploy DevOps Best Practices
UrbanCode Deploy DevOps Best Practices
 
Improving Software Delivery with DevOps & Software Defined Environments
Improving Software Delivery with DevOps & Software Defined EnvironmentsImproving Software Delivery with DevOps & Software Defined Environments
Improving Software Delivery with DevOps & Software Defined Environments
 

Viewers also liked

Using AWS WAF and Lambda for Automatic Protection
Using AWS WAF and Lambda for Automatic ProtectionUsing AWS WAF and Lambda for Automatic Protection
Using AWS WAF and Lambda for Automatic Protection
Amazon Web Services
 

Viewers also liked (8)

Security automation
Security automationSecurity automation
Security automation
 
Best Practices for Workload Security: Securing Servers in Modern Data Center ...
Best Practices for Workload Security: Securing Servers in Modern Data Center ...Best Practices for Workload Security: Securing Servers in Modern Data Center ...
Best Practices for Workload Security: Securing Servers in Modern Data Center ...
 
2012: Putting your robots to work: security automation at Twitter
2012: Putting your robots to work: security automation at Twitter2012: Putting your robots to work: security automation at Twitter
2012: Putting your robots to work: security automation at Twitter
 
Achieving Continuous Monitoring with Security Automation
Achieving Continuous Monitoring with Security AutomationAchieving Continuous Monitoring with Security Automation
Achieving Continuous Monitoring with Security Automation
 
AWS Security Architecture - Overview
AWS Security Architecture - OverviewAWS Security Architecture - Overview
AWS Security Architecture - Overview
 
Building Secure Architectures on AWS
Building Secure Architectures on AWSBuilding Secure Architectures on AWS
Building Secure Architectures on AWS
 
2016-08-29 AFITC Security Automation
2016-08-29 AFITC Security Automation2016-08-29 AFITC Security Automation
2016-08-29 AFITC Security Automation
 
Using AWS WAF and Lambda for Automatic Protection
Using AWS WAF and Lambda for Automatic ProtectionUsing AWS WAF and Lambda for Automatic Protection
Using AWS WAF and Lambda for Automatic Protection
 

Similar to Securing the Automation of Application Deployment with UrbanCode Deploy

Lecture 11 managing the network
Lecture 11 managing the networkLecture 11 managing the network
Lecture 11 managing the network
Wiliam Ferraciolli
 
Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 1...
Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 1... Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 1...
Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 1...
WebStackAcademy
 

Similar to Securing the Automation of Application Deployment with UrbanCode Deploy (20)

Securitywebinar3 tph3
Securitywebinar3 tph3Securitywebinar3 tph3
Securitywebinar3 tph3
 
Security
SecuritySecurity
Security
 
Security lab
Security labSecurity lab
Security lab
 
Lecture 11 managing the network
Lecture 11 managing the networkLecture 11 managing the network
Lecture 11 managing the network
 
Security Authentication and Authorization Service (AAS) for IBM InfoSphere St...
Security Authentication and Authorization Service (AAS) for IBM InfoSphere St...Security Authentication and Authorization Service (AAS) for IBM InfoSphere St...
Security Authentication and Authorization Service (AAS) for IBM InfoSphere St...
 
Application module slides
Application module slidesApplication module slides
Application module slides
 
Cache Security- The Basics
Cache Security- The BasicsCache Security- The Basics
Cache Security- The Basics
 
SC-900 Capabilities of Microsoft Identity and Access Management Solutions
SC-900 Capabilities of Microsoft Identity and Access Management SolutionsSC-900 Capabilities of Microsoft Identity and Access Management Solutions
SC-900 Capabilities of Microsoft Identity and Access Management Solutions
 
Secure Coding: Field-level Security, CRUD, and Sharing
Secure Coding: Field-level Security, CRUD, and SharingSecure Coding: Field-level Security, CRUD, and Sharing
Secure Coding: Field-level Security, CRUD, and Sharing
 
Java EE Services
Java EE ServicesJava EE Services
Java EE Services
 
IBM Lotusphere 2013 AD109: Using the IBM® Sametime® Proxy SDK: WebSphere Port...
IBM Lotusphere 2013 AD109: Using the IBM® Sametime® Proxy SDK: WebSphere Port...IBM Lotusphere 2013 AD109: Using the IBM® Sametime® Proxy SDK: WebSphere Port...
IBM Lotusphere 2013 AD109: Using the IBM® Sametime® Proxy SDK: WebSphere Port...
 
Cairo meetup low code best practices
Cairo meetup low code best practicesCairo meetup low code best practices
Cairo meetup low code best practices
 
IBM Connect 2016: Speaker Session with Teresa Deane, Senior Developer, BCC
IBM Connect 2016: Speaker Session with Teresa Deane, Senior Developer, BCCIBM Connect 2016: Speaker Session with Teresa Deane, Senior Developer, BCC
IBM Connect 2016: Speaker Session with Teresa Deane, Senior Developer, BCC
 
Introduction to the IBM Java Tools
Introduction to the IBM Java ToolsIntroduction to the IBM Java Tools
Introduction to the IBM Java Tools
 
Impact2014: Introduction to the IBM Java Tools
Impact2014: Introduction to the IBM Java ToolsImpact2014: Introduction to the IBM Java Tools
Impact2014: Introduction to the IBM Java Tools
 
Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 1...
Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 1... Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 1...
Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 1...
 
Oracle ADF Case Study
Oracle ADF Case StudyOracle ADF Case Study
Oracle ADF Case Study
 
Managed Beans: When, Why and How
Managed Beans: When, Why and HowManaged Beans: When, Why and How
Managed Beans: When, Why and How
 
Preserving Customizations with Overlays & Custom Objects in AR System 7.6.04
Preserving Customizations with Overlays & Custom Objects in AR System 7.6.04Preserving Customizations with Overlays & Custom Objects in AR System 7.6.04
Preserving Customizations with Overlays & Custom Objects in AR System 7.6.04
 
Role based access control - RBAC
Role based access control - RBACRole based access control - RBAC
Role based access control - RBAC
 

More from IBM UrbanCode Products

Continuous Delivery in the Enterprise - with IBM UrbanCode
Continuous Delivery in the Enterprise - with IBM UrbanCodeContinuous Delivery in the Enterprise - with IBM UrbanCode
Continuous Delivery in the Enterprise - with IBM UrbanCode
IBM UrbanCode Products
 
Building a DevOps Team that Isn't Evil
Building a DevOps Team that Isn't EvilBuilding a DevOps Team that Isn't Evil
Building a DevOps Team that Isn't Evil
IBM UrbanCode Products
 
DevOps and the Case for ROI to Executives
DevOps and the Case for ROI to ExecutivesDevOps and the Case for ROI to Executives
DevOps and the Case for ROI to Executives
IBM UrbanCode Products
 
A Continuous Delivery Safety Net for Databases
A Continuous Delivery Safety Net for DatabasesA Continuous Delivery Safety Net for Databases
A Continuous Delivery Safety Net for Databases
IBM UrbanCode Products
 

More from IBM UrbanCode Products (20)

Using UrbanCode Deploy to Migrate to WebSphere Application Server Version 9
Using UrbanCode Deploy to Migrate to WebSphere Application Server Version 9Using UrbanCode Deploy to Migrate to WebSphere Application Server Version 9
Using UrbanCode Deploy to Migrate to WebSphere Application Server Version 9
 
What's New with IBM UrbanCode Deploy
What's New with IBM UrbanCode DeployWhat's New with IBM UrbanCode Deploy
What's New with IBM UrbanCode Deploy
 
Digital Disruption with DevOps - Reference Architecture Overview
Digital Disruption with DevOps - Reference Architecture OverviewDigital Disruption with DevOps - Reference Architecture Overview
Digital Disruption with DevOps - Reference Architecture Overview
 
Efficient DevOps: Standardizing Chaotic Culture at NBCUniversal
Efficient DevOps: Standardizing Chaotic Culture at NBCUniversalEfficient DevOps: Standardizing Chaotic Culture at NBCUniversal
Efficient DevOps: Standardizing Chaotic Culture at NBCUniversal
 
Shift Happens - Rapidly Rolling Forward During Production Failure
Shift Happens - Rapidly Rolling Forward During Production FailureShift Happens - Rapidly Rolling Forward During Production Failure
Shift Happens - Rapidly Rolling Forward During Production Failure
 
The Future of DevOps and UrbanCode
The Future of DevOps and UrbanCodeThe Future of DevOps and UrbanCode
The Future of DevOps and UrbanCode
 
Leading the Transformation: Applying DevOps and Agile Principles at Scale
Leading the Transformation: Applying DevOps and Agile Principles at ScaleLeading the Transformation: Applying DevOps and Agile Principles at Scale
Leading the Transformation: Applying DevOps and Agile Principles at Scale
 
Continuous Delivery in the Enterprise - with IBM UrbanCode
Continuous Delivery in the Enterprise - with IBM UrbanCodeContinuous Delivery in the Enterprise - with IBM UrbanCode
Continuous Delivery in the Enterprise - with IBM UrbanCode
 
Adopting DevOps for 2-Speed IT
Adopting DevOps for 2-Speed ITAdopting DevOps for 2-Speed IT
Adopting DevOps for 2-Speed IT
 
A True Story of Why QA Loves DevOps
A True Story of Why QA Loves DevOpsA True Story of Why QA Loves DevOps
A True Story of Why QA Loves DevOps
 
Get Mapped: Using Value Stream Mapping to Create a DevOps Adoption Roadmap
Get Mapped: Using Value Stream Mapping to Create a DevOps Adoption RoadmapGet Mapped: Using Value Stream Mapping to Create a DevOps Adoption Roadmap
Get Mapped: Using Value Stream Mapping to Create a DevOps Adoption Roadmap
 
Building a DevOps Team that Isn't Evil
Building a DevOps Team that Isn't EvilBuilding a DevOps Team that Isn't Evil
Building a DevOps Team that Isn't Evil
 
DevOps and the Case for ROI to Executives
DevOps and the Case for ROI to ExecutivesDevOps and the Case for ROI to Executives
DevOps and the Case for ROI to Executives
 
Continuous Delivery with Jenkins Enterprise and IBM UrbanCode Deploy
Continuous Delivery with Jenkins Enterprise and IBM UrbanCode DeployContinuous Delivery with Jenkins Enterprise and IBM UrbanCode Deploy
Continuous Delivery with Jenkins Enterprise and IBM UrbanCode Deploy
 
Creating a DevOps Team that Isn't Evil
Creating a DevOps Team that Isn't EvilCreating a DevOps Team that Isn't Evil
Creating a DevOps Team that Isn't Evil
 
Release and Deploy Sessions at IBM InterConnect 2015
Release and Deploy Sessions at IBM InterConnect 2015Release and Deploy Sessions at IBM InterConnect 2015
Release and Deploy Sessions at IBM InterConnect 2015
 
Using Lean Thinking to Identify and Address Delivery Pipeline Bottlenecks
Using Lean Thinking to Identify and Address Delivery Pipeline BottlenecksUsing Lean Thinking to Identify and Address Delivery Pipeline Bottlenecks
Using Lean Thinking to Identify and Address Delivery Pipeline Bottlenecks
 
A Continuous Delivery Safety Net for Databases
A Continuous Delivery Safety Net for DatabasesA Continuous Delivery Safety Net for Databases
A Continuous Delivery Safety Net for Databases
 
Shift Left - Approach and practices with IBM
Shift Left - Approach and practices with IBMShift Left - Approach and practices with IBM
Shift Left - Approach and practices with IBM
 
Leading DevOps Application Release and Deployment - Best Practices for Organi...
Leading DevOps Application Release and Deployment - Best Practices for Organi...Leading DevOps Application Release and Deployment - Best Practices for Organi...
Leading DevOps Application Release and Deployment - Best Practices for Organi...
 

Recently uploaded

Corporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMSCorporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMS
Tendenci - The Open Source AMS (Association Management Software)
 
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAGAI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
Alluxio, Inc.
 
Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)
Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)
Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)
Gáspár Nagy
 
JustNaik Solution Deck (stage bus sector)
JustNaik Solution Deck (stage bus sector)JustNaik Solution Deck (stage bus sector)
JustNaik Solution Deck (stage bus sector)
Max Lee
 

Recently uploaded (20)

Into the Box 2024 - Keynote Day 2 Slides.pdf
Into the Box 2024 - Keynote Day 2 Slides.pdfInto the Box 2024 - Keynote Day 2 Slides.pdf
Into the Box 2024 - Keynote Day 2 Slides.pdf
 
INGKA DIGITAL: Linked Metadata by Design
INGKA DIGITAL: Linked Metadata by DesignINGKA DIGITAL: Linked Metadata by Design
INGKA DIGITAL: Linked Metadata by Design
 
A Comprehensive Appium Guide for Hybrid App Automation Testing.pdf
A Comprehensive Appium Guide for Hybrid App Automation Testing.pdfA Comprehensive Appium Guide for Hybrid App Automation Testing.pdf
A Comprehensive Appium Guide for Hybrid App Automation Testing.pdf
 
Corporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMSCorporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMS
 
A Python-based approach to data loading in TM1 - Using Airflow as an ETL for TM1
A Python-based approach to data loading in TM1 - Using Airflow as an ETL for TM1A Python-based approach to data loading in TM1 - Using Airflow as an ETL for TM1
A Python-based approach to data loading in TM1 - Using Airflow as an ETL for TM1
 
How to install and activate eGrabber JobGrabber
How to install and activate eGrabber JobGrabberHow to install and activate eGrabber JobGrabber
How to install and activate eGrabber JobGrabber
 
Top Mobile App Development Companies 2024
Top Mobile App Development Companies 2024Top Mobile App Development Companies 2024
Top Mobile App Development Companies 2024
 
Breaking the Code : A Guide to WhatsApp Business API.pdf
Breaking the Code : A Guide to WhatsApp Business API.pdfBreaking the Code : A Guide to WhatsApp Business API.pdf
Breaking the Code : A Guide to WhatsApp Business API.pdf
 
A Guideline to Zendesk to Re:amaze Data Migration
A Guideline to Zendesk to Re:amaze Data MigrationA Guideline to Zendesk to Re:amaze Data Migration
A Guideline to Zendesk to Re:amaze Data Migration
 
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
 
Facemoji Keyboard released its 2023 State of Emoji report, outlining the most...
Facemoji Keyboard released its 2023 State of Emoji report, outlining the most...Facemoji Keyboard released its 2023 State of Emoji report, outlining the most...
Facemoji Keyboard released its 2023 State of Emoji report, outlining the most...
 
Crafting the Perfect Measurement Sheet with PLM Integration
Crafting the Perfect Measurement Sheet with PLM IntegrationCrafting the Perfect Measurement Sheet with PLM Integration
Crafting the Perfect Measurement Sheet with PLM Integration
 
Advanced Flow Concepts Every Developer Should Know
Advanced Flow Concepts Every Developer Should KnowAdvanced Flow Concepts Every Developer Should Know
Advanced Flow Concepts Every Developer Should Know
 
Secure Software Ecosystem Teqnation 2024
Secure Software Ecosystem Teqnation 2024Secure Software Ecosystem Teqnation 2024
Secure Software Ecosystem Teqnation 2024
 
Agnieszka Andrzejewska - BIM School Course in Kraków
Agnieszka Andrzejewska - BIM School Course in KrakówAgnieszka Andrzejewska - BIM School Course in Kraków
Agnieszka Andrzejewska - BIM School Course in Kraków
 
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAGAI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
 
Using IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New ZealandUsing IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New Zealand
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)
Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)
Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)
 
JustNaik Solution Deck (stage bus sector)
JustNaik Solution Deck (stage bus sector)JustNaik Solution Deck (stage bus sector)
JustNaik Solution Deck (stage bus sector)
 

Securing the Automation of Application Deployment with UrbanCode Deploy

  • 1. © IBM Corporation 1 Presented by: Securing the Automation of Application Deployment with UrbanCode Deploy Joanne Scouler WW Cloud Sales Enablement jscouler@us.ibm.com @joscouler on twitter Thomas Hudson Information Architect thudson@us.ibm.com November 5, 2015
  • 2. © IBM Corporation 2 Security agenda – Steps in setting up security – Authorization – Authentication – Role configuration – Guidance on configuring roles and permissions – Security model – Security model example – Team configuration – Approvals and notifications – Statuses and gates
  • 3. © IBM Corporation 3 Security objectives In this module you learn how to: • Create authorization realms and user groups • Manage users in authentication realms • Create and define roles and permissions for security • Create teams • Set up notifications and approvals • Set up statuses and gates
  • 4. © IBM Corporation 4 Guidelines for setting up security 1. Create an authorization realm. Authorization realms handle user groups. 2. Create an authentication realm. The authentication realm is used to determine a user's identity within an authorization realm. (LDAP, AD, or SSO) 3. Create roles and define permissions for them. For most situations, the default permission types should be adequate. 4. Create or import users. 5. Create teams and assign users to them.
  • 5. © IBM Corporation 5 IBM UrbanCode Deploy security
  • 6. © IBM Corporation 6 Authorization realms The Authorization Realms pane is used to create authorization realms and user groups. Groups can be imported from external systems, such as LDAP.
  • 7. © IBM Corporation 7 Authentication realms • Authentication realms determine user identity within authorization realms. • Users can be created manually or imported from external systems.
  • 8. © IBM Corporation 8 Role configuration – Roles provide permissions to users. – A role is a set of permissions. Typically, the permissions in a role define a particular activity that a user might do. IBM® UrbanCode Deploy provides one role, the Administrator role, which has all available permissions. – Users are granted permissions by being assigned to roles. When assigned to a role, a user is automatically granted all permissions that are defined for the role. Typical activities include changing or running an item, such as an application process, or modifying security settings.
  • 9. © IBM Corporation 9 Role configuration
  • 10. © IBM Corporation 10 Guidance on configuring roles and permissions When defining the roles for your organization, start by keeping the roles simple, but sufficient to carry out the appropriate work. Role Permissions Configurator Resources (Create, Edit, View) Application (Create, Edit, Manage Snapshots, Run Comp Process, View) Environment (Create, Edit, Execute, View) Component (Create, Edit, Manage Versions, View) Component Template (Create, Edit, View) Release Engineer ( Resources (View) Application (View, Manage Snapshots, Run Component Applications) Environment (View and Execute) Component (View) Component Template (View) Approver Resources (View) Application (View) Environment (View and Execute) Component (View) Component Template (View)
  • 11. © IBM Corporation 11 Kinds of permissions – Permissions generally fall into one of the following categories: • The ability to view, modify or work with a specific object. • The ability to create new object • The ability to see some element of the User Interface • The ability to manipulate the system/security as a whole, such as the ability to define users and groups – Permissions are cumulative • One user may be assigned multiple roles on multiple teams. When considering a specific capability, such as the ability to edit a certain object, a user may have multiple relevant roles in relationship to that object. Permissions are cumulative – as long as there is one role that provides the given Permission, the user has the Permission, even if other roles don't provide the Permission.
  • 12. © IBM Corporation 12 Team and role-based security model
  • 13. © IBM Corporation 13 Security model example
  • 14. © IBM Corporation 14 Security model – Defining roles
  • 15. © IBM Corporation 15 Security model – Defining roles
  • 16. © IBM Corporation 16 Team lead role • It is useful to have role that manages team membership without requiring the Administrator. • Give the Add Team Members permission to the role designed to manage the team. • Users with this role can add and remove users from their team. • Access the team manager feature by selecting My Profile > My Teams.
  • 17. © IBM Corporation 17 Defining and maintaining roles When you select an object, it lists all of the defined Types of that object. You define permissions by Type within a role. You can select the menus that the role will be able to see in the Web User Interface
  • 18. © IBM Corporation 18 Mapping objects to a team • To create an object, you must have the Create permission for the object type. To create a component, for example, you must have a role with the Create Component permission. • When you create an object, such as a component, your teams are automatically mapped to the object. You can change your user preferences to modify this behavior. • To map a team to an existing object, you must have a role with the Manage Security permission.
  • 19. © IBM Corporation 19 Steps for setting up approvals 1. Ensure that the users doing the approval belong to the appropriate role 2. Enable approvals on the desired environment 3. Identify the roles that will provide the approval 4. Define the approval process on the application
  • 20. © IBM Corporation 20 Define statuses for components Define the set of component version statuses
  • 21. © IBM Corporation 21 Define the gates on environments On the Application configuration, define the gates
  • 22. © IBM Corporation 22 Resources – A Guide to Security Configuration in IBM UrbanCode Deploy – UrbanCode Deploy Knowledge Center
  • 23. © IBM Corporation 23 Summary In this module you learned how to: • Create and define roles and permissions for security • Manage users in authentication realms • Create authorization realms and user groups • Create teams • Set up notifications and approvals • Create statuses and gates
  • 24. © IBM Corporation 24 Learn More About IBM UrbanCode Deploy – Visit UrbanCode Online: • https://developer.ibm.com/urbancode/ – View UrbanCode Product Forums: • https://developer.ibm.com/answers/smart-spaces/23/urbancode.html – Request a Demo of IBM UrbanCode Deploy • https://ibm.biz/demo-urbancode-deploy
  • 25. © IBM Corporation 25© IBM Corporation 25 Questions
  • 26. © IBM Corporation 26© IBM Corporation 26 Accelerating Digital Business