Machine Learning Connection Profiles
The following topics describe connection profiles for machine learning platforms and services:
ConnectionProfile:AWS Sagemaker
AWS Sagemaker enables you to create, train, and deploy machine learning models on premises, in the cloud, and on edge devices.
The following examples show how to define an AWS SageMaker connection profile.
-
This JSON defines a connection profile that authenticates via AWS access key and secret:
Copy"AWS_SAGEMAKER":
{
"Type": "ConnectionProfile:AWS Sagemaker",
"SageMaker URL": "https://sagemaker.us-east-1.amazonaws.com",
"AWS Region": "us-east-1",
"Authentication": "SECRET",
"AWS Access key": "MYAWSACCESSKEY1234",
"AWS Secret": "myAwsSecret12345",
"Connection Timeout": "100",
"Description": "",
"Centralized": true
} -
This JSON defines a connection profile that authenticates via an AWS IAM role from inside an EC2 instance:
Copy"AWS_SAGEMAKER_IAM":
{
"Type": "ConnectionProfile:AWS Sagemaker",
"SageMaker URL": "https://sagemaker.us-east-1.amazonaws.com",
"AWS Region": "us-east-1",
"Authentication": "NOSECRET",
"IAM Role": "SAGEMAKERIAMROLE",
"Connection Timeout": "100",
"Description": "",
"Centralized": true
}
The following table describes the AWS SageMaker connection profile parameters.
Parameter |
Description |
---|---|
Authentication |
Determines one of the following types of authentication for the connection with AWS SageMaker:
|
AWS Access Key |
(SECRET Authentication) Defines the AWS SageMaker account access key. |
AWS Secret |
(SECRET Authentication) Defines the AWS SageMaker account secret access key. You can use Secrets in Code to hide this value in the code. |
IAM Role |
(NOSECRET Authentication) Defines the Identity and Access Management (IAM) role for the AWS SageMaker connection. |
AWS Region |
Determines the region where the AWS SageMaker jobs are located. |
SageMaker URL |
Determines the authentication endpoint for AWS SageMaker, in the following format: https://sagemaker.{{AwsRegion}}.amazonaws.com For more information about regional endpoints, see the AWS documentation. |
Connection Timeout |
Determines the number of seconds to wait after Control-M initiates a connection request to AWS SageMaker before a timeout occurs. Default: 30 |
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |
ConnectionProfile:Azure Machine Learning
Azure Machine Learning enables you to build, train, deploy, and manage machine learning models on premises, in the cloud, and on edge devices.
The following examples show how to define a connection profile for an Azure Machine Learning job.
-
This JSON defines a connection profile that authenticates via an Azure service principal:
Copy"AZURE_ML_SERVICE_PRINCIPAL":
{
"Type": "ConnectionProfile:Azure Machine Learning",
"Authentication Method": "PRINCIPAL",
"Tenant ID": "82b34c5-5839-40f6-8pd9-c1fad320c69b",
"Azure Login URL": "https://login.microsoftonline.com",
"Azure ML URL": "https://{{location}}.api.azureml.ms/",
"Azure Management URL": "https://management.azure.com/",
"Subscription ID": "e76056e0-70de-4da8-b02e-61263a150b1f",
"Location Name": "centralus",
"Application ID": "4f477fa3-1a1g-4877-ca92-f39bb563f3b1",
"Client Secret": "*****",
"Connection Timeout": "50",
"Description": "",
"Centralized": true
} -
This JSON defines a connection profile that authenticates via a managed identity:
Managed Identity authentication is based on an Azure token that is valid, by default, for 24 hours. Token lifetime can be extended by Azure.
Copy"AZURE_ML_SERVICE_IDENTITY":
{
"Type": "ConnectionProfile:Azure Machine Learning",
"Authentication Method": "MANAGEDID",
"Specify Managed Identity Client ID": "&client_id=",
"Managed Identity Client ID": "72d448f0-ac32-45ea-9158-f8653e4ee16",
"Azure ML URL": "https://{{location}}.api.azureml.ms/",
"Azure Management URL": "https://management.azure.com/",
"Subscription ID": "e76056e0-70de-4da8-b02e-61263a150b1f",
"Location Name": "centralus",
"Connection Timeout": "50",
"Description": "",
"Centralized": true
}
The following table describes the Azure Machine Learning connection profile parameters.
Parameter |
Description |
---|---|
Authentication Method |
Defines one of the following types of authentication to use for the connection with Azure Machine Learning:
To prepare for authentication using each of these methods:
|
Specify Managed Identity Client ID |
(Managed Identity) Determines whether your managed identity client ID is specified by the Managed Identity Client ID parameter. Include this parameter only if you are using the managed identity authentication method and you have multiple managed identities defined on your Azure virtual machine. Set its value to &client_id=. |
Managed Identity Client ID |
(Managed Identity) Determines which client ID to use as the managed identity. This parameter requires a value only if you have multiple managed identities defined on your Azure virtual machine and you included the Specify Managed Identity Client ID parameter. If you have only one managed identity, it is detected automatically. |
Tenant ID |
(Service Principal) Defines the ID where the Azure Machine Learning is created. |
Azure Login URL |
(Service Principal) Defines the Azure Active Directory (AD) authentication endpoint base URL. Default: https://login.microsoftonline.com |
Azure ML URL |
Defines the authentication endpoint base URL for Azure Machine Learning, which is used to perform API calls, and which is based on the following format: https://{{location}}.api.azureml.ms/ |
Azure Management URL |
Defines the Azure Management URL, which is used to get the token for a service principal authentication and to perform API calls. Default: https://management.azure.com/ |
Subscription ID |
Determines the Azure account subscription ID, which can be retrieved from the Azure portal. |
Location Name |
Determines the region where the Azure Machine Learning jobs are located. |
Application ID |
(Service Principal) Defines the Azure identity of a Service Principal that is granted access to interact with Azure Machine Learning. |
Client Secret |
(Service Principal) Defines the password of the Service Principal. You can use Secrets in Code to hide this value in the code. |
Connection Timeout |
Determines the number of seconds to wait after Control-M initiates a connection request to Azure Machine Learning before a timeout occurs. Default: 50 |
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |
Connection Profile:OCI Data Science
OCI Data Science is an Oracle Cloud Infrastructure (OCI) platform, that enables you to build, train, deploy, and manage machine learning (ML) models using Python and open source tools.
The following examples show how to define a connection profile for an OCI Data Science job.
-
This JSON defines a connection profile that authenticates with Define Parameters method:
Copy"OCI_DATA_SCIENCE":
{
"Type": "ConnectionProfile:OCI Data Science",
"OCI Data Science URL": "https://datascience.us-phoenix-1.oci.oraclecloud.com/20190101",
"OCI Region": "us-phoenix-1",
"Authentication": "DefineParameters",
"User OCID": "ocid1.user.oc1..aaaaaaaatcnn2lw4tjcoemgnm4*********",
"Tenancy OCID": "ocid1.tenancy.oc1..aaaaaaaaxzv5ies3pwo7s5it******",
"Fingerprint": "c6:d6:28:82:b3:2d:5f:***********",
"Private Key": "*****",
"Connection Timeout": "30",
"Description": "",
"Centralized": true
} -
This JSON defines a connection profile that authenticates with a Configuration File:
Copy" OCI_DATA_SCIENCE ":
{
"Type": "ConnectionProfile: OCI Data Science",
"OCI Data Science URL": " https://datascience.us-phoenix-1.oci.oraclecloud.com/20190101",
"OCI Region": "us-phoenix-1",
"Authentication": "ConfigurationFile",
"Config File Path": "\home\dbauser\config.example",
"Profile": "Default",
"Connection Timeout": "30",
"Description": "",
"Centralized": true
}
The following table describes the OCI Data Science connection profile parameters.
Parameter |
Authentication Method |
Description |
---|---|---|
OCI Data Science URL |
All methods |
Defines the OCI Data Science URL in the following format: https://datascience.<region>.oci.oraclecloud.com/20190101 |
OCI Region |
All methods |
Determines the region where OCI Data Science is located. |
Authentication |
All methods |
Determines one of the following authentication methods:
|
User OCID |
Defined Parameters |
Defines an individual user within the OCI environment. |
Tenancy OCID |
Defined Parameters |
Defines the OCI Tenacy ID in OCI Data Science, which is a global unique identifier for this account within the OCI environment. |
Fingerprint |
Defined Parameters |
Defines a fingerprint which uniquely identifies and verifies the integrity of the associated certificate or key. |
Private Key |
Defined Parameters |
Defines the Private key within a set of API signing keys that are used for authentication and secure access to OCI resources. You can use Secrets in Code to hide this value in the code. |
Config File Path |
Configuration File |
Defines the path to the configuration file that contains authentication information. This file is stored on the Control-M/Agent. UNIX: home/user1/config/pem.pem Windows: C:\Users\user1\config\\pem.pem |
Profile |
Configuration File |
Defines the name of a specific section in the configuration file, such as DEFAULT and PROFILE2 in the Configuration File code sample. |
Connection Timeout |
All methods |
Determines the number of seconds to wait after Control-M initiates a connection request to OCI Data Science before a timeout occurs. Default: 20 |
Centralized |
All methods |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. |