File Transfer Connection Profiles
Connection profiles for file transfers made with Control-M Managed File Transfer (Control-M MFT) are available for the following types of target servers and communication protocols:
-
S3 Storage Solutions
-
Azure Storage Solutions
-
SharePoint Storage Solutions
The following types of FTP, SFTP, FTPS, and local file system transfer connection profiles are available:
-
Single Endpoint: A connection profile for a single host, which can serve as the file transfer source or destination.
-
Dual Endpoint: A connection profile for two hosts—the file transfer source and destination.
-
Group: A connection profile that bundles multiple, previously defined connection profiles, which enables you to transfer a file from one to multiple hosts in a single transfer.
ConnectionProfile:FileTransfer:FTP
File Transfer jobs enable you to transfer files to and from local hosts, remote hosts, and cloud storage buckets and containers. You can define up to five different file transfer definitions that sequentially transfer one or more files, subdirectories, or directories.
The following examples show how to define a connection profile for a file transfer to a single endpoint with the FTP communication protocol:
-
This JSON defines a Simple ConnectionProfile:FileTransfer:FTP connection profile:
Copy"FTPConn" :
{
"Type" : "ConnectionProfile:FileTransfer:FTP",
"Centralized" : true,
"HostName": "FTPServer",
"Port": "21",
"User" : "FTPUser",
"Password" : "ftp password",
} -
This JSON defines a ConnectionProfile:FileTransfer:FTP connection profile with optional parameters:
Copy"FTPConn" :
{
"Type" : "ConnectionProfile:FileTransfer:FTP",
"HostName": "FTPServer",
"Port": "21",
"User" : "FTPUser",
"Password" : "ftp password",
"HomeDirectory": "/home/FTPUser",
"OsType": "Unix",
"Centralized" : true,
"AdditionalParameters": [
{
"Name": "param1",
"Value": "1"
},
{
"Name": "param2",
"Value": "2"
} ]
}
The following table describes the ConnectionProfile:FileTransfer:FTP connection profile parameters.
Parameter |
Description |
---|---|
HostName |
Defines the name of the host computer. |
Port |
Determines the number of the port to listen to for the file transfer. |
OsType |
(Optional) Determines one of the following FTP server operating system types.
Default: Unix |
User |
Defines the host username. |
Password |
(Optional) Defines the password for an FTP server account. Use Secrets in Code to not expose the password in the code. To update an existing connection profile and keep the current password, type five *, as follows: ***** |
HomeDirectory |
(Optional) Defines the User home directory. |
VerifyChecksum |
(Optional) Determines whether to enable or disable error detection on file transfer. Valid Values:
Default: false |
VerifyDestination |
(Optional) Determines whether to verify the size of the file at the destination after a successful binary-mode transfer. Valid Values:
Default: true |
VerifyBytes |
(Optional) Determines whether to verify that the number of bytes sent to the destination during a successful binary-mode transfer is the same as the source file. If it is not the same size, the transfer fails. Valid Values:
Default: false |
ConnectionMode |
(Optional) Defines the FTP client connection mode. Valid Values:
Default: Active |
AdditionalParameters |
(Optional) Defines additional parameters that are specific to your environment and you can add manually. Each parameter is defined by its name and value. For an updated list of parameters that are supported by Control-M for MFT, see Connection Profile Manual Additional Parameters. |
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |
ConnectionProfile:FileTransfer:SFTP
The ConnectionProfile:FileTransfer:SFTP type creates a connection profile for a file transfer to a single endpoint using the SFTP (SSH File Transfer Protocol) communication protocol.
The following examples show how to define ConnectionProfile:FileTransfer:SFTP connection profiles.
-
This JSON defines a Simple ConnectionProfile:FileTransfer:SFTP connection profile:
Copy"sFTPconn":
{
"Type": "ConnectionProfile:FileTransfer:SFTP",
"Centralized" : true,
"HostName": "SFTPServer",
"Port": "22",
"User" : "SFTPUser",
"Password" : "sftp password"
} -
This JSON defines a ConnectionProfile:FileTransfer:SFTP connection profile with optional parameters:
Copy"sFTPconn":
{
"Type": "ConnectionProfile:FileTransfer:SFTP",
"HostName": "SFTPServer",
"Port": "22",
"User" : "SFTPUser",
"HomeDirectory": "/home/SFTPUser",
"PrivateKeyName": "/home/controlm/ctm_agent/ctm/cm/AFT/data/Keys/sFTPkey",
"Passphrase": "passphrase",
"SSHCompression": true,
"Centralized" : true,
"AdditionalParameters": [
{
"Name": "param1",
"Value": "1"
},
{
"Name": "param2",
"Value": "2"
} ]
}
The following table describes the ConnectionProfile:FileTransfer:SFTP connection profile parameters.
Parameter |
Description |
---|---|
HostName |
Defines the name of the host computer. |
Port |
Determines the number of the port to listen to for the file transfer. |
User |
Defines the host username. |
Password |
(Optional) Defines the password for SFTP Server account. Use Secrets in Code to not expose the password in the code. To update an existing connection profile and keep the current password, type five *, as follows: ***** |
HomeDirectory |
(Optional) Defines the user home directory. |
VerifyChecksum |
(Optional) Determines whether to enable or disable error detection on file transfer. Valid Values:
Default: false |
VerifyDestination |
(Optional) Determines whether to verify the size of the file at the destination after a successful binary-mode transfer. Valid Values:
Default: true |
VerifyBytes |
(Optional) Determines whether to verify that the number of bytes sent to the destination during a successful binary-mode transfer is the same as the source file. If it is not the same size, the transfer fails. Valid Values:
Default: false |
PrivateKeyName |
(Optional) Defines the private key full file path. |
Passphrase |
(Optional) Defines the password for the private key. Use Secrets in Code to not expose the password in the code. To update an existing connection profile and keep the current password, type five *, as follows: ***** |
SSHCompression |
(Optional) Determines whether to compress the file before the transfer. Valid Values:
Default: false |
AdditionalParameters |
(Optional) Defines additional parameters that are specific to your environment and you can add manually. Each parameter is defined by its name and value. For an updated list of parameters that are supported by Control-M for MFT, see Connection Profile Manual Additional Parameters. |
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |
ConnectionProfile:FileTransfer:FTPS
The ConnectionProfile:FileTransfer:FTPS type creates a connection profile for a file transfer to a single endpoint using the FTPS (FTP over SSL) communication protocol.
The following example shows how to define a ConnectionProfile:FileTransfer:FTPS connection profile:
"FTPSConn":
{
"Type": "ConnectionProfile:FileTransfer:FTPS",
"HomeDirectory": "/var/home",
"HostName" : "localhost",
"User" : "controlm",
"Password": "ftps_pass",
"Port": "10021",
"SSLImplicit": false,
"ClearDataChannel": true,
"SSLLevel": "ClientServerAuthentication",
"ClearCommandChannel": true,
"Centralized" : true,
"AdditionalParameters": [
{
"Name": "param1",
"Value": "1"
},
{
"Name": "param2",
"Value": "2"
} ]
}
The following table describes the ConnectionProfile:FileTransfer:FTPS connection profile parameters.
Parameter |
Description |
---|---|
HostName |
Defines the name of the host computer. |
Port |
Determines the number of the port to listen to for the file transfer. |
OsType |
(Optional) Determines one of the following types of FTPS server operating systems:
Default: Unix |
User |
Defines the host username. |
Password |
(Optional) Defines the password for FTPS server account. Use Secrets in Code to not expose the password in the code. To update an existing connection profile and keep the current password, type five *, as follows: ***** |
HomeDirectory |
(Optional) Defines the User home directory. |
VerifyChecksum |
(Optional) Determines whether to enable or disable error detection on file transfer. Valid Values:
Default: false |
VerifyDestination |
(Optional) Determines whether to verify the size of the file at the destination after a successful binary-mode transfer. Valid Values:
Default: true |
VerifyBytes |
(Optional) Determines whether to verify that the number of bytes sent to the destination during a successful binary-mode transfer is the same as the source file. If it is not the same size, the transfer fails. Valid Values:
Default: false |
ConnectionMode |
(Optional) Sets the FTPS client connection mode. Valid Values:
Default: Active |
SSLImplicit |
Determines whether to automatically create an SSL connection to the FTPS server (Default port 990). In SSL Explicit mode, a connection is first established with the FTP server and the connection is then changed to SSL mode (FTP over SSL/TLS). Valid Values:
Default: false |
ClearDataChannel |
Determines whether to encrypt the connection process while files are transferred without encryption. This option is useful if you want your login information encrypted and your files transferred without encryption. Valid Values:
Default: true |
SSLLevel |
Determines the SSL security level, one of the following:
|
ClearCommandChannel |
Determines whether to set the transmission mode from encrypted mode to clear text mode. You can secure sensitive information, including user name and password, by sending them in an encrypted mode, and then use this parameter to change the transmission mode back to clear text mode to send the port and IP information (FTP over SSL/TLS). Valid Values:
Default: true |
AdditionalParameters |
(Optional) Defines additional parameters that are specific to your environment and you can add manually. Each parameter is defined by its name and value. For an updated list of parameters that are supported by Control-M for MFT, see Connection Profile Manual Additional Parameters. |
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |
ConnectionProfile:FileTransfer:AS2
The ConnectionProfile:FileTransfer:AS2 type creates a connection profile for a file transfer from a local filesystem to an AS2 server using the AS2 protocol.
The following examples show how to define ConnectionProfile:FileTransfer:AS2 connection profiles:
File transfers that use the AS2 protocol are supported by Control-M Automation API only in one direction — from a local filesystem to an AS2 server.
-
This JSON defines a simple ConnectionProfile:FileTransfer:AS2 connection profile:
Copy"AS2_Conn_1":
{
"Type": "ConnectionProfile:FileTransfer:AS2",
"Centralized": true,
"PartnerAS2Id": "partner-as2-id",
"PartnerDestinationUrl": "sqa",
"PartnerCertificateAlias": "partnerCertAlias",
"HostName": "sqa",
"Password": "*****"
} -
This JSON defines a ConnectionProfile:FileTransfer:AS2 connection profile with optional parameters:
Copy"AS2_Conn_2":
{
"Type": "ConnectionProfile:FileTransfer:AS2",
"Centralized": true,
"PartnerAS2Id": "partner-as2-id",
"PartnerDestinationUrl": "sqa",
"PartnerCertificateAlias": "partnerCertAlias",
"HostName": "sqa",
"Password": "*****",
"AsyncMdnTimeout": "18120000",
"User": "basicUser",
"SendMessageTimeout": "301000",
"CompressMessage": true,
"SignMessageParameters":
{
"SignMessage": false,
"SignatureAlgorithm": "RSA with SHA-384"
},
"EncryptMessageParameters":
{
"EncryptMessage": false,
"EncryptionAlgorithm": "tripleDES (DES EDE3)"
},
"RequestReceiptParameters":
{
"RequestReceipt": false,
"Mode": "Asynchronous",
"Sign": "Unsigned"
},
"AdditionalParameters": [
{
"Name": "param1",
"Value": "1"
},
{
"Name": "param2",
"Value": "2"
} ]
}
The following table describes the ConnectionProfile:FileTransfer:AS2 connection profile parameters.
Parameter |
Description |
---|---|
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |
PartnerAS2Id |
Defines the logical name of the remote AS2 server. |
PartnerDestinationUrl |
Defines the URL of the AS2 server. |
PartnerCertificateAlias |
Defines the alias of the partner certificate that is stored in the AS2 keystore. |
Password |
(Optional) Defines the password of the HTTP request for the AS2 message. Use Secrets in Code to not expose the password in the code. To update an existing connection profile and keep the current password, type five *, as follows: ***** |
AsyncMdnTimeout |
(Optional) Defines the number of minutes to wait for the AS2 server to send the receipt before a timeout occurs. Default: 18,000,000 |
User |
Defines the username of the HTTP request for the AS2 message. |
SendMessageTimeout |
(Optional) The number of seconds to wait for the AS2 server to reply before a timeout occurs. Default: 18,000,000 (300,000 minutes or 5,000 hours). |
CompressMessage |
Determines whether to compress the AS2 message when sent. Valid Values:
Default: false |
SignMessageParameters |
|
SignMessage |
Determines whether to digitally sign the AS2 message with the algorithm specified by SignatureAlgorithm. Valid Values:
Default: true |
SignatureAlgorithm |
Determines which algorithm to use for signing the AS2 message. Valid Values:
Default: RSA with SHA-1. |
EncryptMessageParameters |
|
EncryptMessage |
Determines whether to encrypt the AS2 message with one of the encryption algorithm specified by EncryptionAlgorithm. Valid Values:
Default: true |
EncryptionAlgorithm |
Determines the algorithm to use for encryption of the AS2 message. Valid Values:
Default: CAST5_CBC |
RequestReceiptParameters |
|
RequestReceipt |
Determines whether to receive an MDN receipt of the AS2 message from the AS2 server that confirms that it was received and processed. Valid Values:
Default: true |
Mode |
Determines the mode for receiving the MDN receipt. Valid Values:
Default: Synchronous |
Sign |
Determines the type of MDN receipt to receive. Valid Values:
Default: Signed |
VerifyChecksum |
(Optional) Determines whether to enable or disable error detection on file transfer. Valid Values:
Default: false |
VerifyDestination |
(Optional) Determines whether to verify the size of the file at the destination after a successful binary-mode transfer. Valid Values:
Default: true |
VerifyBytes |
(Optional) Determines whether to verify that the number of bytes sent to the destination during a successful binary-mode transfer is the same as the source file. If it is not the same size, the transfer fails. Valid Values:
Default: false |
AdditionalParameters |
(Optional) Defines Additional parameters that are specific to your environment and you can add manually. Each parameter is defined by its name and value. For an updated list of parameters that are supported by Control-M for MFT, see Connection Profile Manual Additional Parameters. |
ConnectionProfile:FileTransfer:Local
The ConnectionProfile:FileTransfer:Local type creates a connection profile for a file transfer to a single endpoint on a Local File System.
The following example shows how to define a ConnectionProfile:FileTransfer:Local connection profile:
"LocalConn" :
{
"Type" : "ConnectionProfile:FileTransfer:Local",
"User" : "controlm",
"Password" : "local password",
"Centralized" : true,
"AdditionalParameters": [
{
"Name": "param1",
"Value": "1"
},
{
"Name": "param2",
"Value": "2"
} ]
}
The following table describes the ConnectionProfile:FileTransfer:Local connection profile parameters.
Parameter |
Description |
---|---|
VerifyChecksum |
(Optional) Determines whether to enable or disable error detection on file transfer. Valid Values:
Default: false |
VerifyDestination |
(Optional) Determines whether to verify the size of the file at the destination after a successful binary-mode transfer. Valid Values:
Default: true |
VerifyBytes |
(Optional) Determines whether to verify that the number of bytes sent to the destination during a successful binary-mode transfer is the same as the source file. If it is not the same size, the transfer fails. Valid Values:
Default: false |
OsType |
(Optional) Determines the following types of the local server operating system:
Default: Unix |
Password |
(Optional) Defines the password for local account. Use Secrets in Code to not expose the password in the code. To update an existing connection profile and keep the current password, type five *, as follows: ***** |
AdditionalParameters |
(Optional) Defines additional parameters that are specific to your environment and you can add manually. Each parameter is defined by its name and value. For an updated list of parameters that are supported by Control-M for MFT, see Connection Profile Manual Additional Parameters. |
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |
ConnectionProfile:FileTransfer:S3:Amazon
The ConnectionProfile:FileTransfer:S3:Amazon type creates a connection profile for a file transfer for file transfers to or from an Amazon S3 storage service.
The following example shows how to define a ConnectionProfile:FileTransfer:S3:Amazon connection profile:
"testAmazon":
{
"Type": "ConnectionProfile:FileTransfer:S3:Amazon",
"Region": "us-west-2",
"AccessKey": "mykey",
"SecretAccessKey": "mysecret",
"VerifyDestination": true,
"Centralized": true,
"AdditionalParameters": [
{
"Name": "param1",
"Value": "1"
},
{
"Name": "param2",
"Value": "2"
} ]
}
The following table describes the ConnectionProfile:FileTransfer:S3:Amazon connection profile parameters.
Parameter |
Description |
---|---|
Region |
Determines one of the following regions where the Amazon S3 storage bucket is located:
|
AccessKey |
Defines the access key to the Amazon S3 storage. |
SecretAccessKey |
Defines the secret access key to the Amazon S3 storage. Use Secrets in Code to not expose this secret access key in the code. |
VerifyDestination |
(Optional) Determines whether to verify the size of the file at the destination after a successful binary-mode transfer. Valid Values:
Default: true |
AdditionalParameters |
(Optional) Defines additional parameters that are specific to your environment and you can add manually. Each parameter is defined by its name and value. For an updated list of parameters that are supported by Control-M for MFT, see Connection Profile Manual Additional Parameters. |
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |
ConnectionProfile:FileTransfer:S3:Compatible
The ConnectionProfile:FileTransfer:S3:Compatible type creates a connection profile for file transfers to or from an S3-compatible storage service.
The following example shows how to define a ConnectionProfile:FileTransfer:S3:Compatible connection profile:
"testCompatible":
{
"Type": "ConnectionProfile:FileTransfer:S3:Compatible",
"RestEndPoint": "api.com",
"AccessKey": "mykey",
"SecretAccessKey": "mysecret",
"VerifyDestination": true,
"Centralized": true,
"AdditionalParameters": [
{
"Name": "param1",
"Value": "1"
},
{
"Name": "param2",
"Value": "2"
} ]
}
The following table describes the ConnectionProfile:FileTransfer:S3:Compatible connection profile parameters.
Parameter |
Description |
---|---|
RestEndPoint |
Defines the network address where the S3 Compatible Storage is located. |
AccessKey |
Defines the access key to the Amazon S3 storage. |
SecretAccessKey |
Defines the secret access key to the Amazon S3 storage. Use Secrets in Code to not expose this secret access key in the code. |
VerifyDestination |
(Optional) Determines whether to verify the size of the file at the destination after a successful binary-mode transfer. Valid Values:
Default: true |
AdditionalParameters |
(Optional) Defines the additional parameters that are specific to your environment and you can add manually. Each parameter is defined by its name and value. For an updated list of parameters that are supported by Control-M for MFT, see Connection Profile Manual Additional Parameters. |
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |
ConnectionProfile:FileTransfer:S3:AWSPrivateLink
The ConnectionProfile:FileTransfer:S3:AWSPrivateLink type creates a connection profile for file transfers to or from an AWS PrivateLink for Amazon S3, for storage that resides in the virtual private cloud (VPC) endpoint.
The following example shows how to define a ConnectionProfile:FileTransfer:S3:AWSPrivateLink connection profile:
"PRIVATE_LINK_AMAZON_CP":
{
"Type": "ConnectionProfile:FileTransfer:S3:AWSPrivateLink",
"Region": "us-west-2",
"AccessKey": "f392vvrf389222dsfvsd5b",
"SecretAccessKey": "JXq5+dfsux71t3wee+PdQ2bzGOFexcfsdf",
"VerifyDestination": true,
"RestEndPoint": "apicom",
"Centralized": true
}
The following table describes the ConnectionProfile:FileTransfer:S3:AWSPrivateLink connection profile parameters.
Parameter |
Description |
---|---|
Region |
Determines one of the following regions where the Amazon S3 storage bucket is located:
|
AccessKey |
Defines the access key to the Amazon S3 storage. |
SecretAccessKey |
Defines the secret access key to the Amazon S3 storage. Use Secrets in Code to not expose this secret access key in the code. |
VerifyDestination |
(Optional) Determines whether to verify the size of the file at the destination after a successful binary-mode transfer. Valid Values:
Default: true |
RestEndPoint |
Defines the network address where the Amazon S3 storage is located. |
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |
ConnectionProfile:FileTransfer:Azure:SharedKey
The ConnectionProfile:FileTransfer:Azure:SharedKey type creates a connection profile for file transfers to or from an Azure Storage service with Shared Key authentication using an access key.
The following example shows how to define a ConnectionProfile:FileTransfer:Azure:SharedKey connection profile:
"AZURE_CCP1":
{
"Type": "ConnectionProfile:FileTransfer:Azure:SharedKey",
"AzureAccountName": "devAccount",
"AzureStorageType": "BLOB_STORAGE",
"AzureEndpoint": "https://devAccount.blob.core.windows.net",
"AzureAccountAccessKey": "44ZHQnMJeIk4hZ4npQMZGfXTuwlciq82lbeYvtBZ+Ig9yCagX4FMOECSg1xDyzr8qO6A==",
"Centralized": true
}
The following table describes the ConnectionProfile:FileTransfer:Azure:SharedKey connection profile parameters.
Parameter |
Description |
---|---|
AzureAccountName |
Defines the name of the Azure Storage account. |
AzureStorageType |
(Optional) Determines one of the following types of Azure Storage to connect to:
Default: BLOB_STORAGE |
AzureEndpoint |
(Optional) Defines the endpoint URL where the storage is located. You can use this parameter to overwrite the default Endpoint URL. Defaults:
|
AzureAccountAccessKey |
Defines the account access key that is used to connect to Azure. Use Secrets in Code to not expose this access key in the code. |
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |
ConnectionProfile:FileTransfer:Azure:ConnectionString
The ConnectionProfile:FileTransfer:Azure:ConnectionString type creates a connection profile for file transfers to or from an Azure Storage service with Shared Key authentication using a full connection string.
The following example shows how to define a ConnectionProfile:FileTransfer:Azure:ConnectionString connection profile:
"AZURE_CCP2":
{
"Type": "ConnectionProfile:FileTransfer:Azure:ConnectionString",
"AzureAccountName": "devAccount",
"AzureStorageType": "BLOB_STORAGE",
"AzureEndpoint": "",
"AzureAccountConnectionString": "DefaultEndpointsProtocol=https;AccountName=devAccount;AccountKey=44ZHQnMJeIk4hZ4npQMZGfXTuwlciq82lbeYvtBZ+Ig9yCagX4FMOECSg1xDyzr8qO6A==;EndpointSuffix=core.windows.net",
"Centralized": true
}
The following table describes the ConnectionProfile:FileTransfer:Azure:ConnectionString connection profile parameters.
Parameter |
Description |
---|---|
AzureAccountName |
Defines the name of the Azure Storage account. |
AzureStorageType |
(Optional) Determines one of the following types of Azure Storage to connect to:
Default: BLOB_STORAGE |
AzureEndpoint |
(Optional) Defines the endpoint URL where the storage is located. You can use this parameter to overwrite the default Endpoint URL. Defaults:
|
AzureAccountConnectionString |
Defines the entire connection string used to connect to Azure. |
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |
ConnectionProfile:FileTransfer:Azure:AdUserPass
The ConnectionProfile:FileTransfer:Azure:AdUserPass type creates a connection profile for file transfers to or from an Azure Storage service with authentication based on the credentials of a user in the Azure Active Directory (AD).
The following example shows how to define a ConnectionProfile:FileTransfer:Azure:AdUserPass connection profile:
"AZURE_CCP3":
{
"Type": "ConnectionProfile:FileTransfer:Azure:AdUserPass",
"AzureAccountName": "devAccount",
"AzureStorageType": "BLOB_STORAGE",
"AzureEndpoint": "",
"AzureTenantId": "4092bb37-ebce-8xmi-b6c1-42d0f71c6f5c",
"AzureClientId": "ce64ad51-yh90-4d01-a73b-7ad58a766741",
"AzureUserNameAD": "[email protected]",
"AzureUserPasswordAD": "Abcxyz1234!",
"Centralized": true
}
The following table describes the ConnectionProfile:FileTransfer:Azure:AdUserPass connection profile parameters.
Parameter |
Description |
---|---|
AzureAccountName |
Defines the name of the Azure Storage account. |
AzureStorageType |
(Optional) Determines one of the following types of Azure Storage to connect to:
Default: BLOB_STORAGE |
AzureEndpoint |
(Optional) Defines the endpoint URL where the storage is located. You can use this parameter to overwrite the default Endpoint URL. Defaults:
|
AzureTenantId |
Defines the ID of the Azure Active Directory instance where your application is located. |
AzureClientId |
Defines the ID of your application in Azure Active Directory. |
AzureUserNameAD |
Defines the name of the Azure AD user to use for authentication. |
AzureUserPasswordAD |
Defines the password of the Azure AD user. Use Secrets in Code to not expose this password in the code. |
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |
ConnectionProfile:FileTransfer:Azure:AdClientSecret
The ConnectionProfile:FileTransfer:Azure:AdClientSecret type creates a connection profile for file transfers to or from an Azure Storage service with authentication based on an application secret for the Azure Active Directory (AD) IAM service.
The following example shows how to define a ConnectionProfile:FileTransfer:Azure:AdClientSecret connection profile:
"AZURE_CCP4":
{
"Type": "ConnectionProfile:FileTransfer:Azure:AdClientSecret",
"AzureAccountName": "devAccount",
"AzureStorageType": "BLOB_STORAGE",
"AzureEndpoint": "",
"AzureTenantId": "4092bb37-ebce-8xmi-b6c1-42d0f71c6f5c",
"AzureClientId": "ce64ad51-yh90-4d01-a73b-7ad58a766741",
"AzureClientSecret": "rbyHyYH7~pg0fs1pRNMEPuJG-Y.t_fE8yt",
"Centralized": true
}
The following table describes the ConnectionProfile:FileTransfer:Azure:AdClientSecret connection profile parameters.
Parameter |
Description |
---|---|
AzureAccountName |
Defines the name of the Azure Storage account. |
AzureStorageType |
(Optional) Determines one of the following types of Azure Storage to connect to:
Default: BLOB_STORAGE |
AzureEndpoint |
(Optional) Defines the endpoint URL where the storage is located. You can use this parameter to overwrite the default Endpoint URL. Defaults:
|
AzureTenantId |
Defines the ID of the Azure Active Directory instance where your application is located. |
AzureClientId |
Defines the ID of your application in Azure Active Directory. |
AzureClientSecret |
Defines the name of the application secret. Use Secrets in Code to not expose this secret in the code. |
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |
ConnectionProfile:FileTransfer:Azure:AdCertificate
The ConnectionProfile:FileTransfer:Azure:AdCertificate type creates a connection profile for a file transfer to or from an Azure Storage service with authentication based on a certificate file for the Azure Active Directory (AD) IAM service.
The following example shows how to define a ConnectionProfile:FileTransfer:Azure:AdCertificate connection profile.
"AZURE_CCP5":
{
"Type": "ConnectionProfile:FileTransfer:Azure:AdCertificate",
"AzureAccountName": "devAccount",
"AzureStorageType": "BLOB_STORAGE",
"AzureEndpoint": "",
"AzureTenantId": "4092bb37-ebce-8xmi-b6c1-42d0f71c6f5c",
"AzureClientId": "ce64ad51-yh90-4d01-a73b-7ad58a766741",
"AzureClientCertificateFormat": "PFX",
"AzureClientCertificatePath": "C:\\as2_keystore.pfx",
"AzureClientCertificatePassword": "password",
"Centralized": true
}
The following table describes the ConnectionProfile:FileTransfer:Azure:AdCertificate connection profile parameters.
Parameter |
Description |
---|---|
AzureAccountName |
Defines the name of the Azure Storage account. |
AzureStorageType |
(Optional) Determines one of the following types of Azure Storage to connect to:
Default: BLOB_STORAGE |
AzureEndpoint |
(Optional) Defines the endpoint URL where the storage is located. You can use this parameter to overwrite the default Endpoint URL. Defaults:
|
AzureTenantId |
Defines the ID of the Azure Active Directory instance where your application is located. |
AzureClientId |
Defines the ID of your application in Azure Active Directory. |
AzureClientCertificateFormat |
Determines whether to use PEM or PFX as the certificate file. |
AzureClientCertificatePath |
Defines the location of the certificate file. |
AzureClientCertificatePassword |
Defines the password of the certificate. Use Secrets in Code to not expose this password in the code. |
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |
ConnectionProfile:FileTransfer:Azure:SharedAccessSignature
The ConnectionProfile:FileTransfer:Azure:SharedAccessSignature type creates a connection profile for file transfers to or from an Azure Storage service using a Shared Access Signature (SAS), which delegates access with specific permissions over a limited time interval.
The following example shows how to define a ConnectionProfile:FileTransfer:Azure:SharedAccessSignature connection profile.
"AZURE_CCP6":
{
"Type": "ConnectionProfile:FileTransfer:Azure:SharedAccessSignature",
"AzureAccountName": "devAccount",
"AzureStorageType": "BLOB_STORAGE",
"AzureEndpoint": "",
"AzureAccountSaSToken": "?sv=2019-12-12&ss=bfqt&srt=sco&sp=rwdlacupx&se=2022-07-23T16:47:01Z&st=2021-02-10T09:47:01Z&spr=https&sig=Ym8ilBPZW2EzKPpfd2SBTpokZQdwzjCca4igKJwP0YM%5D",
"Centralized": true
}
The following table describes the ConnectionProfile:FileTransfer:Azure:SharedAccessSignature connection profile parameters.
Parameter |
Description |
---|---|
AzureAccountName |
Defines the name of the Azure Storage account. |
AzureStorageType |
(Optional) Determines one of the following types of Azure Storage to connect to:
Default: BLOB_STORAGE |
AzureEndpoint |
(Optional) Defines the endpoint URL where the storage is located. You can use this parameter to overwrite the default Endpoint URL. Defaults:
|
AzureAccountSaSToken |
Defines the SAS token that is created for Azure limited access. Use Secrets in Code to not expose this token in the code. |
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |
ConnectionProfile:FileTransfer:Azure:ManagedIdentity
The ConnectionProfile:FileTransfer:Azure:ManagedIdentity type creates a connection profile for file transfers to or from an Azure Storage service using a predefined Managed Identity that does not require credentials. You can define such a connection profile only when Control-M/Agent is installed on an Azure virtual machine.
The following example shows how to define ConnectionProfile:FileTransfer:Azure:ManagedIdentity connection profile:
"AZURE_CCP7":
{
"Type": "ConnectionProfile:FileTransfer:Azure:ManagedIdentity",
"AzureAccountName": "devAccount",
"AzureStorageType": "BLOB_STORAGE",
"AzureEndpoint": "https://devAccount.blob.core.windows.net",
"AzureTenantId": "4092bb37-ebce-8xmi-b6c1-42d0f71c6f5c",
"Centralized": true
}
The following table describes the ConnectionProfile:FileTransfer:Azure:ManagedIdentity connection profile parameters.
Parameter |
Description |
---|---|
AzureAccountName |
Defines the name of the Azure Storage account. |
AzureStorageType |
(Optional) Determines one of the following types of Azure Storage to connect to:
Default: BLOB_STORAGE |
AzureEndpoint |
(Optional) Defines the endpoint URL where the storage is located. You can use this parameter to overwrite the default Endpoint URL. Defaults:
|
AzureTenantId |
Defines the ID of the Azure Active Directory instance where your application is located. |
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |
ConnectionProfile:FileTransfer:SharePoint:AdUserPass
The ConnectionProfile:FileTransfer:SharePoint:AdUserPass type creates a connection profile for file transfers to or from a SharePoint Storage service with authentication based on the credentials of a user in the Azure Active Directory (AD).
The following example shows how to define a ConnectionProfile:FileTransfer:SharePoint:AdUserPass connection profile:
"SPO_CCP1":
{
"Type": "ConnectionProfile:FileTransfer:SharePoint:AdUserPass",
"SharePointEndpoint":"my.sharepoint.com",
"SharePointTenantId": "ce508ef6-757c-46be-8e8e-0778h37b4q12",
"SharePointClientId": "6902af15-be7f-4bca-926f-w18d68ip5426",
"SharePointUserNameAD": "[email protected]",
"SharePointUserPasswordAD": "Abcxyz1234!",
"Centralized": true
}
The following table describes the ConnectionProfile:FileTransfer:SharePoint:AdUserPass connection profile parameters.
Parameter |
Description |
---|---|
SharePointEndpoint |
Defines the URL where the SharePoint Storage is located. |
SharePointTenantId |
Defines the ID of the Azure Active Directory instance where your application is located. |
SharePointClientId |
Defines the ID of your application in Azure Active Directory. |
SharePointUserNameAD |
Defines the name of the Azure AD user to use for authentication. |
SharePointUserPasswordAD |
Defines the password of the Azure AD user. Use Secrets in Code to not expose this password in the code. |
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |
ConnectionProfile:FileTransfer:SharePoint:AdClientSecret
The ConnectionProfile:FileTransfer:SharePoint:AdClientSecret type creates a connection profile for file transfers to or from a SharePoint Storage service with authentication based on an application secret for the Azure Active Directory (AD) IAM service.
The following example shows how to define a ConnectionProfile:FileTransfer:SharePoint:AdClientSecret connection profile:
"SPO_CCP2":
{
"Type": "ConnectionProfile:FileTransfer:SharePoint:AdClientSecret",
"SharePointEndpoint":"my.sharepoint.com",
"SharePointTenantId": "ce508ef6-757c-46be-8e8e-0778h37b4q12",
"SharePointClientId": "6902af15-be7f-4bca-926f-w18d68ip5426",
"SharePointClientSecret": "dyd8Q~AxMMiqlNIZKbZRT5yBbybYFoZb3XvLtc5f",
"Centralized": true
}
The following table describes the ConnectionProfile:FileTransfer:SharePoint:AdClientSecret connection profile parameters.
Parameter |
Description |
---|---|
SharePointEndpoint |
Defines the URL where the SharePoint Storage is located. |
SharePointTenantId |
Defines the ID of the Azure Active Directory instance where your application is located. |
SharePointClientId |
Defines the ID of your application in Azure Active Directory. |
SharePointClientSecret |
Defines the name of the application secret. Use Secrets in Code to not expose this secret in the code. |
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |
ConnectionProfile:FileTransfer:SharePoint:AdCertificate
The ConnectionProfile:FileTransfer:SharePoint:AdCertificate type creates a connection profile for a file transfer to or from a SharePoint Storage service with authentication based on a certificate file for the Azure Active Directory (AD) IAM service.
The following example shows how to define a ConnectionProfile:FileTransfer:SharePoint:AdCertificate connection profile.
"SPO_CCP4":
{
"Type": "ConnectionProfile:FileTransfer:SharePoint:AdCertificate",
"SharePointEndpoint":"my.sharepoint.com",
"SharePointTenantId": "ce508ef6-757c-46be-8e8e-0778h37b4q12",
"SharePointClientId": "6902af15-be7f-4bca-926f-w18d68ip5426",
"SharePointClientCertificateFormat": "PFX",
"SharePointClientCertificatePassword": "password",
"SharePointClientCertificatePath": "C:\\ctm_mft_sample.pfx",
"Centralized": true
}
The following table describes the ConnectionProfile:FileTransfer:SharePoint:AdCertificate connection profile parameters.
Parameter |
Description |
---|---|
SharePointEndpoint |
Defines the URL where the SharePoint Storage is located. |
SharePointTenantId |
Defines the ID of the Azure Active Directory instance where your application is located. |
SharePointClientId |
Defines the ID of your application in Azure Active Directory. |
SharePointClientCertificateFormat |
Determines whether to use PEM or PFX as the certificate file. |
SharePointClientCertificatePath |
Defines the location of the certificate file. |
SharePointClientCertificatePassword |
Defines the password of the certificate. Use Secrets in Code to not expose this password in the code. |
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |
ConnectionProfile:FileTransfer:SharePoint:ManagedIdentity
The ConnectionProfile:FileTransfer:SharePoint:ManagedIdentity type creates a connection profile for file transfers to or from a SharePoint Storage service using a predefined Managed Identity that does not require credentials. You can define such a connection profile only when Control-M/Agent is installed on an Azure virtual machine.
The following example shows how to define ConnectionProfile:FileTransfer:SharePoint:ManagedIdentity connection profile:
"SPO_CCP5":
{
"Type": "ConnectionProfile:FileTransfer:SharePoint:ManagedIdentity",
"SharePointEndpoint":"my.sharepoint.com",
"SharePointTenantId": "ce508ef6-757c-46be-8e8e-0778h37b4q12",
"Centralized": true
}
The following table describes the ConnectionProfile:FileTransfer:SharePoint:ManagedIdentity connection profile parameters.
Parameter |
Description |
---|---|
SharePointEndpoint |
Defines the URL where the SharePoint Storage is located. |
SharePointTenantId |
Defines the ID of the Azure Active Directory instance where your application is located. |
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |
ConnectionProfile:FileTransfer:GCS
The ConnectionProfile:FileTransfer:GCS type creates a connection profile for file transfers to or from a Google Cloud Storage (GCS) service.
The following example shows how to define a ConnectionProfile:FileTransfer:GCS connection profile:
"GCS_CCP1":
{
"Type": "ConnectionProfile:FileTransfer:GCS",
"GCSServiceAccountKey": "{\"type\":\"service_account\",\"project_id\":\"sso-gcp-dba-ctm5-priv-cc30914\",\"private_key_id\":\"5197d05c5b8215irw944985cec74a34d6c1868aa\",\"private_key\":\"-----BEGIN PRIVATE KEY-----\\nprivate-key\\n-----END PRIVATE KEY-----\\n\",\"client_email\":\"bmc-wla-svc-10@sso-gcp-dba-ctm5-priv-cc30914.iam.gserviceaccount.com\",\"client_id\":\"116650586827623521335\",\"auth_uri\":\"https://accounts.google.com/o/oauth2/auth\",\"token_uri\":\"https://oauth2.googleapis.com/token\", \"auth_provider_x509_cert_url\":\"https://www.googleapis.com/oauth2/v1/certs\",\"client_x509_cert_url\":\"https://www.googleapis.com/robot/v1/metadata/x509/bmc-wla-svc-10@sso-gcp-dba-ctm5-priv-cc30914.iam.gserviceaccount.com\"}",
"GCSServiceAccountKeyFileName": "itay.json",
"Centralized": true
}
The following table describes the ConnectionProfile:FileTransfer:GCS connection profile parameters.
Parameter |
Description |
---|---|
GCSServiceAccountKey |
Defines a JSON body that contains the required service account credentials to access the Google Cloud Storage account. |
GCSServiceAccountKeyFileName |
Defines the name of the file that contains the service account credentials. |
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |
ConnectionProfile:FileTransfer:DualEndPoint
For more flexible connections, BMC recommends using single-endpoint connection profiles.
The ConnectionProfile:FileTransfer:DualEndPoint type creates a connection profile where you specify connection details for the source host and for the destination host of the file transfer. Connection details can be based on the FTP, SFTP, or FTPS communication protocols or can be to a local file system.
The following example shows how to define a ConnectionProfile:FileTransfer:DualEndPoint connection profile. One endpoint uses the FTP communication protocol and the other endpoint uses the SFTP communication protocol:
"DualEpConn" :
{
"Type" : "ConnectionProfile:FileTransfer:DualEndPoint",
"Centralized" : true,
"src_endpoint" :
{
"Type" : "Endpoint:Src:FTP",
"User" : "controlm",
"Port" : "10023",
"HostName" : "localhost",
"Password" : "password",
"HomeDirectory" : "/home/controlm/"
},
"dest_endpoint" :
{
"Type" : "Endpoint:Dest:SFTP",
"User" : "controlm",
"Port" : "10023",
"HostName" : "host2",
"Password" : "password",
"HomeDirectory" : "/home/controlm/"
}
}
The following table describes the ConnectionProfile:FileTransfer:DualEndPoint connection profile parameters.
Parameter |
Description |
---|---|
VerifyChecksum |
(Optional) Determines whether to enable or disable error detection on file transfer. Valid Values:
Default: false |
VerifyDestination |
(Optional) Determines whether to verify the size of the file at the destination after a successful binary-mode transfer. Valid Values:
Default: true |
VerifyBytes |
(Optional) Determines whether to verify that the number of bytes sent to the destination during a successful binary-mode transfer is the same as the source file. If it is not the same size, the transfer fails. Valid Values:
Default: false |
Endpoint |
Determines two endpoint objects, one for the source host and one for the destination host. Each endpoint can be based on FTP, SFTP, FTPS, or local file system. Valid Values:
Determines whether the parameters under the Endpoint object are the same as the remaining parameters for a single-endpoint connection profile, depending on type of connection: |
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |
ConnectionProfile:FileTransfer:Group
The ConnectionProfile:FileTransfer:Group type creates a connection profile which enables you to transfer a file from one host to multiple hosts in one transfer. In each group connection profile, you include a variety of previously defined connection profiles for file transfers:
The following example shows how to define a ConnectionProfile:FileTransfer:Group connection profile:
"GROUP_CP":
{
"Type": "ConnectionProfile:FileTransfer:Group",
"Centralized": true,
"GroupAccounts": ["FTPConn", "sFTPconn", "LocalConn", "AS2_Conn_1"]
}
The following table describes the ConnectionProfile:FileTransfer:Group connection profile parameters.
Parameter |
Description |
---|---|
GroupAccounts |
Determines the list of file transfer connection profiles included in the group. |
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |