Add Contrast service broker for VMware Tanzu

Deploy the service broker application with a command similar to this example:

cf push contrast-security-service-broker

You should see the service broker in PCF.

Configure plans with the CONTRAST_SERVICE_PLANS environment variable (the service broker doesn't offer any plans by default).

You can also use the Pivotal Ops Manager to set the environment variables. If you are using IBM Cloud, you can select the application, select Runtime and then Environment Variables to set the value.

Example: This example shows how to set the value in the command line:

cf set-env contrast-security-service-broker CONTRAST_SERVICE_PLANS
    " {
            "ServicePlan1": {
                 "name":"ServicePlan1",
                 "teamserver_url":"https://yourteamserverurl.com",
                 "username":"your_username",
                 "org_uuid":"00000000-1111-2222-3333-000000000000",
                 "api_key":"your_api_key",
                 "service_key":"your_service_key"
             },
             "AnotherServicePlan":{
                 "name":"AnotherServicePlan",
                 "teamserver_url":"https://yourteamserverurl.com",
                 "username":"your_username",
                 "org_uuid":"00000000-1111-2222-3333-000000000001",
                 "api_key":"your_api_key",
                 "service_key":"some_other_service_key"
                 }
             } "

To run the agent on IBM Cloud, you must use single quotes to set the CONTRAST_SERVICE_PLANS environment variable, as shown in this example:

 cf set-env contrast-security-service-broker CONTRAST_SERVICE_PLANS
    " {
            'ServicePlan1': {
                 'name':'ServicePlan1',
                 'teamserver_url':'https://yourteamserverurl.com',
                 'username':'your_username',
                 'org_uuid':'00000000-1111-2222-3333-000000000000',
                 'api_key':'your_api_key',
                 'service_key':'your_service_key'
             },
             'AnotherServicePlan':{
                 'name':'AnotherServicePlan',
                 'teamserver_url':'https://yourteamserverurl.com',
                 'username':'your_username',
                 'org_uuid':'00000000-1111-2222-3333-000000000000',
                 'api_key':'your_api_key',
                 'service_key':'some_other_service_key'
                 }
             } "

Restage your application using a command similar to this example:

cf restage contrast-security-service-broker

Set an environment variable for a username and a password:

cf set-env contrast-security-service-broker SECURITY_USER_NAME aSecureUsername
cf set-env contrast-security-service-broker SECURITY_USER_PASSWORD aSecurePassword

Create a service broker instance. Define at least one service plan for this. You must use the same username and password that you set in the previous step.

cf create-service-broker contrast-security-service-broker USER_NAME PASSWORD
<URL of your application>

For IBM Cloud, add --space-scoped at the end of the command, as shown in this example:

cf create-service-broker contrast-security-service-broker USER_NAME PASSWORD
<URL of your application> --space-scoped

All service brokers start as private. Make it public with a command similar to the following example:

cf enable-service-access contrast-security-service-broker

Once the service broker is working, create a service instance and bind it to the application. To create a service instance, run the following command:

cf create-service contrast-security-service-broker ServicePlan1 <name_of_service>

Bind the service broker it to your application using the following command:

cf bind-service <app_name> <name_of_service>

You should see the agent start up with your application. You also see your application in the Contrast web interface.