Cloud Computing Connection Profiles

The following topics describe connection profiles for cloud computing platforms and services:

ConnectionProfile:AWS
ConnectionProfile:AWS Batch
ConnectionProfile:AWSEC2
ConnectionProfile:AWS Lambda
ConnectionProfile:Azure
ConnectionProfile:Azure Batch Accounts
ConnectionProfile:AzureFunctions
ConnectionProfile:Azure VM
ConnectionProfile:GCP Batch
ConnectionProfile:GCP Functions
ConnectionProfile:GCP VM
Connection Profile:OCI VM

ConnectionProfile:AWS

AWS jobs enable you to define and execute AWS Lambda, AWS Step Functions, and AWS Batch services.

The following examples show how to define an AWS connection profile.

You must have the Control-M for AWS plug-in installed in your Control-M environment for this connection profile to function.

This JSON-based connection profile authenticates with an access and secret key:

Copy

"AWS_CONNECTION_ACCESSKEY":
{
   "Type": "ConnectionProfile:AWS",
   "Centralized": true,
   "AuthenticationMethod": "AccessKey", 
   "AccessKey": "1234",
   "SecretAccessKey": "00-200340109003001100044011700580-29001301000-410-520-250-880029",
   "Region": "ap-northeast-1",
}

This JSON-based connection profile authenticates with an IAM role:

Copy

"AWS_CONNECTION_IAMROLE":
{
   "Type": "ConnectionProfile:AWS",
   "Centralized": true,
   "AuthenticationMethod": "IAMRole", 
   "IAMRole": "myRole",
   "Region": "ap-northeast-1",
   "ProxySettings":
   {
      "Host": "host",
      "Port": "12345",
      "Username": "username",
      "Password": "password"
   }
}

The following table describes the AWS connection profile parameters.

Parameter	Description
Centralized	Determines whether to create a centralized connection profile, which is stored in the Control-M database and is available to all Agents. You must set this parameter to true.
AuthenticationMethod	Determines one of the following authentication methods: AccessKey IAMRole
AccessKey	(AccessKey authentication) Defines the AWS account Access Key.
SecretAccessKey	(AccessKey authentication) Defines the AWS account Secret Access Key. You can use Secrets in Code to not expose this value in the code.
IAMRole	(IAMRole authentication) Defines the name of an IAM role for authentication of the connection to AWS.
Region	Defines location of the AWS user.
ProxySettings	Defines settings of an installed proxy server: Host Port: 1024–65535 Username Password

ConnectionProfile:AWS Batch

AWS Batch enables you to manage and execute batch computing workloads in AWS.

The following example shows how to define an AWS Batch connection profile.

This JSON-based connection profile authenticates an AWS access key and secret:

Copy

"AWS_BATCH":
{
   "Type": "ConnectionProfile:AWS Batch",
   "Authentication": "SECRET", 
   "AWS Secret": "myAwsSecret12345",
   "AWS Access Key": "MYAWSACCESSKEY1234",
   "AWS Region": "eu-west-2",
   "Batch URL": " https://batch.{{region}}.amazonaws.com",
   "Connection Timeout": "20",
   "Description": "",
   "Centralized": true
}

This JSON-based connection profile authenticates an AWS IAM role from inside an EC2 instance:

Copy

"AWS_BATCH":
{
   "Type": "ConnectionProfile:AWS Batch",
   "Authentication": "NOSECRET", 
   "IAM Role": "BATCHIAMROLE", 
   "AWS Region": "eu-west-2",
   "Batch URL": " https://batch.{{region}}.amazonaws.com",
   "Connection Timeout": "20",
   "Description": "",
   "Centralized": true
}

The following table describes the AWS Batch connection profile parameters.

Parameter	Description
Authentication	Determines one of the following authentication methods: SECRET: Authenticates with an AWS access key and secret, which are used for services outside the AWS infrastructure NOSECRET: Authenticates with an AWS IAM role from within the AWS infrastructure, which removes the need to provide additional credentials.
AWS Access Key	(SECRET authentication) Defines the access key ID for connection to AWS.
AWS Secret	(SECRET authentication) Defines the secret access key for connection to AWS. You can use Secrets in Code to not expose this value in the code.
IAM Role	(NOSECRET authentication) Defines the Identity and Access Management (IAM) role for connection to AWS.
AWS Region	Determines the region where the AWS Batch resources are located.
Batch URL	Determines the URL of an AWS Batch service regional endpoint, as follows: https://batch.<region>.amazonaws.com For more information about regional endpoints available for the AWS Batch service, refer to the AWS documentation.
Connection Timeout	Determines the number of seconds to wait before a timeout occurs after Control-M initiates a connection request to AWS Batch. Default: 20
Centralized	Determines whether to create a centralized connection profile, which is stored in the Control-M database and is available to all Agents. You must set this parameter to true.

ConnectionProfile:AWSEC2

AWS Elastic Compute Cloud (EC2) enables you to create virtual machines in the Amazon cloud-computing platform.

The following examples show how to define an AWS EC2 connection profile.

This JSON-based connection profile authenticates with an AWS access key and secret:

Copy

"AWSEC2": 
{
   "Type": "ConnectionProfile:AWSEC2",
   "Authentication": "SECRET", 
   "AWS Access key ID": "AK***************************",
   "AWS Secret": "nw*****************************",
   "EC2 Region": "us-west-2",
   "Connection timeout": "20",
   "Description": "",
   "Centralized": true
}

This JSON-based connection profile authenticates with an AWS IAM role from inside an EC2 instance:

Copy

"AWSEC2":
{
   "Type": "ConnectionProfile:AWSEC2",
   "Authentication": "NOSECRET",
   "IAM Role": "GLUEEC2IAMROLE", 
   "EC2 Region": "us-west-2",
   "Connection timeout": "20",
   "Description": "",
   "Centralized": true
}

The following table describes the AWS EC2 connection profile parameters.

Parameter	Description
Authentication	Determines one of the following authentication methods: SECRET: Authenticates with an AWS access key and secret, which are used for services outside the AWS infrastructure NOSECRET: Authenticates with an AWS IAM role from within the AWS infrastructure, which removes the need to provide additional credentials.
AWS Access key ID	(SECRET authentication) Defines the Access key ID to connect to AWS.
AWS Secret	(SECRET authentication) Defines the secret access key to connect to AWS. You can use Secrets in Code to not expose this value in the code.
IAM Role	(NOSECRET authentication) Defines the IAM Role to connect to AWS.
EC2 Region	Determines the location of the AWS user. us-east-1
Connection Timeout	Determines the number of seconds to wait for the trigger call made by Control-M to AWS EC2 before timing out. Default: 20
Centralized	Determines whether to create a centralized connection profile, which is stored in the Control-M database and is available to all Agents. You must set this parameter to true.

ConnectionProfile:AWS Lambda

AWS Lambda is a cloud compute service that enables you to execute code in multiple computer languages on a virtual cluster.

The following example shows how to define an AWS Lambda connection profile that authenticates with an AWS access key and secret:

Copy

"LAMBDA": 
{
   "Type": "ConnectionProfile:AWS Lambda",
   "Authentication": "SECRET",
   "AWS Access key ID": "ABCDEFGHIJKLMNOPQRST",
   "AWS Secret": "*****",
   "AWS Region": "eu-west-2",
   "Lambda URL": "https://lambda.{{region}}.amazonaws.com",
   "Connection Timeout": "1800",
   "Description": "",
   "Centralized": true
}

The following table describes the AWS Lambda connection profile parameters.

Parameter	Description
Authentication	Determines one of the following authentication methods: SECRET: Authenticates with an AWS access key and secret, which are used for services outside the AWS infrastructure NOSECRET: Authenticates with an AWS IAM role from within the AWS infrastructure, which removes the need to provide additional credentials.
AWS Access key ID	(SECRET authentication) Defines the Access key ID to connect to AWS.
AWS Secret	(SECRET authentication) Defines the secret access key to connect to AWS. You can use Secrets in Code to not expose this value in the code.
IAM Role	(NOSECRET authentication) Defines the IAM Role to connect to AWS.
AWS Region	Determines the region where the AWS Lambda resources are located. eu-west-2
Lambda URL	Defines the authentication endpoint for AWS Lambda, based on the following format: https://lambda.<AWS_Region>.amazonaws.com https://lambda.eu-west-2.amazonaws.com
Connection Timeout	Determines the number of seconds to wait after Control-M initiates a connection request to AWS Lambda before a timeout occurs. The connection timeout in Control-M must be longer than the connection timeout that is set in AWS Lambda. Default: 1,800
Centralized	Determines whether to create a centralized connection profile, which is stored in the Control-M database and is available to all Agents. You must set this parameter to true.

ConnectionProfile:Azure

Azure job enables you to execute the Azure Functions, Azure Logic Apps, and Azure Batch Account services.

The following example shows how to define an Azure connection profile:

For this type of connection profile, you must have the Control-M for Azure plug-in installed in your Control-M environment.

Copy

"AZURE_CONNECTION":
{
   "Type": "ConnectionProfile:Azure",
   "Centralized": true,
   "ActiveDirectoryDomainName": "bmc.onmicrosoft.com",
   "SubscriptionID": "bcde-fgh-ijk-lmnopq",
   "ApplicationID": "abcd-efg-hij-klmnop",
   "User": "user1@bmc.onmicrosoft.com",
   "Password": "*****"
   "Batch": 
   {
      "BatchAccountName": "myFirstBatch",
      "BatchAccountKey": "aaaaaabbbbbbbccccccc",
      "Location": "centralus"
   }
}

The following table describes the Azure connection profile parameters.

Parameter	Description
Centralized	Determines whether to store the connection profile in a centralized location in the Control-M database, so that it is available to all Agents. You must set this parameter to true.
ActiveDirectoryDomainName	(Optional) Defines the Azure active directory, as follows: <Company_Name>.onmicrosoft.com
SubscriptionID	Defines the Azure account subscription ID. The subscription ID can be retrieved from the Azure portal by selecting the Subscription menu.
ApplicationID	Defines the Azure application ID.
User	Defines the name of the user to connect to the Azure server.
Password	Defines a password of the username that connects to the Azure server. You can use Secrets in Code to not expose this value in the code.
Batch	(Optional) Enables the use of a batch account service. By default, a batch account is not used. If you want to use a batch account, you must define the following parameters:
BatchAccountName	Defines the name of the batch account.
BatchAccountKey	Defines the primary access key for the batch account. This key can be retrieved from the Azure portal.
Location	Determines the batch account location, as defined in the batch account properties. The batch account name and batch account location are used to define the batch URI.

ConnectionProfile:Azure Batch Accounts

Azure Batch Accounts enables you to efficiently execute large-scale, parallel, computer-intensive tasks in the cloud.

The following example shows how to define an Azure Batch Accounts connection profile.

This JSON-based connection profile authenticates with an Azure service principal:

Copy

"AZURE_BATCH":
{ 
   "Type": "ConnectionProfile:Azure Batch Accounts",
   "Authentication Method": "PRINCIPAL", 
   "Tenant ID": "tenantId", 
   "Azure AD url": "https://login.microsoftonline.com",
   "App ID": "4f477fa3-1a1g-4877-ca92-f39bb563f3b1",  
   "Batch Account Name": "abc_batch",
   "Batch Region ID": "uksouth",
   "Batch Resource url": "https://batch.core.windows.net/", 
   "Client Secret": "*********",   
   "Connection Timeout": "50", 
   "Description": "", 
   "Centralized": true 
}

This JSON-based connection profile authenticates with a managed identity:

Managed identity authentication is based on an Azure token that is valid, by default, for 24 hours. Token lifetime can be extended by Azure.

Copy

"AZURE_BATCH":
{ 
   "Type": "ConnectionProfile:Azure Batch Accounts",
   "Authentication Method": "MANAGEDID",  
   "Specify Managed Identity Client ID": "&client_id=",
   "Managed Identity Client ID": "72d448f0-ac32-45ea-9158-f8653e4ee16", 
   "Batch Account Name": "abc_batch",
   "Batch Region ID": "uksouth",
   "Batch Resource url": "https://batch.core.windows.net/", 
   "Connection Timeout": "50",
   "Description": "", 
   "Centralized": true 
}

The following table describes the Azure Batch Accounts connection profile parameters.

Parameter	Description
Authentication Method	Defines one of the following types of authentication to use for the connection with Azure Batch: PRINCIPAL: Authentication using a service principal. MANAGEDID: Authentication using a managed identity.
Tenant ID	(Service principal authentication) Defines the Azure Tenant ID in Azure AD.
Specify Managed Identity Client ID	Determines whether the client ID for your managed identity is specified by the Specify Managed Identity Client ID parameter. This parameter requires a value only if you have multiple managed identities defined on your Azure virtual machine and you included the Specify Managed Identity Client ID parameter. If you have only one managed identity, it is detected automatically. Include this parameter only if you are using the managed identity authentication method and you have multiple managed identities defined on your Azure virtual machine. Set its value to &client_id=.
Managed Identity Client ID	(Managed identity) Determines whether the client ID for your managed identity is specified by the Managed Identity Client ID parameter. (Managed identity) Determines which client ID to use as the managed identity.
Azure AD url	(Service principal authentication) Defines the Azure AD authentication endpoint base URL.
App ID	Defines the application (service principal) ID of the registered application for the Azure Batch service. The service principal must be for an Azure Batch account with a Contributor role.
Batch Account Name	Defines the name of the batch account created in Azure Portal.
Batch Region ID	Defines the region ID associated with the Batch account in Azure Portal.
Batch Resource url	Defines the identifier for the Azure Batch account for login with Azure AD, as follows: https://batch.core.windows.net/
Client Secret	(Service principal authentication) Defines the client secret (password) associated with the Azure user and the application. Connection Timeout Defines a timeout value, in seconds, for the trigger call made by Control-M to Azure Batch Accounts. Default: 50 You can use Secrets in Code to not expose this value in the code.
Connection Timeout	Defines a timeout value, in seconds, for the trigger call made by Control-M to Azure Batch Accounts. Default: 50
Centralized	Determines whether to create a centralized connection profile, which is stored in the Control-M database and is available to all Agents. You must set this parameter to true.

ConnectionProfile:AzureFunctions

Azure Functions enables you to develop, test, and run applications in the cloud for serverless application development.

The following example shows how to define an Azure Functions connection profile.

This JSON-based connection profile authenticates with an Azure Functions service principal:

Copy

"AZUREFUNCTIONS":
{ 
   "Type": "ConnectionProfile:AzureFunctions", 
   "Subscription ID": "bcde-fgh-ijk-lmnopq", 
   "Identity Type": "PRINCIPAL", 
   "Tenant ID": "tenantId", 
   "Application ID": "4f477fa3-1a1g-4877-ca92-f39bb563f3b1", 
   "Client Secret": "*********", 
   "Azure Login url": "https://login.microsoftonline.com", 
   "Resource Group": "resourceGroup",  
   "Description": "", 
   "Centralized": true 
}

This JSON-based connection profile authenticates with an Azure Functions managed identity:

Managed Identity authentication is based on an Azure token that is valid, by default, for 24 hours. Token lifetime can be extended by Azure.

Copy

"AZUREFUNCTIONS":
{ 
   "Type": "ConnectionProfile:AzureFunctions", 
   "Subscription ID": "bcde-fgh-ijk-lmnopq", 
   "Identity Type": "MANAGEDID", 
   "Specify Managed Identity Client ID": "&client_id=",
   "Managed Identity Client ID": "72d448f0-ac32-45ea-9158-f8653e4ee16", 
   "Resource Group": "resourceGroup",  
   "Description": "", 
   "Centralized": true 
}

This JSON-based connection profile authenticates with an Azure Function App ID:

Copy

"ZFAAPPIDNEW": 
{
   "Type": "ConnectionProfile:Azure Functions",
   "Identity Type": "FUNCTION_APPID",   
   "Tenant ID": "<Tenant ID>",
   "Application ID": "<Application ID>",
   "Client Secret": "*****",
   "Azure Login url": " https://login.microsoftonline.com",   
   "Function App Web Site": "azurewebsites.net",
   "Custom App Key": "*****",   
   "Description": "",
   "Centralized": true
}

The following table describes the Azure Functions connection profile parameters.

Parameter	Identity Type	Description
Subscription ID	Service Principal Managed Identity	Defines the Azure account subscription ID. The subscription ID can be retrieved from the Azure portal by selecting the Subscription menu.
Identity Type	NA	Determines one of the following authentication methods to connect with Azure Functions: PRINCIPAL: Authentication using a service principal. MANAGEDID: Authentication using a managed identity. FUNCTION_APPID: Authenticates using the Azure built-in authentication service, which is based on the Function Application Web Site and the Custom Application Key.
Specify Managed Identity Client ID	Managed Identity	Determines whether the client ID for your managed identity is specified by the Managed Identity Client ID parameter. Include this parameter only if you are using the managed identity authentication method and you have multiple managed identities defined on your Azure virtual machine. Set its value to &client_id=.
Managed Identity Client ID	Managed Identity	Determines which client ID to use as the managed identity. This parameter requires a value only if you have multiple managed identities defined on your Azure virtual machine and you included the Specify Managed Identity Client ID parameter. If you have only one managed identity, it is detected automatically.
Tenant ID	Service Principal Function App ID	Defines the Azure Tenant ID in Azure AD.
Application ID	Service Principal Function App ID	The application ID of the registered application. The service principal must be an Azure Functions workspace user with a Contributor or Owner role associated.
Client Secret	Service Principal Function App ID	Defines he client secret (password) associated with the Azure user and the application. You can use Secrets in Code to not expose this value in the code.
Azure Login url	Service Principal Function App ID	The Azure AD authentication endpoint base URL.
Resource Group	Service Principal Managed Identity	Defines the name of the resource group that holds your application.
Function App Web Site	Function App ID	Defines the Azure Function Application website name. Default: azurewebsites.net
Custom App Key	Function App ID	Defines the Custom Application Key, which identifies the Azure Function Application that you want to execute.
Connection Timeout	All Types	Determines the number of seconds to wait after Control-M initiates a connection request to Azure Batch Accounts before a timeout occurs. Default: 60
Centralized		Determines whether to create a centralized connection profile, which is stored in the Control-M database and is available to all Agents. You must set this parameter to true.

ConnectionProfile:Azure VM

Azure Virtual Machine (VM) enables you to create, manage, and delete virtual machines in the Azure cloud.

The following examples show how to define an Azure VM connection profile:

This JSON-based connection profile authenticates with an Azure service principal.

Copy

"AZUREVM":
{
   "Type": "ConnectionProfile:Azure VM",
   "Subscription ID": "e76056e0-70de-4da8-b02e-61263a150b1f", 
   "Auth_Method": "service_account", 
   "Resource Group": "tb-resourcegroup",
   "Tenant ID": "81b796g5-5839-40a6-8dd9-c1fam320c69b",
   "Client Secret": "*****",
   "Application ID": "7f499fc3-1a1f-4847-ba80-f39bb563f1b5",
   "Azure Login url": "https://login.microsoftonline.com",
   "Connection timeout": "20",
   "Description": "",
   "Centralized": true
}

This JSON-based connection profile authenticates with a managed identity.

Managed Identity authentication is based on an Azure token that is valid, by default, for 24 hours. Token lifetime can be extended by Azure.

Copy

"AZUREVM":
{
   "Type": "ConnectionProfile:Azure VM",
   "Subscription ID": "e76056e0-70de-4da8-b02e-61263a150b1f",
   "Auth_Method": "managed_id", 
   "Specify Managed Identity Client ID": "&client_id=",
   "Managed Identity Client ID": "72d448f0-ac32-45ea-9158-f8653e4ee16",
   "Resource Group": "tb-resourcegroup", 
   "Connection timeout": "20",
   "Description": "Azure VM connection profile",
   "Centralized": true
}

The following table describes the Azure VM connection profile parameters.

Parameter	Description
Subscription ID	Determines the Azure account subscription ID. You can retrieve the subscription ID from the Subscription menu in the Azure portal.
Auth_Method	Determines one of the following authentication types: managed_id: Authenticates using an Azure Active Directory token, which removes the need to provide additional credentials. service_account: Authenticates using an application ID (service account) and client secret.
Specify Managed Identity Client ID	(Managed Identity) Determines whether the client ID for your managed identity is specified by the Managed Identity Client ID parameter. Include this parameter only if you are using the managed identity authentication method and you have multiple managed identities defined on your Azure virtual machine. Set its value to &client_id=.
Managed Identity Client ID	(Managed Identity) Determines which client ID to use as the managed identity. This parameter requires a value only if you have multiple managed identities defined on your Azure virtual machine and you included the Specify Managed Identity Client ID parameter. If you have only one managed identity, it is detected automatically.
Tenant ID	(Service principal) Defines the Azure Tenant ID in the Azure Virtual Machine.
Resource Group	Defines the name of the resource group where the function app is located.
Application ID	(Service principal) Defines the application (service principal) ID of the registered application for the Azure Virtual Machine. The service principal must be an Azure Functions workspace user with a Contributor or Owner role associated.
Client Secret	(Service principal) Defines the client secret (password) associated with the Azure user and the application. You can use Secrets in Code to not expose this value in the code.
Azure Login URL	(Service principal) Defines the Azure VM authentication endpoint base URL.
Connection Timeout	Defines a timeout value, in seconds, for the trigger call made by Control-M to the Azure VM. Default: 20
Centralized	Determines whether to create a centralized connection profile, which is stored in the Control-M database and is available to all Agents. You must set this parameter to true.

ConnectionProfile:GCP Batch

Google Cloud Platform (GCP) Batch enables you to manage, schedule, and execute batch computing workloads on a virtual machine that is provisioned to accommodate your resource and capacity needs.

The following example shows how to define a GCP Batch connection profile that authenticates based on a service account:

Copy

"GCP_BATCH":
{
      "Type": "ConnectionProfile:GCP Batch",
      "Identity Type": "service_account",
      "Batch URL": "https://batch.googleapis.com",
      "Service Account Key": "*****",
      "Connection Timeout": "20",
      "Description": "",
      "Centralized": true
}

The following table describes the GCP Batch connection profile parameters.

Parameter	Description
Identity Type	Determines one of the following authentication types using GCP Access Control: service_account: Authenticates using an application ID (service account) and client secret. os_user: Authenticates based on a detected IAM role, which removes the need to provide additional credentials.
Batch URL	Defines the Google Cloud Platform (GCP) authentication endpoint for GCP Batch, as follows: Default: https://batch.googleapis.com
Service Account Key	(Service Account) Defines a service account that is associated with an RSA key pair. You can use Secrets in Code to not expose this value in the code.
Connection timeout	Determines the number of seconds to wait after Control-M initiates a connection request to GCP Batch before a timeout occurs. Default: 20
Centralized	Determines whether to create a centralized connection profile, which is stored in the Control-M database and is available to all Agents. You must set this parameter to true.

ConnectionProfile:GCP Functions

Google Cloud Platform (GCP) Functions enables you to develop, test, and run applications in the cloud.

The following example shows how to define a GCP Functions connection profile that authenticates based on a service account:

Copy

"GCPFUNCTIONS":
{
   "Type": "ConnectionProfile:GCP Functions",
   "Identity Type": "service_account",
   "GCP API URL": "https://cloudfunctions.googleapis.com",
   "Service Account Key": "*****",
   "Connection Timeout": "60",
   "Description": "",
   "Centralized": true
}

The following table describes the GCP Functions connection profile parameters.

Parameter	Description
Identity Type	Determines one of the following authentication types using GCP Access Control: service_account: Authenticates using an application ID (service account) and client secret. os_user: Authenticates based on a detected IAM role, which removes the need to provide additional credentials.
GCP API URL	Defines the Google Cloud Platform (GCP) authentication endpoint for Cloud Functions.
Service Account Key	(Service account) Defines a service account that is associated with an RSA key pair. You can use Secrets in Code to not expose this value in the code.
Connection Timeout	Determines the number of seconds to wait after Control-M initiates a connection request to GCP Cloud Functions before a timeout occurs. Default: 20
Centralized	Determines whether to create a centralized connection profile, which is stored in the Control-M database and is available to all Agents. You must set this parameter to true.

ConnectionProfile:GCP VM

Google Cloud Platform (GCP) Virtual Machine (VM) enables you to create, manage, and delete virtual machines on the Google Compute Engine (GCE).

The following example shows how to define a GCP VM connection profile that authenticates based on a service account:

Copy

"GCPVM":
{
   "Type": "ConnectionProfile:GCP VM",
   "Identity Type": "service_account",
   "GCP API URL": "https://compute.googleapis.com/compute", 
   "Service Account Key": "*****",
   "Connection timeout": "20",
   "Description": "",
   "Centralized": true
}

The following table describes the GCP VM connection profile parameters.

Parameter	Description
Identity Type	Determines one of the following authentication types using GCP Access Control: service_account: Authenticates using an application ID (service account) and client secret. os_user: Authenticates based on a detected IAM role, which removes the need to provide additional credentials.
GCP API URL	Defines the Google Cloud Platform (GCP) authentication endpoint. Default: https://compute.googleapis.com/compute
Service Account Key	(Service Account) Defines a service account that is associated with an RSA key pair. You can use Secrets in Code to not expose this value in the code.
Connection timeout	Determines the number of seconds to wait for the trigger call made by Control-M to GCP before timing out. Default: 20
Centralized	Determines whether to create a centralized connection profile, which is stored in the Control-M database and is available to all Agents. You must set this parameter to true.

Connection Profile:OCI VM

Oracle Cloud Infrastructure Virtual Machine (OCI VM) plug-in enables you to create, manage, and delete virtual machines in the Oracle cloud.

The following examples show how to define an OCI VM connection profile that authenticates based on a service account.

This JSON defines a connection profile that authenticates with defined parameters:

Copy

"OCI_VM": 
{
   "Type": "ConnectionProfile:OCI VM",
   "OCI Instances URL": "https://iaas.us-phoenix-1.oraclecloud.com/20160918",
   "OCI Region": "us-phoenix-1",
   "Authentication": "DefineParameters",
   "User OCID": "ocid1.user.oc1..aaaaaaaatcnn2lw4tjcoemgnm4*********",
   "Tenancy OCID": "ocid1.tenancy.oc1..aaaaaaaaxzv5ies3pwo7s5it******",
   "Fingerprint": "c6:d6:28:82:b3:2d:5f:***********",
   "Private Key": "*****",
   "Connection Timeout": "30",
   "Description": "",
   "Centralized": true
}

This JSON defines a connection profile that authenticates with a configuration file:

Copy

"OCI_VM": 
{
  "Type": "ConnectionProfile:OCI VM",
  "OCI Instances URL": "https://iaas.us-phoenix-1.oraclecloud.com/20160918",
  "OCI Region": "us-phoenix-1",
  "Authentication": "ConfigurationFile",
  "Config File Path": "\home\dbauser\config.example",
  "Profile": "DEFAULT",
  "Connection Timeout": "30",
  "Description": "",
  "Centralized": true
}

The following table describes the OCI VM connection profile parameters.

Parameter	Description
OCI Instances URL	Defines the OCI Instances URL, in the following format: https://iaas.{{Region}}.oraclecloud.com/20160918
OCI Region	Determines the region where the OCI Virtual Machine is located. us-phoenix-1
Authentication	Determines one of the following authentication methods: DefineParameters: Defines authentication parameters in the connection profile. ConfigurationFile: Uses a Control-M/Agent configuration file that contains authentication information. The following example of a configuration file defines two profiles: DEFAULT for Linux and PROFILE2 for Windows. Copy [DEFAULT] user=ocid1.user.oc1..aaaaaaaa4vcihdfhrdtyry457245636cqqcljd6yrcukszg7gzoymoyvkyupivpjfnq tenancy=ocid1.tenancy.oc1..aaa456y4e3yrtyue9f8djfihhwp2cu4e6t2b7lttna7rcgnhrdi4qzika fingerprint=9f:af:df:f5:5g:95:92:7c:34:ab:46:d3:b4:30:e6:9e region=us-phoenix-1 key_file=/home/dbauser/key.pem [PROFILE2] user=ocid1.user.oc1..aaaaaaaa4v768679dfhrd8989JHGJG36cqqcljd6yrcukszg7gzoymoyvkyupivpjfnq tenancy=ocid1.tenancy.oc1..aaa456y4e3yrtyue987erum,gfwp2cu4e6t2b7lttna7rcgnhrdi4qzika fingerprint=9f:af:c0:f5:7b:95:92:7c:03:a5:46:g3:b4:38:e6:9e region=us-phoenix-1 key_file=C:\\Users\\dbauser\\key.pem
User OCID	(Defined Parameters) Defines an individual user within the OCI environment.
Tenancy OCID	(Defined Parameters) Defines the OCI Tenacy ID in the OCI VM, which is a global unique identifier for this account within the OCI environment.
Fingerprint	(Defined Parameters) Defines fingerprint to uniquely identify and verify the integrity of the associated certificate or key.
Private Key	(Defined Parameters) Defines the Private key within a set of API signing keys that are used for authentication and secure access to OCI resources. You can use Secrets in Code to not expose this value in the code.
Config File Path	(Configuration File) Defines the path to the Control-M/Agent configuration file that contains authentication information, in the following format: UNIX: home/user/config Windows: C:\Users\user1\config
Profile	(Configuration File) Defines the name of a specific section in the configuration file, for example, DEFAULT and PROFILE2 in the code sample above.
Connection Timeout	Determines the number of seconds to wait after Control-M initiates a connection request to OCI VM before a timeout occurs. Default: 20
Centralized	Determines whether to create a centralized connection profile, which is stored in the Control-M database and is available to all Agents, . You must set this parameter to true.