IAM.tf Control Tool

iamtfctl is a command line tool that allows you to control your IAM.tf instances. Once your identity appliance has been provisioned using terraform, you control its lifecycle using iamtfctl. You can build , start and stop identity appliances. You view configuration properties of your appliance resources: identity providers, service providers, identity sources, etc.

Sample install procedure:

unzip ~/Downloads/iamtfctl-linux-amd64-0.4.3.zip
sudo cp iamtfctl /usr/bin

Configure

In order to connect to the server, iamtfctl requires information about its endpoint and the necessary credentials. You can configure this information in a YAML file. The file must be placed in your $HOME folder, in the .iamtf/iamtf.yaml file.

endpoint: "http://localhost:8081/atricore-rest/services"
client_id: "idbus-f2f7244e-bbce-44ca-8b33-f5c0bde339f7"
secret: "7oUHlv(HLT%vxK4L"

You can also set environment variables for these values, or use a mix of variables and configuration file.

export JOSSO_API_SECRET="7oUHlv(HLT%vxK4L"
export JOSSO_API_CLIENT_ID="idbus-f2f7244e-bbce-44ca-8b33-f5c0bde339f7"
export JOSSO_API_ENDPOINT="http://localhost:8081/atricore-rest/services"

You can test your configuration by running iamtfctl config

Appliance Management

Once you have your identity appliance configured in your server, you can use iamtfctl to manage its lifecycle. The first step will be to start the appliance: iamtfctl start -a ida-1, where ida-1 is the identity appliance id or name. You can also stop if necessary: iamtfctl stop -a ida-1.

Since you probably work with the same appliance name, you can set the environment variable JOSSO_API_APPLIANCE and avoid providing the -a attribute in every command that requires it.

export JOSSO_API_APPLIANCE=ida-1
iamtfctl start