ibm_bridge_agent.json static configuration
Use these options to create a static configuration with the ibm_bridge_agent.jsonfile.
“cloud-bridge”: {} Option | Default | Description |
---|---|---|
auto-scaleup-count |
1 | Optional. A factor that indicates the number of threads for polling connections to be made back to the tenant for reading tenant operations and writing their results. For each count value, 2 persistent polling connections are made, plus 1 standby connection for writing results when the readers are busy. |
client-id |
The identity agent configuration client ID. | |
obf-client-secret |
Use the obfuscated client secret value. The onprem -obf <client-secret>
command to generate this obfuscated client secret value from the identity agent configuration plain
text client secret. The value that is generated is unique to the installation that generated it and
cannot be reused on other Verify Bridge installations. The alternate option,
client-secret , can also be used with just the plain text client secret, if
required. However, the use of client-secret is not a good security
practice. |
|
tenant-proxy |
Optional. The proxy server to use to access the tenant server that is specified in the
tenant-uri option. The proxy type is determined by the proxy URL scheme. "http",
"https", and "socks5" are supported. |
|
tenant-uri |
The URI of the tenant. For example https://tenant.verify.ibm.com | |
trace-file |
The file that receives the low level program trace for problem determination. If not specified, no trace information is sent. Example: C:\\Program Files\\IBM\\BridgeAgent\\bridge_agent.log | |
trace-rollover |
0 | The maximum size in bytes that the trace-file can grow to before saving and
starting again. If not present or set to 0 , the size is unlimited. |
insecure-skip-verify |
False | TLS connections to the tenant server validate the server’s certificate even when the server name is specified as an IP address or when the CA certificate is not provided. If your connection does not support certificate validation, for example, in a test scenario, you can disable the validation with this option. This option is not a secure method to use in production environments. |
cert-host-name | TLS connections to the tenant server verify the hostname that is specified in the
tenant-uri against the hostname value that is set in the tenant server certificate.
In rare situations, the tenant server certificate hostname value might not match the hostname used
to access it. With this option, the tenant Server certificate name can be specified independently of
the connection tenant-uri host value. |