To install configure and deploy SurePassID Ultra MFA VLE (Very Large Enterprise), our revolutionary Infrastructure-as-Code MFA solution for Azure GGC/GCC High, you need to have the following set-up items.
You have the option to complete the installation yourself, or if you prefer, the SurePassID Customer Success team can handle the entire installation process within your subscription on your behalf. To proceed with our assistance, you will need to provide us with an Azure Subscription and an Entra ID account, as detailed below. Once the installation is complete, you can remove our Entra ID account.
1. Azure Subscription - The subscription must be set up in Azure Government Cloud (GCC) or GCC High. While it is possible to install in a commercial environment, this article will focus exclusively on the government cloud options.
2. Entra ID Account - This account will enable the cloud engineer to run the SurePassID VLE scripts to construct the necessary infrastructure, deploy SurePassID and administer the system within the subscription. It is essential that the account has access to the subscription, preferably with the Owner role. While it is possible to utilize an Entra ID account with other roles, this article will focus solely on the Owner role for clarity.
3. Deployment Workstation - This workstation will allow the cloud engineer to execute the SurePassID scripts, facilitating the creation of the required infrastructure, the deployment of SurePassID, and the ongoing administration of the system.
This workstation will need to have access to the Azure government portal to be able to run the scripts and be equipped with the proper tools to perform the installation.
4. Deployment Workstation Setup - Install Visual Studio Code from Microsoft.
5. Deployment Workstation Setup - Install Visual Studio Code Extensions From Microsoft.
To enhance your efficiency in installing and maintaining the SurePassID VLE system, we recommend installing the following Visual Studio Code extensions. While not all of these extensions may be necessary for your specific setup, they can greatly assist you in streamlining the process. You can easily install these Microsoft extensions directly from within the Visual Studio Code environment. For more info on how to install these subscriptions see the following link:
- Azure Account - Sign-on and subscription management.
- Azure Developer CLI - This extension makes it easier to create and run Azure Resources.
- Azure Databases - Create, browse, and update globally distributed, multi-model database.
- Azure App Service - An Azure App Service management extension for Visual Studio Code.
- Azure Resources - An extension for viewing and managing Azure resources.
- .NET Install Tool -This extension installs and manages different versions of the .NET SDK
- Bicep - Download home page here.
6. Deployment Workstation Set-up - Install Azure Command Level Interface (CLI)
Download home page here.
7. Deployment Workstation Set-up - Install OpenSSL for Windows
To format certificates and upload them into the Azure Key Vault, the scripts utilize OpenSSL to merge intermediary certificates with the main certificate. You can use any version of OpenSSL for Windows, or you may choose to build it from the source code if preferred. It is advisable to verify with your team, as they may already have a suitable OpenSSL build available.
For convenience on Windows, we recommend downloading OpenSSL from the following website: Win32/Win64 OpenSSL Installer for Windows - Shining Light Productions (slproweb.com). We have consistently experienced reliable performance with the OpenSSL build from this source, but as with any third-party download, it is prudent to follow your organization’s security policies, such as performing a virus scan.
8. Deployment Workstation Set-up - Install Git Git Bash is one of the tools included in the Git download. It is used to run the cloud shell scripts to build Azure Infrastructure. You will need to download it and add it as a terminal in in Visual Studio Code.
Download home page here.
9. Deployment Workstation Set-up - Add Git Bash Terminal to Visual Studio Code.- Verify git is installed by opening a command line prompt and typing git --version.
- Open Visual Studio Code and press and hold Ctrl + ` to open the terminal.
- Open the command palette using Ctrl + Shift + P.
- In the search box type Select Default Profile in the Command Palette and select it from the dropdown menu.
- Select Git Bash from the options.
- To verify, open a new terminal by pressing Ctrl + Shift + ~ (or Cmd + Shift + ~ on macOS). Git Bash should now open as the default terminal.
10. Deployment Workstation Set-up - Install Git Bash zip
When uploading the SurePassID application code, it is important to be aware that Azure SCM requires a specific zip format that is compatible with bzip2 compression. Although there are various zip file tools available, we highly recommend consulting with us for recommendations on the most suitable options to ensure a smooth upload process.
- Navigate to this sourceforge page: https://sourceforge.net/projects/gnuwin32/files/zip/3.0/
- Download zip-3.0-bin.zip
- In the zipped file, in the bin folder, find the file zip.exe.
- Extract the file zip.exe to your mingw64 bin folder (for me: C:\Program Files\Git\mingw64\bin)
- Navigate to to this sourceforge page: https://sourceforge.net/projects/gnuwin32/files/bzip2/1.0.5/
- Download bzip2-1.0.5-bin.zip
- In the zipped file, in the bin folder, find the file bzip2.dll
- Extract bzip2.dll to your mingw64\bin folder (same folder as above: C:\Program Files\Git\mingw64\bin)
11. Deployment Workstation Set-up (optional) - Install json formatting tool.
- Run the git-bash shell as an administrator.
- Execute the following commands:
- mkdir -p "${HOME}/.local/bin"
- curl -L -o "${HOME}/.local/bin/jq.exe" \ https://github.com/stedolan/jq/releases/latest/download/jq-win64.exe