Automated setup of an IBM Cloud App ID instance using a Bash script

This blog post contains some of the implementation details of an example Bash script to automate the setup for an IBM Cloud App ID service instance. For details, visit this GitHub project.

What is App ID?

“IBM Cloud App ID allows you to easily add authentication to web and mobile apps. You no longer have to worry about setting up infrastructure for identity, ensuring geo-availability, and confirming compliance regulations. Instead, you can enhance your apps with advanced security capabilities like multifactor authentication and single sign-on.” Resource from the IBM Cloud App ID website (2021/10/06). For more details please visit the website.

The Bash script utilises following APIs and CLIs:

The script creates one instance of the IBM Cloud App ID service and does the configuration.

This automation example uses the IBM Cloud Shell and a PayAsYouGo IBM Cloud Account, but for the App ID service instance we will use the lite plan which is for free.

Please see the official documentation for each IBM Cloud Service and IBM Cloud Account type definition, before you start.

Continue reading

How to setup a virtual machine or virtual appliance in an IBM Cloud virtual private cloud (vpc) environment on a virtual server instance (vsi)? (nested Hypervisor)

As fas as I notice from the official IBM Cloud documentation “VPC responsibilities“, there is no official support for a nested Hypervisor listed in the official IBM Cloud documentation (Date 14.09.2021). IBM provides in the official IBM Cloud documentation: How to manually enable nested virtualization on a virtual server instance?, but you can do this on your own risk, as far as I understand for now. For me the nested Hypervisor worked for several times, but it’s not official supported.


This is a cheat sheet about, how to setup a virtual machine or virtual appliance in an IBM Cloud virtual private cloud (vpc) on a virtual server instance (vsi) with Red Hat Enterprise Linux 8 minimal install (RHEL8) as host operating system and a Ubuntu Linux operating system for the virtual machine or virtual appliance. I reuse different blog posts and references to documentations on IBM Cloud or Red Hat and I use the information from an exchange with Stefan Trimborn and Marc Haecker. (Thanks and greetings Stefan and Marc ;-))

This blog post covers the setup until the network configuration for the virtual machine (vm) or virtual appliance (va) to access for example a web application from the internet, which runs in the vm or va.

The image below shows a simplified diagram of the setup on IBM Cloud:

Continue reading

Use of “Quarkus Security OpenID Connect Multi Tenancy” in an own small example

That blog post is about the usage of the “Quarkus Security OpenID Connect Multi Tenancy” implementation in an own small example, how to extract a tenant and reconfigure OIDC configuration for Keycloak.

This blog post is structured as followed:

  • Objectives
  • Use case definition
  • Architecture
  • Multi tenancy realization
  • Technologies
  • Implementation
  • Summary

You can find the code in the under construction GitHub project.

Basics understanding: “A tenant is a group of users who share a common access with specific privileges to the software instance. …” Wikipedia

Keep in mind there is no common single definition what exactly multi tenancy is in detail. One definition you can find in Wikipedia or one in the IBM learn hub, and many more exist.

Continue reading

Map an existing user to a role in a Keycloak realm using CURL

In this blog post I want briefly show, how I implemented the mapping of a role to a user in Keycloak with CURL in a bash script.

The reason why I came across that topic, it was because I noticed that it wasn’t possible to upload a new user including the role information to the current realm.

I found that helpful stackoverflow entry (Keycloak – using admin API to add client role to user), but this stackoverflow entry didn’t contain the information: How to configure it for a pure realm role? At the end I found the related REST API documentation of Keycloak to extract the information.

Here are the major three steps I did.

Continue reading

How to simply examine a JSON response from a Cloudant search in Java

This is a short cheat sheet about, how to simply examine a JSON response from a Cloudant search in Java. I found different examples, but these examples were (more or less) older examples, where I missed some pieces and at the end for me the Java EE documentation was the best resource to realize it.

The JSON I wanted to examine, was a JSON with a nested JSON array and that array also contains a nested JSON.

Continue reading

Create a Virtual Private Cloud (VPC), Virtual Server Instance (VSI) on IBM Cloud with Terraform

This is a “simple” cheat sheet, how to create a single virtual server instance (VSI) in the virtual private cloud (VPC) infrastructure on IBM Cloud using Terraform.

Terraform is to write infrastructure as code using declarative configuration files. HashiCorp Configuration Language (HCL) allows for concise descriptions of resources using blocks, arguments, and expressions.” resource Terraform

There is an awesome documentation on IBM Cloud to do this:

That blog post reuses a lot of the content in the IBM Cloud documentation. You need to install Terraform and and clone the example GitHub project as your example terraform project folder.

Continue reading