๐ŸŒด
Guardian-dev
  • Guardian
    • ๐ŸŒGetting Started
      • ๐Ÿœ๏ธDiscovering Environmental assets on Hedera
      • ๐ŸŽ“Guardian Glossary
      • ๐Ÿ“–Installation Guide
        • ๐Ÿ—’๏ธPrerequisites
        • ๐Ÿ› ๏ธInstallation
          • ๐Ÿ”จBuilding from source and run using Docker
            • Deploying Guardian using default Environment
            • Deploying Guardian using a specific Environment ( DEVELOP )
            • Deploying Guardian using a specific Environment (QA)
          • ๐Ÿ”จBuilding from Pre-build containers
          • ๐Ÿ”จBuild executables and run manually
          • โ˜๏ธCloud Deployment
          • โฌ†๏ธUpgrading
          • ๐Ÿ”™Backup tools
          • ๐ŸกSetting up environment parameters
          • ๐Ÿ“Summary of URLs and Ports
          • ๐Ÿ’ปLaunching Guardian
          • ๐ŸงชHow to perform Unit Tests?
        • ๐Ÿ”จHow to Configure Hedera Local Node
        • ๐Ÿ”จHow to Configure HashiCorp Vault
        • ๐Ÿ”จHow to create Operator ID and Operator Key
        • ๐Ÿ”จHow to generate Web3.Storage API values
        • ๐Ÿ”จHow to Change Explorer URL
        • ๐Ÿ”จHow to Restore Account from Database/Hashicorp Vault during Setup
      • ๐Ÿ™Contributing
        • ๐Ÿš‡Contribute a New Policy
      • ๐Ÿ“–Frameworks/Libraries
        • ๐Ÿ’ปGuardian CLI
      • โš™๏ธAPI Guideline
      • ๐Ÿ”Guardian Vault
      • ๐ŸŒŽEnvironments
        • ๐ŸŒŽMulti session consistency according to Environment
        • ๐Ÿ”‘Dynamic Vault/KMS path configuration according to the environment
        • ๐ŸกEcosystem Environments
      • ๐Ÿ“ƒChange Log
      • ๐Ÿ›ฃ๏ธRoadmap
      • ๐ŸšจLicense
      • ๐Ÿ“žContact
      • ๐Ÿ”Security
      • ๐Ÿ”‘Meeco authentication
        • ๐Ÿ”กHow it works
    • ๐Ÿ‘ทArchitecture
      • โฌ‡๏ธDeep Dive Architecture
      • ๐Ÿ”บHigh Level Architecture
      • ๐Ÿ‘Policies,Projects and Topics Mapping Architecture
      • โž—MRV Splitting Logic
      • ๐Ÿ”‘Internal (with Vault)Signing Sequence Diagram
      • ๐Ÿ”ฅFireBlocks Signing Sequence Diagram
    • ๐Ÿ“‡Global Indexer
      • ๐Ÿ’ปIndexer User Guide
      • โš™๏ธIndexer APIs
        • Full Text Indexer Search
        • Returns Standard Registries
        • Returns Registry as per MessageID
        • Returns Registry Users
        • Returns Registry User as per MessageID
        • Returns Policies
        • Returns policy as per MessageID
        • Returns Tools
        • Returns Tool as per MessageID
        • Returns Modules
        • Returns Module as per MessageID
        • Returns Schemas
        • Returns Schema as per MessageID
        • Returns Schema Tree
        • Returns Tokens
        • Returns Token as per TokenID
        • Returns Roles
        • Returns Role as per MessageID
        • Returns DIDs
        • Returns DID as per MessageID
        • Returns DID Relationships
        • Returns VP Documents
        • Returns VP Document as per MessageID
        • Returns VP Relationships
        • Returns VC Documents
        • Returns VC Document as per MessageID
        • Returns VC Relationships
        • Returns NFTs
        • Returns NFT as per Serial No.
        • Returns Topics
        • Returns Topic as per TopicID
        • Returns Contracts
        • Returns Contract as per MessageID
        • Returns Landing Page Analytics
        • Returns Project Coordinates
        • Returns Search Policy Results
        • Attempts to refresh linked files for the selected documents
        • Returns Hedera Network
        • Returns Hedera Network Explorer Settings
        • Returns Data Loading Progress Result
        • Returns Registry Relationships
        • Returns Policy Relationships
        • Retrieve the list of formulas
        • Retrieve the formula by message ID
        • Retrieve linked documents which are related to formula
        • Returning Topic Data Priority Loading Progress
        • Adding Topic Data Priority Loading
        • Adding Policy Data for Priority Loading
        • Adding Token Data for Priority Loading
        • Adding Document to Data Priority Loading
    • ๐Ÿ—บ๏ธMap Related APIs
      • Returning map API Key
      • Returning Sentinel API Key
    • ๐Ÿ—„๏ธStandard Registry
      • ๐Ÿ› ๏ธSchemas
        • ๐Ÿ“‚Available Schema Types
        • ๐Ÿ“‚Property Glossary
        • โ„น๏ธTypes of Schemas
        • โ„น๏ธSchema Versioning & Deprecation Policy
        • ๐Ÿ“นHow to design a Schema of a Methodology
        • ๐Ÿ’ปCreating Schema using UI
        • โš™๏ธSchema APIs
          • Listing of Schema
          • Publishing Schema based on Schema ID
          • Updating Schema
          • Deleting a Schema
          • Schema Preview from IPFS
          • Schema Preview from Zip
          • Export message IDs of Schema
          • Export Files from Schema
          • Creation of Schema related to the topic
          • Returns all Schemas related to the topic
          • Importing Zip file containing Schema
          • Importing Schema from IPFS
          • Returning Schema by SchemaID
        • โš™๏ธSystem Schema APIs
          • Returns Schema by Type
          • Creates New System Schema
          • Returns Schema by Username
          • Updates the Schema
          • Delete System Schema
          • Publishes the Schema
          • Schema Type
          • Returns Map API Key
        • โš™๏ธSchema APIs for Asynchronous Execution
          • Creation of Schema
          • Publishing Schema
          • Previews the Schema from IPFS
          • Importing Schema from IPFS
          • Importing Schema from .zip
        • ๐Ÿ“Schema Differentiation
          • ๐Ÿ’ปSchema Differentiation using UI
          • โš™๏ธSchema Differentiation APIs
            • Compare Schemas
            • Exports Schema Differentiation Results
        • ๐Ÿ“Example Data
          • ๐Ÿ’ปAdding Example data using UI
        • ๐Ÿ“‚Schema Tree
          • ๐Ÿ’ปSchema Tree UI
          • โš™๏ธAPI for Returning Schema Tree
        • ๐Ÿ“Tag Schema
          • ๐Ÿ’ปCreating Tag Schemas using UI
          • โš™๏ธSchema Tags APIs
            • Returning all Schema Tags
            • Creating new Schema Tag
            • Deleting Schema Tag
            • Updating Schema Tag
            • Publishing Schema
            • Returning list of published schemas
        • Schema Predefined Values using UI
        • Schema Rules
          • Defining Schema Rules using UI
          • APIs related to Schema Rules
            • Creation of the new schema rule
            • Retrieve the schema rules
            • Retrieve the configuration of the rule by its ID
            • Update the configuration of the rule with the corresponding ID
            • Delete the rule by its ID
            • Activate the rule with the specified ID
            • Deactivate the rule with the specified ID
            • List all the schemas and policy relevant to the rule with the specified ID
            • Retrieve all the data needed for evaluating the rules
            • Create a new rule from the file
            • Load the file and return its preview
            • Export the selected rule (by ID) into the file
      • ๐Ÿ› ๏ธPolicies
        • ๐ŸŽ“Policy Glossary
        • ๐Ÿ“Versioning and Deprecation Policy
          • โ„น๏ธPolicy Versioning & Deprecation Policy
          • โ„น๏ธAPI Versioning & Deprecation Policy
          • โ„น๏ธInternal APIs Versioning & Deprecation Policy
        • ๐Ÿ”ฉPolicy Creation
          • ๐Ÿ”„Available Policy Workflow Blocks
            • InterfaceContainerBlock
            • PolicyRolesBlock
            • InterfaceStepBlock
            • requestVCDocumentBlock
            • sendToGuardianBlock
            • reassigningBlock
            • InformationBlock
            • InterfaceDocumentsSourceBlock
            • paginationAddon
            • DocumentsSourceAddOn
            • filtersAddOnBlock
            • InterfaceActionBlock
            • externalDataBlock
            • retirementDocumentBlock
            • calculateContainerBlock & calculateMathAddOnBlock
            • reportBlock & reportItemBlock
            • switchBlock
            • aggregateDocumentBlock
            • TimerBlock
            • revokeBlock
            • setRelationshipsBlock
            • buttonBlock
            • documentValidatorBlock
            • tokenActionBlock
            • tokenConfirmationBlock
            • mintDocumentBlock
            • Events
            • groupManagerBlock
            • multiSignBlock
            • customLogicBlock
            • splitBlock
            • wipeDocumentBlock
            • Create Token Block
            • impactAddon
            • Http Request Block
            • historyAddon
            • selectiveAttributes Block
            • tagsManagerBlock
            • extractDataBlock
            • externalTopicBlock
            • messagesReportBlock
            • notificationBlock
            • Button Block Addon (buttonBlockAddon)
            • Dropdown Block Addon (dropdownBlockAddon)
            • Request Vc Document Block Addon (requestVcDocumentBlockAddon)
            • Data Transformation Addon
          • ๐Ÿ’ปCreating Policy using UI
          • ๐Ÿ’ปCreating a Policy through Policy Configurator
            • Getting Started with the Policy Workflows
            • Policy Workflow Step 1
            • Policy Workflow Step 2
            • Policy Workflow Step 3
            • Policy Workflow Step 4
            • Policy Workflow Step 5
            • Policy Workflow Step 6
            • Policy Workflow Step 7
            • Policy Workflow Step 8
            • Policy Workflow Step 9
            • Policy Workflow Step 10
            • Policy Workflow Step 11
            • Policy Workflow Step 12
            • Policy Workflow Step 13
            • Policy Workflow Step 14
            • Policy Workflow Step 15
            • Policy Workflow Step 16
            • Policy Workflow Step 17
            • Policy Workflow Step 18
            • Policy Workflow Step 19
            • Policy Workflow Step 20
            • Policy Workflow Step 21
            • Policy Workflow Step 22
            • Policy Workflow Step 23
            • Policy Workflow Step 24
            • Policy Workflow Step 25
            • Policy Workflow Wrap Up
          • โš™๏ธCreating a Policy using APIs
            • Prerequesite Steps
            • Creation of a Policy
            • Policy Listing
            • Import a Policy from IPFS
            • Policy Preview from IPFS
            • Retrieves Policy Configuration
            • Updates Policy Configuration
            • Publish a Policy
            • Policy Validation
            • Retrieval of Data for Root Policy Block
            • Request Block Data
            • Sends Data to Specified Block
            • Returns Block ID by tag
            • Exporting Message ID
            • Export to zip file
            • Import from zip file
            • Retrieves Block Data by Tag
            • Sends Data to specified Block by Tag
            • Returns list of Groups of a particular user
            • Make the selected Group active
            • Creating link between policies
            • Requesting Multi Policy Config
            • Importing Policy from a Zip file with Metadata
          • โš™๏ธAPIs for Asynchronous Execution
            • Creates new Policy
            • Publishing a Policy
            • Importing a Policy from IPFS
            • Importing a Policy from file
            • Policy Review
            • Importing Policy from a Zip file with Metadata
        • ๐Ÿ“Dry Run
          • ๐Ÿ’ปDry Run Mode using UI
          • โš™๏ธDry Run Mode using APIs
            • Running Policy without making any changes
            • Returning all Virtual Users
            • Creating Virtual Account
            • Logging Virtual User
            • Restarting the execution of Policy
            • Returns List of Transactions
            • Returns List of Artifacts
            • Returns List of IPFS Files
            • Returning Policy to Editing
            • Create Savepoint
            • Returns Savepoint State
            • Restoring SavePoint
            • Deletes SavePoint
        • ๐Ÿง‘โ€๐Ÿคโ€๐Ÿง‘Roles and Groups
          • ๐Ÿ’ปCreating Roles and Groups using Policy Configurator UI
        • ๐Ÿ“Record/Replay
          • ๐Ÿ’ปPolicy execution record and replay using UI
          • โš™๏ธRecord/Replay APIs
            • Get Recording
            • Start Recording
            • Stop Recording
            • Get Recorded Actions
            • Run record from zip file
            • Stop Running
            • Get Running Results
            • Get Running Details
            • Fast Forward
            • Retry Step
            • Skip Step
        • ๐Ÿ“Global Policy Search & Compare
          • ๐Ÿ’ปGlobal search and comparison UI
          • ๐Ÿ’ปPolicy Differentiation using UI
          • โš™๏ธPolicy Compare and Search APIs
            • Comparing Policies
            • Searching Policies
            • Exports Comparison results
        • ๐Ÿ”Block/Policy Discoverability
          • ๐Ÿ’ปSearch Policy using UI
          • โš™๏ธSearch Policy APIs
            • Search Policy
          • ๐Ÿ’ปSearch Block using UI
          • โš™๏ธSearch Block APIs
            • Searching Same Blocks
        • ๐Ÿ“‚Document Comparison
          • ๐Ÿ’ปDocument Comparison using UI
          • โš™๏ธDocument Comparison APIs
            • Compare Documents
            • Export Comparison Results
        • ๐Ÿ“‚Tools
          • ๐Ÿ’ปTools using UI
          • โš™๏ธTools APIs
            • Creating new Tool
            • Returns list of tools
            • Creating new tool asynchronously
            • Deletes the Tool
            • Retrieves Tool Configuration
            • Updates Tool Configuration
            • Publishes Tool onto IPFS
            • Publishes Tool into IPFS asynchronously
            • Validates Selected Tool
            • Returns Tools and its artifacts in zip format
            • Retrieves Hedera Message ID
            • Previews Imported Tool from IPFS
            • Imported Tool from IPFS
            • Previews Imported Tool from Zip
            • Importing Tool from Zip
            • Imports new tool from Zip Asynchronously
            • Imports new tool from IPFS Asynchronously
            • Returns List of Tools
            • Importing Tool from a Zip file
            • Importing Tool from a Zip file asynchronously
        • ๐Ÿ“Modules
          • ๐Ÿ’ปModules using UI
          • โš™๏ธModules APIs
            • Returns all Modules
            • Creating new Module
            • Returns Module Menu
            • Retrieves Module Configuration
            • Updates Module Configuration
            • Delete the Module
            • Publishing Module onto IPFS
            • Returns Hedera ID for specific Module
            • Exporting Module in zip format
            • Import Module from IPFS
            • Import module from zip file
            • Preview Module from IPFS
            • Preview Module from zip file
            • Validates Module
          • ๐Ÿ“Modules Differentiation
            • ๐Ÿ’ปModule Differentiation using UI
            • โš™๏ธModule Differentiation APIs
              • Returns result of Module Comparison
              • Exports Comparison Result
        • ๐Ÿ“Tagging
          • ๐Ÿ’ปTagging using UI
          • โš™๏ธTagging APIs
            • Creating Tag
            • Searching Tag
            • Deleting Tag
            • Synchronization of tags
        • ๐Ÿ“Themes
          • ๐Ÿ’ปThemes using UI
          • โš™๏ธThemes APIs
            • Returning all themes
            • Creating theme
            • Updating theme Configuration
            • Deleting theme
            • Returning zip file containing themes
            • Importing theme
        • ๐Ÿ“Policy Wizard
          • ๐Ÿ’ปDemo on Policy Wizard using UI
          • โš™๏ธPolicy Wizard APIs
            • Creating new Policy
            • Getting Policy Configuration
        • ๐Ÿ“‚Auto Suggestion
          • ๐Ÿ’ปDemo using UI
          • โš™๏ธAuto Suggestion APIs
            • Get next and nested suggested block types
            • Get suggestions configuration
            • Set suggestions configuration
        • ๐Ÿ“Auto Testing of the Policies
          • ๐Ÿ’ปAuto Testing using UI
          • โš™๏ธAuto Testing Policies APIs
            • Adding new Test to the policy
            • Returning Policy Test by ID
            • Running the Policy Test
            • Stopping the Specified Test
            • Deleting the Specified Test
            • Returning details of the most recent test run
        • ๐Ÿ“”Library of Policy Examples
          • ๐Ÿ’ปCreating and using Roles
          • ๐Ÿ”ขData input via Forms, using Roles to partition user activities.
          • ๐Ÿช™Token Operations
          • ๐Ÿ”ŽMRV Document Operations
          • โ›“๏ธTrustChain reports
          • โž—MRV aggregation and splitting for minting tokens
        • ๐Ÿ’ปDemo on Integrating external policies using UI
        • Policy Labels
          • Policy Labels UI
          • โš™๏ธAPIs related to Policy Labels
            • Creating new Label definition
            • Retrieve the list of Label definitions
            • Retrieve a label definition configuration by ID
            • Update Label configuration by ID
            • Delete Label definition by ID
            • Publish Label definition by ID
            • Publish Label definition by ID asynchronously
            • Retrieve the list of components for Label configuration (schemas, policies, etc)
            • Import Label configuration from a file
            • Export Label configuration to a file
            • Preview of the imported file
            • Search for Labels and Statistics for importing into Label configuration
            • Retrieve the list of created tokens (VPs) for which a Label document can be created
            • Retrieve token (VP) and all its dependencies by document ID
            • Create a new Label document for token (VP)
            • Retrieve a list of created Label documents
            • Retrieve Label document by ID
            • Retrieve linked Label documents by ID
        • Formula Linked Definitions
          • Formula Linked Definitions using UI
          • โš™๏ธAPIs related to Formula Linked
            • Creating a new formula
            • Returns a list of formulas
            • Returns a formula by its ID
            • Update the formula by its ID
            • Delete the formula by its ID
            • Retrieve the list of all schemas and policies linked to a Formula
            • Create a new formula (import) from a file
            • Export selected formulas into a file
            • Loads (import) a file and return its preview
            • Publish a formula
            • Retrieve all data from documents that needed for displaying the formula
      • ๐Ÿ”‘Bring your own DIDs
        • ๐Ÿ’ปBring your own (BYO) DIDs UI
        • โš™๏ธAPIs
          • Validate DID Format
          • Validate DID Keys
      • ๐Ÿ“Import/Export in Excel
        • ๐Ÿ’ปImport and Export Excel file User Guide
        • โš™๏ธImport/Export Schemas/Policies APIs
          • Import Schemas in Excel file format into a policy
          • Asynchronously Imports Schemas in Excel file format into a policy
          • Previews Schema from Excel file
          • Returns Schema in Excel file format
          • Returns list of Schemas
          • Exporting Policy to Excel
          • Import Schemas in Excel file format into a Policy
          • Asynchronously Imports Schemas in Excel file format into a policy
          • Policy Preview from Excel file
      • ๐Ÿ“Project Comparison
        • ๐Ÿ’ปProject Comparison using UI
        • โš™๏ธProject Comparison APIs
          • Comparing Project Data Documents
          • Comparing VP Documents - V1
          • Retrieves all Properties
          • Search Projects by filters
      • ๐Ÿ”‘Selective Disclosure
        • ๐Ÿ“”User Guide
        • ๐Ÿ”Selective Disclosure Demo
      • ๐Ÿ“ˆUsage Statistics
        • ๐Ÿ’ปStatistics
        • โš™๏ธAPIs related to Statistics
          • Returns the status of the current report
          • Update current report
          • Returns all reports
          • Returns report data by report uuid
          • Export report data in a csv file format
          • Export report data in a xlsx file format
          • Returns all dashboards
          • Returns dashboard by uuid
          • Returns Metrics
      • ๐Ÿ“’Artifacts
        • ๐Ÿ’ปImporting/Deleting Artifacts using UI
        • โš™๏ธArtifacts APIs
          • Returns all Artifacts
          • (deprecated) Returns all Artifacts
          • Upload Artifacts
          • (deprecated) Upload Artifacts
          • Delete Artifact
          • (deprecated) Delete Artifact
      • ๐Ÿ’ปAsynchronous Tasks Status
      • Show list of Hedera Transactions
        • Showing List of Hedera Transactions using
        • APIs
          • Returning all transactions for Policy
          • Returning all transactions for Schema
          • Returning all transactions for Token
          • Returning all transactions for Contract
      • ๐Ÿ””Notifications
        • ๐Ÿ’ปUser Guide
        • โš™๏ธAPIs related to Notification
          • Get All Notifications
          • Get new Notifications
          • Get Progresses
          • Read All Notifications
          • Delete Notifications
      • ๐Ÿ“Discontinuing Policy Workflow
        • ๐Ÿ’ปUser Guide
        • โš™๏ธAPIs related to Discontinuing Policy workflow
          • Discontinue Policy
          • MigratePolicy Data
          • Migrate Policy Data Asynchronous
          • Get Policy Documents
      • ๐Ÿ“Live Project Data Migration
        • โ†”๏ธLive Project Data Migration UI
        • โš™๏ธAPIs related to Live Project Data Migration
          • Getting Policy Data
          • Uploading Policy Data
          • Getting Policy Tag Block Map
          • Getting Policy Virtual Keys
          • Uploading Policy Virtual Keys
      • ๐Ÿ”ฅFireBlocks Raw Signing
        • Fireblocks signing in Guardian UI
        • Getting Keys from FireBlocks UI
      • ๐Ÿ™Roles & Permissions
        • ๐Ÿ’ปRoles and Permissions User Guide
        • โš™๏ธAPIs related to Roles & Permissions
          • Returns list of all permissions
          • Returns list of all roles
          • Creates a New Role
          • Updates Role Configuration
          • Deletes Role
          • Setting Default Role
          • Returns list of all users for whom the current user can change the role
          • Retrieves information about the user (roles, permissions assigned policies)
          • Updates User Roles (only SR)
          • Returns list of all Policies
          • Assigns Policies to a User - Only SR
          • Updates user roles (for ordinary uses)
          • Assigns policies to a user (for ordinary users)
      • Decentralized Guardian
        • Remote Policy UI
        • APIs
          • Returns the list of requests for adding remote policies
          • Previews the policy from IPFS without loading it into the local DB.
          • Policy Import from IPFS
          • Approves policy Asynchronously
          • Rejects policy Asynchronously
          • Approves Policy
          • Rejects policy
          • Return a list of all policies
          • Approves a request for an action from a remote Guardian
          • Rejects a request for an action from a remote Guardian
          • Return a count of policy requests
      • Change Password
        • Password Security Hardening and Change Password using UI
        • โš™๏ธAPI related to Change Password
          • Change Password
      • ๐Ÿ“TrustChain
        • โš™๏ธTrustChain APIs
          • Requesting
          • Building and returning
      • ๐Ÿœ๏ธExternal Events
        • ๐Ÿ› ๏ธMonitoring Tools
          • โ›๏ธApplication-events module
        • โš™๏ธSend Data using the External Data APIs
          • Sends Data from an External Source
      • ๐Ÿ“ฑMobile Support for Data Interface
        • ๐Ÿ“ฑMobile operation for the Standard Registry
      • ๐Ÿ› ๏ธStandard Registry Operations
        • โš™๏ธSettings APIs
          • Displaying Current Settings
          • Adding Settings
        • โš™๏ธLogs APIs
          • Returning Logs
          • Returning Log Attributes
        • โš™๏ธTask Statuses APIs
          • Returning Task Statuses
      • ๐Ÿ“นDemo Experience
    • ๐ŸคตUsers
      • ๐Ÿ› ๏ธUser Operations
        • โš™๏ธAccount APIs
          • Authentication Process
          • User listing except Standard Registry and Auditor
          • User Balance
          • User Session
          • User Login
          • Registering new account
          • Returns all Standard Registries
          • Returns Access Token
        • Profile APIs
          • User Account Balance
          • User Account Information
          • Setting User Credentials
          • Setting User Credentials Asynchronously
      • ๐Ÿ“ฑMobile Support for Data Interface
        • ๐Ÿ“ฑMobile Operation for the user
      • ๐Ÿ› ๏ธUser Profile Setup
      • ๐Ÿค–AI Search
        • ๐Ÿ’ปAI Search using UI
        • โš™๏ธAI Search APIs
          • Returns response
          • Rebuilds vector based on policy data
      • ๐Ÿ”ŽGuided Search of Methodologies
        • ๐Ÿ’ปSearch using UI
        • โš™๏ธSearch APIs
          • Retrieves list of all categories
          • List of policies that are best suited for given parameters
      • โœ–๏ธMulti Policy
        • ๐Ÿ’ปConfiguring Multi Policy using UI
      • Bottom Up Data Traceability
        • Bottom Up Data Traceability using UI
        • โš™๏ธRelated APIs
          • Create new Statistics Definition
          • Get the list of Statistics Definitions
          • Retrieve details of the Statistics Definition by ID
          • Update configuration of the Statistics Definition by ID
          • Delete the Statistics Definition by ID
          • Publish Statistics Definition by ID
          • Retrieve the list of linked schemas and policy
          • Retrieve the list of all documents conforming the rules of the Statistics Definition.
          • Create a new Statistics Assessment based on the Statistics Definition
          • Retrieve the list of existing Statistics Assessment
          • Retrieve the Statistics Assessment by ID
          • Retrieve all VC documents related to the Statistics Assessment
    • ๐Ÿช™Tokens
      • ๐Ÿ’ปCreating Token using UI
      • ๐Ÿ“’Token Template
        • Creating Token Template using UI
        • Creating Token through UI using Token Template
      • ๐Ÿ“–Token Authenticity
        • โ„น๏ธEstablishing Token Authenticity
      • Dynamic Token Creation in Policies
        • Dynamic Token Creation in Guardian Policies using UI
      • ๐Ÿ› ๏ธToken Operations
        • โš™๏ธToken APIs
          • Token Listing
          • Creation of Token
          • User Info for selected token
          • Associates the user with token
          • Disassociates the user with token
          • Grants KYC for the user
          • Revoke KYC of the user
          • Freeze Tokens of a user
          • UnFreeze Tokens of a user
          • Returns Token Serials
        • โš™๏ธAPIs for Asynchronous Execution
          • Token Creation
          • Associating User with the Hedera Token
          • Disassociating User with the Hedera Token
          • Setting KYC for the User
          • Unsetting KYC for the User
      • ๐Ÿ“”Token Retirement Contract
        • ๐Ÿ’ปCreating Contract using UI
        • โ›“๏ธTrustChain representation of token retirement
        • โš™๏ธRetirement APIs
          • Returning all contracts
          • Creating new Contract
          • Importing new Contract
          • Get Contract Permissions
          • Removing Contract
          • Returns a list of all Wipe requests
          • Enabling Wipe Requests
          • Disabling Wipe Requests
          • Approving Wipe Requests
          • Rejecting Wipe Requests
          • Clearing Wipe Requests
          • Adding Wipe Admin
          • Removing Wipe Admin
          • Adding Wipe Manager
          • Removing Wipe Manager
          • Adding Wipe Wiper
          • Removing Wipe Wiper
          • Syncing Retire Pools
          • Returning list of all Retire Requests
          • Returning list of all Retire Pools
          • Deleting Retire Requests
          • Deleting Retire Pools
          • Setting Retire Pools
          • Unsetting Retire Pool
          • Unsetting Retire Request
          • Retiring Tokens
          • Approving Retire Request
          • Cancelling Retire Request
          • Adding Retire Admin
          • Removing Retire Admin
          • Returning all Retired VCs
          • Adding Wipe for specific token
          • Remove Wipe request for specific token
          • Deleting Wipe request for Hedera Account
          • Get Retirement VCs from Indexer
    • ๐Ÿ‘พAutomation Testing
      • ๐Ÿ’ปPerforming API Automation Testing
      • ๐Ÿ’ปPerforming UI Automation Testing
    • ๐Ÿ“•Logging Configuration using Pino Library
    • ๐Ÿ“”Guidance for Open Source Policy Submissions
    • ๐Ÿ“Demo Guide
      • ๐Ÿ”‹Renewable Energy Credits
        • ๐Ÿ“–Introduction to International Renewable Energy Credit Standard (iREC)
        • โš™๏ธiREC API Demo Guide
        • โš™๏ธDemo Using APIs and UI
        • ๐Ÿ’ปiREC 5 Demo UI Guide
        • โš™๏ธiREC 5 json
        • ๐Ÿ’ปiREC 7 User Journey UI Demo Guide
        • ๐Ÿ’ปiREC 7 Demo UI Guide
      • โ˜˜๏ธCarbon Offsets
        • ๐Ÿ“–Introduction to Verra Redd+
        • ๐Ÿ’ปVerra Redd VM0007 Demo UI Guide
        • ๐Ÿ’ปVerra Redd_3 User Journey Demo UI Guide
        • ๐ŸŽVM0017 Adoption of Sustainable Agricultural Land Management, v1.0
        • ๐ŸŽVM0042 Methodology for Improved Agricultural Land Management
        • ๐ŸŒฒVerra VM0047 - Afforestation, Reforestation, and Revegetation (ARR) v0.1
        • ๐ŸŒฒGold Standard Afforestation and Reforestation (AR) v2.0
        • ๐ŸƒDovu Methodologies
        • ๐Ÿ€Dovu MMCM
        • โ™จ๏ธImproved Cookstove
        • โ™จ๏ธGoldStandard - Metered Energy Cooking
        • ๐Ÿ€Carbon Reduction Measurement - GHG Corporate Standard Policy Guid
        • ๐ŸขVM0044 Methodology for Biochar Utilization in Soil and Non-Soil Applications
        • ๐ŸญCDM AMS-III.AR : Substituting fossil fuel based lighting with LED/CFL lighting systems
        • ๐ŸจCDM AMS II.G: Energy Efficiency Measures in Thermal Applications of Non-Renewable Biomass
        • ๐ŸญCDM AMS III.D: Methane Recovery in Animal Manure Management Systems
        • ๐ŸญCDM AMS III.BB: Electrification of communities through grid extension
        • ๐ŸญCDM AR-ACM0003: Methodology for Afforestation and Reforestation of Lands Except Wetlands
        • ๐ŸญCDM ACM0001: Flaring or Use of Landfill Gas
        • ๐ŸญCDM ACM0002: Grid-Connected Electricity Generation from Renewable Sources
        • ๐ŸญCDM ACM0006: Electricity and Heat Generation from Biomass
        • ๐ŸขCDM ACM0007: Conversion from Single Cycle to Combined Cycle Power Generation
        • ๐ŸญCDM AMS-I.A.: Electricity Generation by the User
        • ๐ŸญCDM AMS-I.C.: Thermal Energy Production with or Without Electricity
        • ๐ŸจCDM AMS-I.F.: Renewable Electricity Generation for Captive Use and Mini-Grid
        • ๐ŸญCDM AMS-II.J.: Demand-Side Activities for Efficient Lighting Technologies
        • ๐ŸจCDM AMS-III.AV.: Low Greenhouse Gas Emitting Safe Drinking Water Production Systems
        • ๐ŸญCDM AMS-III.F.: Avoidance of Methane Emissions Through Composting
        • ๐ŸขCDM AMS-III.H.: Methane Recovery in Wastewater Treatment
        • ๐ŸญCDM ACM0018: Electricity Generation from Biomass in Power-Only Plants
        • โฌ‡๏ธVerra PWRM0001 :Plastic Waste Collection Methodology
        • ๐ŸญVM0041 Methodology for the Reduction of Enteric Methane Emissions from Ruminants through the Use of
        • ๐Ÿฅ‡Carbon Sequestration through Accelerated Carbonation of Concrete Aggregate
        • ๐ŸญAMS-I.D: Grid Connected Renewable Electricity Generation โ€“ v.18.0
        • ๐ŸญPWRM0002 : Plastic Waste Recycling Methodology
        • ๐ŸšMethane Emission Reduction by Adjusted Water Management Practice in Rice Cultivation
        • โ›ฝVerra VMR0006: Energy Efficiency and Fuel Switch Measures in Thermal Applications
        • ๐ŸŒฉ๏ธAMS-I.E Switch from Non-Renewable Biomass for Thermal Applications by the User
        • GCCM001 v.4 Methodology for Renewable Energy Generation Projects Supplying Electricity to Grid
        • Landfill Gas Destruction and Beneficial Use Projects, Version 2.0
        • Climate Action Reserveโ€™s U.S. Landfill Protocol Version 6.0
        • VM0042 Improved Agricultural Land Management, v2.1
      • ๐ŸญCarbon Emissions
        • ๐ŸกRemote Work GHG Policy
          • ๐Ÿ“–Introduction to Remote Work GHG
          • ๐Ÿ’ปGHG Policy User Journey UI Demo Guide
          • ๐Ÿ’ปRemote GHG Policy Demo Guide
        • ๐ŸขCarbon Emissions Measurement - GHG Corporate Standard Policy Guide
        • ๐Ÿญatma GHG Scope II Carbon Emission Policy
        • ๐ŸญAtma Scope 3 GHG Policy
        • ๐ŸญGHGP Corporate Standard
        • ๐ŸญGHGP Corporate Standard V2
        • Climate Action Reserveโ€™s U.S. Landfill Protocol Version 6.0
        • Landfill Gas Destruction and Beneficial Use Projects, Version 2.0
    • โ“FAQs
    • ๐Ÿ‘ฌCommunity Standards
      • Guardian Policy Standards (GPS)
      • Guardian System Standards (GSS)
      • Proposal for Defining Standards
  • Feedback
    • Feedback in Pipelines
  • ๐Ÿ“ˆGuardian in Production
    • ๐Ÿ“„API Architecture Customization
    • ๐Ÿ“‰Monitoring tools
    • Performance Improvement
    • Cloud Infrastructure
    • Independent Packaged Deployment
Powered by GitBook
On this page
  • Rancher Deployment
  • K8s cluster deployment
  • Guardian deployment
  • Types of services
  1. Guardian
  2. Getting Started
  3. Installation Guide
  4. Installation

Cloud Deployment

This document describes how to deploy a guardian instance on one of the three major cloud providers using Kubernetes.

Last updated 1 year ago

This document provides a comprehensive guide for deploying the platform on various cloud providers, including AWS, GCP, and Azure. The guide focuses on using Rancher as the cluster management tool, making it applicable to a wide range of cloud providers supported by Rancher, as well as on-premises and hybrid cloud deployments.

NOTE: The contents of this guide has been written and tested using Guardian 2.14.2 and Rancher 2.7, the latest stable version at writing time. The guide might not be applicable to different versions, specially major versions.

Rancher Deployment

To begin the Rancher deployment process, the first step is setting up a Rancher server. We'll assume the Rancher server will be created in the same cloud provider as the Guardian instance, but it's important to note that this is not mandatory. Alternatively, you can use a Rancher container distribution and run it locally, enabling you to deploy the Guardian instance to any cloud provider. However, having the Rancher server running in the cloud will be beneficial for future cluster management and monitoring.

  • Rancher deployment on AWS:

  • Rancher deployment on GCP:

  • Rancher deployment on Azure:

Once you have your Rancher server up and running, you can access it through the web interface, and you should see something like this:

You should be able to log in with the credentials you created during the installation process. Once you're logged in, you'll be able to manage your clusters and deploy new ones on any cloud provider. Additionally, you'll see a couple of default clusters created by Rancher, one of them is the local cluster, which is the one where Rancher is running, and the other one is the sandbox cluster, which is a cluster created by Rancher to test deployments and other features.

K8s cluster deployment

After setting up your Rancher server successfully, the next step is to deploy a Kubernetes cluster on your preferred cloud provider. In this guide, we will utilize the managed Kubernetes solutions offered by cloud providers. However, you also have the option to deploy a cluster using VMs, a different distribution like k3s, or even use the Rancher-provided sandbox cluster if you do not intend to use it for production workloads. At the moment of writing this document, the recommended Kubernetes version for AWS and Azure is 1.25, and 1.26 for GCP.

After the cluster is created, you'll be able to navigate to the cluster management section to see details for the cluster like nodes. In that section you can edit the cluster configuration, add nodes, etc.

You can also explore the cluster by clicking on the cluster name on the left side menu. In this view you can list and create all resources in the cluster, including namespaces, controller, access permissions, services, helm applications, monitoring, etc. From now on we'll focus on this "exploration view", which is the one you'll use to deploy the Guardian components.

How to deploy Kubernetes manifests on Rancher

An important part of the Rancher UI is the top header, specially the namespace dropdown. This dropdown allows you to select the namespace where you want to deploy the manifests. By default, Rancher will create a namespace named default, but you can create as many namespaces as you want. Get familiar with this dropdown and check it to see the selected namespace before panicking if you don't see the resources you expect to see under any section.

Guardian deployment

For this guide we've divided the different manifests into several folders, which name is prefixed by a number, this is to indicate the order in which they should be deployed. The reason for this is that some of the components depend on others, so we need to deploy them in the right order to avoid errors and to ease service discovery.

Nginx ingress controller

The first component we need to deploy is the Nginx ingress controller. This component is used to expose the different services to the outside world. You can find more details about this component in the official documentation, but for this guide we're going to use the default configuration.

AWS

kubectl --kubeconfig KUBECONFIG-FILE apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.8.1/deploy/static/provider/aws/deploy.yaml

GCP

kubectl --kubeconfig KUBECONFIG-FILE apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.8.1/deploy/static/provider/cloud/deploy.yaml

Azure

kubectl --kubeconfig KUBECONFIG-FILE apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.8.1/deploy/static/provider/cloud/deploy.yaml

After this step is completed you should see a Load Balancer service created in your cluster with a external IP address where you'll have access to Guardian once it is deployed. You can check the status of the service by running the following command:

kubectl --kubeconfig KUBECONFIG-FILE -n ingress-nginx get svc -o wide

You can also find the load balancer using your cloud privider console. The domain name configuration and, DNS records and TLS certificates with SSL termination on the load balancer are out of the scope of this document.

Guardian manifests

To use a namespace different than default one, you need to add the --namespace <namespace> flag to the commands above. And create the namespace before running the commands.

kubectl --kubeconfig KUBECONFIG-FILE apply -f ./k8s-manifests/1-config/
kubectl --kubeconfig KUBECONFIG-FILE apply -f ./k8s-manifests/2-service/
kubectl --kubeconfig KUBECONFIG-FILE apply -f ./k8s-manifests/3-controller/

PRO-TIP: if you plan to use the web ui, this command executed locally may help to deploy all manifests on a single shot by coping in your clipboard a huge text with all the manifests content together: find k8s-manifests -type f | sort | xargs cat | pbcopy for macos, or find k8s-manifests -type f | sort | xargs cat | xsel -b for linux users.

Manifests folder structure

1-config

This folder contains configuration manifests that are required for the rest of the components to work. You can find more details about the configuration in the relevant section fo the documentation, but for the demonstration of this document, the only important file is 0-general-config.yaml, which contains the configuration for the different services. You can edit this file to change the configuration of the services. The rest of the files are related to the specific settings each individual service can override, based on the multi-environment feature.

Multi-environment feature settings

The key settings to turn on the multi-environment feature are GUARDIAN_ENV and OVERRIDE. The first one is used to indicate the environment name, and the second one is used to indicate if the service should override the default configuration or not. If the service is not overriding the default configuration, it will use the default one. If the service is overriding the default configuration, it will use the configuration defined in the service manifest.

NOTE: when using the multi-environment feature, each service will try to read its config file from a file named .env.gateway.${GUARDIAN_ENV}, that file is not mounted in the manifests, so you'll need to update the corresponding controller manifests and re-deploy them, and deploy before the new configSet. See below a simplified example:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: foo-service
spec:
  replicas: 2
  selector:
    matchLabels:
      service: foo-service
  template:
    spec:
      containers:
          image: gcr.io/hedera-registry/foo-service
          name: foo-service
          volumeMounts:
            - mountPath: /usr/local/foo-service/configs/.env.foo.${GUARDIAN_ENV}
              name: foo-service
              subPath: .env
      volumes:
        - configMap:
            items:
              - key: .env.foo.${GUARDIAN_ENV}
                path: .env
            name: foo-service
          name: foo-service

2-service

This folder contains the manifests for the different services that needs to be created in the cluster. Not all of them are exposed to the outside world, and some of them are only used internally by other services.

NOTE: the manifest web-proxy-ingress.yaml creates the external routes for the exposed services. Some of them are potentially dangerous if exposed to the internet, for example, /mongo-admin, so please make sure you understand the implications of exposing them before doing so and disable the ones you don't need or protect them.

3-controller

This folder contains the manifests for the different controllers that needs to be created in the cluster. These controllers are used to manage the lifecycle of the different services, and to ensure they are always running and healthy. This is the folder you need to pay attention if you want to deploy service versions different than the provided one.

NOTE: you may face compatibility issues if you try to deploy different Guardian versions with the provided manifests. Check version release notes before.

NOTE: all the manifest modifications described in the whole document can be done also easily in the Rancher UI, navigating to the relevant section and editing the default deployed objects.

Types of services

External (third-party services)

These are third party services that are not part of the Guardian platform, but are required for some of the Guardian components to work. You can choose to deploy them inside the cluster or use managed services outside of the cluster. For heavy workloads, the recommendation would be to use external dedicated services. The project included manifests described above cover their basic setup, but to see all the details about installation and configuration, please refer to the official documentation of each service.

  • mongo

  • ipfs/kubo

  • message-broker

  • hashicorp vault

  • mongo-express

  1. Navigate to the Apps section of Rancher.

  2. Select the nats-server chart (use the search bar if neeeded), read the chart documentation and click on the install button.

  3. Follow the installation steps selecting the namespace where you want to deploy the chart, and filling the required values, like in this case, the number of replicas. You can also edit the raw values.yaml file, with all the customizable options the chart provides.

  4. Once the chart is successfully deployed you can navigate to the services section, see the details of the service, copy the dns name and update the relevant config map containing the connection string for the message-broker service.

This same steps can be followed to deploy the rest of the external services, like mongo, ipfs, etc. using Helm charts. One particularly interesting one is kube-prometheus-stack, which is a collection of charts that can be used to deploy a full monitoring stack for the cluster, including prometheus, prometheus-alerts and grafana. In this particular case, Rancher has rebranded the chart as rancher-monitoring, so you can follow the same steps described above to deploy it.

Internal (Guardian services)

These are the Guardian services that are part of the platform and are required for the platform to work. They are all deployed inside the cluster and are managed by Rancher. Depending on your needs, you may decide not to deploy some of them, like the frontend, so feel free to skip the ones that are not relevant for your use case. For all of them, the project includes a service, a deployment manifest and a configuration sample manifest using config maps. These manifests are used to create the service and the deployment for the service. The deployment manifest is used to create the pods that will run the service, and the service manifest is used to create the service that will expose the pods to the rest of the cluster.

  • mrv-sender

  • topic-viewer

  • logger-service: requires message-broker

  • auth-service: requires mongo, vault, logger-service

  • policy-service: requires auth-service

  • worker-service-1: requires ipfs-node, auth-service

  • worker-service-2: requires ipfs-node, auth-service

  • guardian-service: requires worker-service-1, worker-service-2, policy-service

  • api-gateway: requires guardian-service

  • application-events: requires guardian-service

  • frontend

Please, explore the rest of the documentation to learn more about the different services, their configuration, upgrading guides and so on.

Cluster deployment on AWS EKS:

Cluster deployment on GCP GKE:

Cluster deployment on Azure AKS:

To deploy the manifests, you can use the Rancher web interface, or you can use the kubectl command line tool. For this guide we're going to use the command line tool. The reason to use the command line tool is because it allows to deploy an entire folder with a single command, but you can use the web interface if you prefer. Simply click on the [import yaml] button on the right of header bar on rancher ui for each file.

To use kubectl tool, you need first to install the tool and download the kubeconfig credentials file by clicking on the [downlaod kubeconfig] icon on rancher header. You can also navigate to a kubectl console directly from the Rancher UI by clicking on the :terminal:[kubectl shell] icon on rancher header.

Once you have your cluster up and running, you can start deploying the different Guardian components. Not all of them are mandatory, and some of them can be replaced by managed services outside of the cluster. There is a on this document with details about the different types of services and the deployment options for external services.

Complete information about this topic can be found in , but here is a summary for the installation steps for the cloud providers referred on this document.

Simply run the following commands to deploy the manifests. You can find more details about the different components below, in the manifests .

For production workloads it is recommended to use a more robust setup for these services, like a replica set for mongo, a cluster for ipfs, a cluster for the message broker, etc. Navigating to the Apps section of Rancher, you can find the official charts for these services, with Rancher support, which can be used to deploy them in a more robust way. As an example, you can follow the steps below to deploy a message broker cluster using the Rancher UI, you'll see something similar to this:

Click on the [Charts] button.

because the internal guardian services read the configuration from environmental variables, you'll need to redeploy them to apply the changes. To do that navigate to the Rancher workloads section, select the relevant deployments and click on the [Redeply] button.

๐ŸŒ
๐Ÿ“–
๐Ÿ› ๏ธ
โ˜๏ธ
๐Ÿ“ค
๐Ÿ“„
โž•
๐Ÿ”ƒ
Follow this official guide to deploy an EKS cluster
Follow this official guide to deploy a GKE cluster
Follow this official guide to deploy an AKS cluster
this link
Helm
dedicated section
folder structure section
Follow this official guide to deploy Rancher 2.7 on AWS
Follow this official guide to deploy Rancher 2.7 on GCP
Follow this official guide to deploy Rancher 2.7 on Azure
Rancher login page
Rancher header bar
Rancher charts section