If you need to scale down or restructure your RSA SecurID Access deployment, you can delete one or more identity routers from the deployment. This involves deleting the identity router record from the Cloud Administration Console and uninstalling the identity router virtual appliance.
For Amazon cloud-based identity routers, go to https://<identityrouterIP>:9786/setup.jsp, where <identityrouterIP> is the private IP address of the identity router.
For VMware and Hyper-V identity routers, go to https://<identityrouterIP>/setup.jsp, where <identityrouterIP> is the IP address of the identity router management interface.
Sign into the Identity Router Setup Console, and click Connect Authentication Service.
Scroll to the bottom of the page, and click Disconnect.
On the confirmation dialog, click OK to disconnect the identity router from the Cloud Authentication Service. After you disconnect the identity router, the Cloud Administration Console displays its status as Distressed.
After you delete an identity router, the following events occur:
The Cloud Authentication Service can no longer communicate with the associated identity router virtual appliance to monitor status, publish configuration settings, or provide updates.
The identity router can no longer connect the Cloud Authentication Service to any configured enterprise resources, such as LDAP directory servers and RSA Authentication Manager.
Deleting the records for an identity router prevents the associated virtual appliance from functioning, but does not uninstall the virtual appliance itself. You must manually uninstall each identity router virtual appliance after you delete the associated records from the administration consoles.
If a load balancer directs traffic to the identity router, remove the identity router from the load balancer configuration.
If a monitoring service reports the status of the identity router, remove the identity router from the monitoring service configuration.
Do the following to delete the identity router record from the Cloud Administration Console:
In the Cloud Administration Console, click Platform > Identity Routers.
Select Delete from the drop-down menu to the right of the identity router.
Click Delete to confirm deletion of the identity router.
Click Publish Changes to apply the configuration settings to the remaining identity routers in the deployment.
The Cloud Administration Console removes the deleted identity router from the status display.
Uninstall the associated identity router virtual appliance from your environment using your VMware administration client or Hyper-V Manager. If the identity router is embedded in your RSA Authentication Manager server, use the Security Console to delete it.