Cloud Computing Connection Profiles
The following topics describe connection profiles for cloud computing platforms and services:
ConnectionProfile:AWS (Deprecated)
This connection profile is for the Control-M for AWS plug-in, which is a deprecated plug-in. For migration information, see Control-M for AWS Plug-in Migration Tool.
AWS jobs enable you to define and execute AWS Lambda, AWS Step Functions, and AWS Batch services.
This feature requires Control-M/EM 9.0.21.
The following examples show how to define an AWS connection profile.
You must have the Control-M for AWS plug-in installed in your Control-M environment for this connection profile to function.
-
This JSON-based connection profile authenticates with an access and secret key:
Copy"AWS_CONNECTION_ACCESSKEY":
{
"Type": "ConnectionProfile:AWS",
"Centralized": true,
"TargetAgent": "AgentHost",
"TargetCTM": "CTMHost",
"AuthenticationMethod": "AccessKey",
"AccessKey": "1234",
"SecretAccessKey": "00-200340109003001100044011700580-29001301000-410-520-250-880029",
"Region": "ap-northeast-1",
} -
This JSON-based connection profile authenticates with an IAM role:
Copy"AWS_CONNECTION_IAMROLE":
{
"Type": "ConnectionProfile:AWS",
"Centralized": true,
"TargetAgent": "AgentHost",
"TargetCTM": "CTMHost",
"AuthenticationMethod": "IAMRole",
"IAMRole": "myRole",
"Region": "ap-northeast-1",
"ProxySettings":
{
"Host": "host",
"Port": "12345",
"Username": "username",
"Password": "password"
}
}
The following table describes the AWS connection profile parameters.
|
Parameter |
Description |
|---|---|
|
TargetAgent |
Determines the Agent where the connection profile deploys. |
|
TargetCTM |
Determines the Control-M/Server where the connection profile deploys. If there is only one Control-M/Server, it defaults to that Control-M/Server. |
|
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. Valid Values:
Default: false |
|
AuthenticationMethod |
Determines one of the following authentication methods:
|
|
AccessKey |
(AccessKey authentication) Defines the AWS account Access Key. |
|
SecretAccessKey |
(AccessKey authentication) Defines the AWS account Secret Access Key. You can use Secrets in Code to hide this value in the code. |
|
IAMRole |
(IAMRole authentication) Defines the name of an IAM role for authentication of the connection to AWS. |
|
Region |
Defines location of the AWS user. |
|
ProxySettings |
Defines settings of an installed proxy server:
|
ConnectionProfile:AWS Batch
AWS Batch enables you to manage and execute batch computing workloads in AWS.
The following example shows how to define an AWS Batch connection profile.
-
This JSON-based connection profile authenticates an AWS access key and secret:
Copy"AWS_BATCH":
{
"Type": "ConnectionProfile:AWS Batch",
"Authentication": "SECRET",
"AWS Secret": "myAwsSecret12345",
"AWS Access Key": "MYAWSACCESSKEY1234",
"AWS Region": "eu-west-2",
"Batch URL": " https://batch.{{region}}.amazonaws.com",
"Connection Timeout": "20",
"Description": "",
"Centralized": true
} -
This JSON-based connection profile authenticates an AWS IAM role from inside an EC2 instance:
Copy"AWS_BATCH":
{
"Type": "ConnectionProfile:AWS Batch",
"Authentication": "NOSECRET",
"IAM Role": "BATCHIAMROLE",
"AWS Region": "eu-west-2",
"Batch URL": " https://batch.{{region}}.amazonaws.com",
"Connection Timeout": "20",
"Description": "",
"Centralized": true
}
The following table describes the AWS Batch connection profile parameters.
|
Parameter |
Description |
|---|---|
|
Authentication |
Determines one of the following authentication methods:
|
|
AWS Access Key |
(SECRET authentication) Defines the access key ID for connection to AWS. |
|
AWS Secret |
(SECRET authentication) Defines the secret access key for connection to AWS. You can use Secrets in Code to hide this value in the code. |
|
IAM Role |
(NOSECRET authentication) Defines the Identity and Access Management (IAM) role for connection to AWS. |
|
AWS Region |
Determines the region where the AWS Batch resources are located. |
|
Batch URL |
Determines the URL of an AWS Batch service regional endpoint, as follows: https://batch.<region>.amazonaws.com For more information about regional endpoints available for the AWS Batch service, refer to the AWS documentation. |
|
Connection Timeout |
Determines the number of seconds to wait before a timeout occurs after Control-M initiates a connection request to AWS Batch. Default: 20 |
|
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. Valid Values:
Default: false |
ConnectionProfile:AWSEC2
AWS Elastic Compute Cloud (EC2) enables you to create virtual machines in the Amazon cloud-computing platform.
The following examples show how to define an AWS EC2 connection profile.
-
This JSON-based connection profile authenticates with an AWS access key and secret:
Copy"AWSEC2":
{
"Type": "ConnectionProfile:AWSEC2",
"Authentication": "SECRET",
"AWS Access key ID": "AK***************************",
"AWS Secret": "nw*****************************",
"EC2 Region": "us-west-2",
"Connection timeout": "20",
"Description": "",
"Centralized": true
}
-
This JSON-based connection profile authenticates with an AWS IAM role from inside an EC2 instance:
Copy"AWSEC2":
{
"Type": "ConnectionProfile:AWSEC2",
"Authentication": "NOSECRET",
"IAM Role": "GLUEEC2IAMROLE",
"EC2 Region": "us-west-2",
"Connection timeout": "20",
"Description": "",
"Centralized": true
}
The following table describes the AWS EC2 connection profile parameters.
|
Parameter |
Description |
|---|---|
|
Authentication |
Determines one of the following authentication methods:
|
|
AWS Access key ID |
(SECRET authentication) Defines the Access key ID to connect to AWS. |
|
AWS Secret |
(SECRET authentication) Defines the secret access key to connect to AWS. You can use Secrets in Code to hide this value in the code. |
|
IAM Role |
(NOSECRET authentication) Defines the IAM Role to connect to AWS. |
|
EC2 Region |
Determines the location of the AWS user. us-east-1 |
|
Connection Timeout |
Determines the number of seconds to wait for the trigger call made by Control-M to AWS EC2 before timing out. Default: 20 |
|
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. Valid Values:
Default: false |
ConnectionProfile:AWS Lambda
AWS Lambda is a cloud compute service that enables you to execute code in multiple computer languages on a virtual cluster.
The following example shows how to define an AWS Lambda connection profile that authenticates with an AWS access key and secret:
"LAMBDA":
{
"Type": "ConnectionProfile:AWS Lambda",
"Authentication": "SECRET",
"AWS Access key ID": "ABCDEFGHIJKLMNOPQRST",
"AWS Secret": "*****",
"AWS Region": "eu-west-2",
"Lambda URL": "https://lambda.{{region}}.amazonaws.com",
"Connection Timeout": "1800",
"Description": "",
"Centralized": true
}The following table describes the AWS Lambda connection profile parameters.
|
Parameter |
Description |
|---|---|
|
Authentication |
Determines one of the following authentication methods:
|
|
AWS Access key ID |
(SECRET authentication) Defines the Access key ID to connect to AWS. |
|
AWS Secret |
(SECRET authentication) Defines the secret access key to connect to AWS. You can use Secrets in Code to hide this value in the code. |
|
IAM Role |
(NOSECRET authentication) Defines the IAM Role to connect to AWS. |
|
AWS Region |
Determines the region where the AWS Lambda resources are located. eu-west-2 |
|
Lambda URL |
Defines the authentication endpoint for AWS Lambda, based on the following format: https://lambda.<AWS_Region>.amazonaws.com https://lambda.eu-west-2.amazonaws.com |
|
Connection Timeout |
Determines the number of seconds to wait after Control-M initiates a connection request to AWS Lambda before a timeout occurs. The connection timeout in Control-M must be longer than the connection timeout that is set in AWS Lambda. Default: 1,800 |
|
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. Valid Values:
Default: false |
ConnectionProfile:Azure
Azure job enables you to execute the Azure Functions, Azure Logic Apps, and Azure Batch Account services.
The following example shows how to define an Azure connection profile:
For this type of connection profile, you must have the Control-M for Azure plug-in installed in your Control-M environment.
"AZURE_CONNECTION":
{
"Type": "ConnectionProfile:Azure",
"TargetAgent": "AgentHost",
"TargetCTM": "CTMHost",
"ActiveDirectoryDomainName": "bmc.onmicrosoft.com",
"SubscriptionID": "bcde-fgh-ijk-lmnopq",
"ApplicationID": "abcd-efg-hij-klmnop",
"User": "[email protected]",
"Password": "*****"
"Batch":
{
"BatchAccountName": "myFirstBatch",
"BatchAccountKey": "aaaaaabbbbbbbccccccc",
"Location": "centralus"
}
}The following table describes the Azure connection profile parameters.
|
Parameter |
Description |
|---|---|
|
TargetAgent |
Determines the Agent where the connection profile deploys. |
|
TargetCTM |
Determines the Control-M/Server where the connection profile deploys. If there is only one Control-M/Server, it defaults to that Control-M/Server. |
|
ActiveDirectoryDomainName |
(Optional) Defines the Azure active directory, as follows: <Company_Name>.onmicrosoft.com |
|
SubscriptionID |
Defines the Azure account subscription ID. The subscription ID can be retrieved from the Azure portal by selecting the Subscription menu. |
|
ApplicationID |
Defines the Azure application ID. |
|
User |
Defines the name of the user to connect to the Azure server. |
|
Password |
Defines a password of the username that connects to the Azure server. You can use Secrets in Code to hide this value in the code. |
|
Batch |
(Optional) Enables the use of a batch account service. By default, a batch account is not used. If you want to use a batch account, you must define the following parameters: |
|
BatchAccountName |
Defines the name of the batch account. |
|
BatchAccountKey |
Defines the primary access key for the batch account. This key can be retrieved from the Azure portal. |
|
Location |
Determines the batch account location, as defined in the batch account properties. The batch account name and batch account location are used to define the batch URI. |
ConnectionProfile:Azure Batch Accounts
Azure Batch Accounts enables you to efficiently execute large-scale, parallel, computer-intensive tasks in the cloud.
The following example shows how to define an Azure Batch Accounts connection profile.
-
This JSON-based connection profile authenticates with an Azure service principal:
Copy"AZURE_BATCH":
{
"Type": "ConnectionProfile:Azure Batch Accounts",
"Authentication Method": "PRINCIPAL",
"Tenant ID": "tenantId",
"Azure AD url": "https://login.microsoftonline.com",
"App ID": "4f477fa3-1a1g-4877-ca92-f39bb563f3b1",
"Batch Account Name": "abc_batch",
"Batch Region ID": "uksouth",
"Batch Resource url": "https://batch.core.windows.net/",
"Client Secret": "*********",
"Connection Timeout": "50",
"Description": "",
"Centralized": true
} -
This JSON-based connection profile authenticates with a managed identity:
Managed identity authentication is based on an Azure token that is valid, by default, for 24 hours. Token lifetime can be extended by Azure.
Copy"AZURE_BATCH":
{
"Type": "ConnectionProfile:Azure Batch Accounts",
"Authentication Method": "MANAGEDID",
"Specify Managed Identity Client ID": "&client_id=",
"Managed Identity Client ID": "72d448f0-ac32-45ea-9158-f8653e4ee16",
"Batch Account Name": "abc_batch",
"Batch Region ID": "uksouth",
"Batch Resource url": "https://batch.core.windows.net/",
"Connection Timeout": "50",
"Description": "",
"Centralized": true
}
The following table describes the Azure Batch Accounts connection profile parameters.
|
Parameter |
Description |
|---|---|
|
Authentication Method |
Defines one of the following types of authentication to use for the connection with Azure Batch:
|
|
Tenant ID |
(Service principal authentication) Defines the Azure Tenant ID in Azure AD. |
|
Specify Managed Identity Client ID |
Determines whether the client ID for your managed identity is specified by the Specify Managed Identity Client ID parameter. This parameter requires a value only if you have multiple managed identities defined on your Azure VM and you included the Specify Managed Identity Client ID parameter. If you have only one managed identity, it is detected automatically. Include this parameter only if you are using the managed identity authentication method and you have multiple managed identities defined on your Azure virtual machine. Set its value to &client_id=. |
|
Managed Identity Client ID |
(Managed identity) Determines whether the client ID for your managed identity is specified by the Managed Identity Client ID parameter. (Managed identity) Determines which client ID to use as the managed identity. |
|
Azure AD url |
(Service principal authentication) Defines the Azure AD authentication endpoint base URL. |
|
App ID |
Defines the application (service principal) ID of the registered application for the Azure Batch service. The service principal must be for an Azure Batch account with a Contributor role. |
|
Batch Account Name |
Defines the name of the batch account created in Azure Portal. |
|
Batch Region ID |
Defines the region ID associated with the Batch account in Azure Portal. |
|
Batch Resource url |
Defines the identifier for the Azure Batch account for login with Azure AD, as follows: https://batch.core.windows.net/ |
|
Client Secret |
(Service principal authentication) Defines the client secret (password) associated with the Azure user and the application. Connection Timeout Defines a timeout value, in seconds, for the trigger call made by Control-M to Azure Batch Accounts. Default: 50 You can use Secrets in Code to hide this value in the code. |
|
Connection Timeout |
Defines a timeout value, in seconds, for the trigger call made by Control-M to Azure Batch Accounts. Default: 50 |
|
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. Valid Values:
Default: false |
ConnectionProfile:AzureFunctions
Azure Functions enables you to develop, test, and run applications in the cloud for serverless application development.
The following example shows how to define an Azure Functions connection profile.
-
This JSON-based connection profile authenticates with an Azure Functions service principal:
Copy"AZUREFUNCTIONS":
{
"Type": "ConnectionProfile:AzureFunctions",
"Subscription ID": "bcde-fgh-ijk-lmnopq",
"Identity Type": "PRINCIPAL",
"Tenant ID": "tenantId",
"Application ID": "4f477fa3-1a1g-4877-ca92-f39bb563f3b1",
"Client Secret": "*********",
"Azure Login url": "https://login.microsoftonline.com",
"Resource Group": "resourceGroup",
"Description": "",
"Centralized": true
} -
This JSON-based connection profile authenticates with an Azure Functions managed identity:
Managed Identity authentication is based on an Azure token that is valid, by default, for 24 hours. Token lifetime can be extended by Azure.
Copy"AZUREFUNCTIONS":
{
"Type": "ConnectionProfile:AzureFunctions",
"Subscription ID": "bcde-fgh-ijk-lmnopq",
"Identity Type": "MANAGEDID",
"Specify Managed Identity Client ID": "&client_id=",
"Managed Identity Client ID": "72d448f0-ac32-45ea-9158-f8653e4ee16",
"Resource Group": "resourceGroup",
"Description": "",
"Centralized": true
} -
This JSON-based connection profile authenticates with an Azure Function App ID:
Copy"ZFAAPPIDNEW":
{
"Type": "ConnectionProfile:Azure Functions",
"Identity Type": "FUNCTION_APPID",
"Tenant ID": "<Tenant ID>",
"Application ID": "<Application ID>",
"Client Secret": "*****",
"Azure Login url": " https://login.microsoftonline.com",
"Function App Web Site": "azurewebsites.net",
"Custom App Key": "*****",
"Description": "",
"Centralized": true
}
The following table describes the Azure Functions connection profile parameters.
|
Parameter |
Identity Type |
Description |
|---|---|---|
|
Subscription ID |
|
Defines the Azure account subscription ID. The subscription ID can be retrieved from the Azure portal by selecting the Subscription menu. |
|
Identity Type |
NA |
Determines one of the following authentication methods to connect with Azure Functions:
|
|
Specify Managed Identity Client ID |
Managed Identity |
Determines whether the client ID for your managed identity is specified by the Managed Identity Client ID parameter. Include this parameter only if you are using the managed identity authentication method and you have multiple managed identities defined on your Azure virtual machine. Set its value to &client_id=. |
|
Managed Identity Client ID |
Managed Identity |
Determines which client ID to use as the managed identity. This parameter requires a value only if you have multiple managed identities defined on your Azure VM and you included the Specify Managed Identity Client ID parameter. If you have only one managed identity, it is detected automatically. |
|
Tenant ID |
|
Defines the Azure Tenant ID in Azure AD. |
|
Application ID |
|
The application ID of the registered application. The service principal must be an Azure Functions workspace user with a Contributor or Owner role associated. |
|
Client Secret |
|
Defines he client secret (password) associated with the Azure user and the application. You can use Secrets in Code to hide this value in the code. |
|
Azure Login url |
|
The Azure AD authentication endpoint base URL. |
|
Resource Group |
|
Defines the name of the resource group that holds your application. |
|
Function App Web Site |
Function App ID |
Defines the Azure Function Application website name. Default: azurewebsites.net |
|
Custom App Key |
Function App ID |
Defines the Custom Application Key, which identifies the Azure Function Application that you want to execute. |
| Connection Timeout | All Types |
Determines the number of seconds to wait after Control-M initiates a connection request to Azure Batch Accounts before a timeout occurs. Default: 60 |
|
Centralized |
|
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. Valid Values:
Default: false |
ConnectionProfile:Azure VM
Azure Virtual Machine (VM) enables you to create, manage, and delete virtual machines in the Azure cloud.
The following examples show how to define an Azure VM connection profile:
-
This JSON-based connection profile authenticates with an Azure service principal.
Copy"AZUREVM":
{
"Type": "ConnectionProfile:Azure VM",
"Subscription ID": "e76056e0-70de-4da8-b02e-61263a150b1f",
"Auth_Method": "service_account",
"Resource Group": "tb-resourcegroup",
"Tenant ID": "81b796g5-5839-40a6-8dd9-c1fam320c69b",
"Client Secret": "*****",
"Application ID": "7f499fc3-1a1f-4847-ba80-f39bb563f1b5",
"Azure Login url": "https://login.microsoftonline.com",
"Connection timeout": "20",
"Description": "",
"Centralized": true
} -
This JSON-based connection profile authenticates with a managed identity.
Managed Identity authentication is based on an Azure token that is valid, by default, for 24 hours. Token lifetime can be extended by Azure.
Copy"AZUREVM":
{
"Type": "ConnectionProfile:Azure VM",
"Subscription ID": "e76056e0-70de-4da8-b02e-61263a150b1f",
"Auth_Method": "managed_id",
"Specify Managed Identity Client ID": "&client_id=",
"Managed Identity Client ID": "72d448f0-ac32-45ea-9158-f8653e4ee16",
"Resource Group": "tb-resourcegroup",
"Connection timeout": "20",
"Description": "Azure VM connection profile",
"Centralized": true
}
The following table describes the Azure VM connection profile parameters.
|
Parameter |
Description |
|---|---|
| Subscription ID |
Determines the Azure account subscription ID. You can retrieve the subscription ID from the Subscription menu in the Azure portal. |
| Auth_Method |
Determines one of the following authentication types:
|
| Specify Managed Identity Client ID |
(Managed Identity) Determines whether the client ID for your managed identity is specified by the Managed Identity Client ID parameter. Include this parameter only if you are using the managed identity authentication method and you have multiple managed identities defined on your Azure virtual machine. Set its value to &client_id=. |
|
Managed Identity Client ID |
(Managed Identity) Determines which client ID to use as the managed identity. This parameter requires a value only if you have multiple managed identities defined on your Azure VM and you included the Specify Managed Identity Client ID parameter. If you have only one managed identity, it is detected automatically. |
|
Tenant ID |
(Service principal) Defines the Azure Tenant ID in the Azure Virtual Machine. |
|
Resource Group |
Defines the name of the resource group where the function app is located. |
|
Application ID |
(Service principal) Defines the application (service principal) ID of the registered application for the Azure Virtual Machine. The service principal must be an Azure Functions workspace user with a Contributor or Owner role associated. |
|
Client Secret |
(Service principal) Defines the client secret (password) associated with the Azure user and the application. You can use Secrets in Code to hide this value in the code. |
|
Azure Login URL |
(Service principal) Defines the Azure VM authentication endpoint base URL. |
|
Connection Timeout |
Defines a timeout value, in seconds, for the trigger call made by Control-M to the Azure VM. Default: 20 |
|
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. Valid Values:
Default: false |
ConnectionProfile:GCP Batch
Google Cloud Platform (GCP) Batch enables you to manage, schedule, and execute batch computing workloads on a virtual machine that is provisioned to accommodate your resource and capacity needs.
The following example shows how to define a GCP Batch connection profile that authenticates based on a service account:
"GCP_BATCH":
{
"Type": "ConnectionProfile:GCP Batch",
"Identity Type": "service_account",
"Batch URL": "https://batch.googleapis.com",
"Service Account Key": "*****",
"Connection Timeout": "20",
"Description": "",
"Centralized": true
}The following table describes the GCP Batch connection profile parameters.
|
Parameter |
Description |
|---|---|
| Identity Type |
Determines one of the following authentication types using GCP Access Control:
|
| Batch URL |
Defines the Google Cloud Platform (GCP) authentication endpoint for GCP Batch, as follows: Default: https://batch.googleapis.com |
|
Service Account Key |
(Service Account) Defines a service account that is associated with an RSA key pair. You can use Secrets in Code to hide this value in the code. |
|
Connection timeout |
Determines the number of seconds to wait after Control-M initiates a connection request to GCP Batch before a timeout occurs. Default: 20 |
|
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. Valid Values:
Default: false |
ConnectionProfile:GCP Functions
Google Cloud Platform (GCP) Functions enables you to develop, test, and run applications in the cloud.
The following example shows how to define a GCP Functions connection profile that authenticates based on a service account:
"GCPFUNCTIONS":
{
"Type": "ConnectionProfile:GCP Functions",
"Identity Type": "service_account",
"GCP API URL": "https://cloudfunctions.googleapis.com",
"Service Account Key": "*****",
"Connection Timeout": "60",
"Description": "",
"Centralized": true
}The following table describes the GCP Functions connection profile parameters.
|
Parameter |
Description |
|---|---|
| Identity Type |
Determines one of the following authentication types using GCP Access Control:
|
|
GCP API URL |
Defines the Google Cloud Platform (GCP) authentication endpoint for Cloud Functions. |
|
Service Account Key |
(Service account) Defines a service account that is associated with an RSA key pair. You can use Secrets in Code to hide this value in the code. |
| Connection Timeout |
Determines the number of seconds to wait after Control-M initiates a connection request to GCP Cloud Functions before a timeout occurs. Default: 20 |
|
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. Valid Values:
Default: false |
ConnectionProfile:GCP VM
Google Cloud Platform (GCP) Virtual Machine (VM) enables you to create, manage, and delete virtual machines on the Google Compute Engine (GCE).
The following example shows how to define a GCP VM connection profile that authenticates based on a service account:
"GCPVM":
{
"Type": "ConnectionProfile:GCP VM",
"Identity Type": "service_account",
"GCP API URL": "https://compute.googleapis.com/compute",
"Service Account Key": "*****",
"Connection timeout": "20",
"Description": "",
"Centralized": true
}The following table describes the GCP VM connection profile parameters.
|
Parameter |
Description |
|---|---|
| Identity Type |
Determines one of the following authentication types using GCP Access Control:
|
| GCP API URL |
Defines the Google Cloud Platform (GCP) authentication endpoint. Default: https://compute.googleapis.com/compute |
|
Service Account Key |
(Service Account) Defines a service account that is associated with an RSA key pair. You can use Secrets in Code to hide this value in the code. |
|
Connection timeout |
Determines the number of seconds to wait for the trigger call made by Control-M to GCP before timing out. Default: 20 |
|
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. Valid Values:
Default: false |
ConnectionProfile:OCI Functions
The OCI Functions job enables you to develop, test, and run functions in the cloud.
The following examples show how to define an OCI Functions connection profile.
-
This JSON defines a connection profile that authenticates with defined parameters:
Copy"OCI_FUNCTIONS_PARAMS":
{
"Type": "ConnectionProfile:OCI Functions",
"OCI Functions URL": "https://functions.ux-phoenix-1.oci.oraclecloud.com",
"OCI Region": "us-phoenix-1",
"Authentication": "DefineParameters",
"User OCID": "ocid1.user.oc1..aaaaaaaahr2bqeemztbhexkdvw4avkddjbbofh*****dj63wp2xeq",
"Tenancy OCID": "ocid1.tenancy.oc1..aaaaaaaak42azt6b56uvi2afhpk*******cgnhrdi4qzika",
"Fingerprint": "27:ba:c6:f3:86:df:d6:33:8b:62:2d:7c:b4:7a:e0:e9",
"Private Key": "*****",
"Connection Timeout": "30",
"Description": "",
"Centralized": true
} -
This JSON defines a connection profile that authenticates with a configuration file:
Copy"OCI_FUNCTIONS_FILE":
{
"Type": "ConnectionProfile:OCI Functions",
"OCI Functions URL": "https://functions.ux-phoenix-1.oci.oraclecloud.com",
"OCI Region": "us-phoenix-1",
"Authentication": "ConfigurationFile",
"Config File Path": "/home/dbauser/oci_config.txt",
"Profile": "DEFAULT",
"Connection Timeout": "30",
"Description": "",
"Centralized": true
},
The following table describes the OCI Functions connection profile parameters.
|
Parameter |
Description |
|---|---|
|
OCI Functions URL |
Defines the OCI Functions URL, in the following format: https://functions.<region>.oci.oraclecloud.com |
|
OCI Region |
Determines the region where OCI Functions is located. ux-phoenix-1 |
|
Authentication |
Determines one of the following authentication methods to connect to OCI Functions:
The following example of a configuration file defines two profiles: DEFAULT for Linux and PROFILE2 for Windows. Copy
|
|
User OCID |
(Defined Parameters) Defines an individual user within the OCI environment. |
|
Tenancy OCID |
(Defined Parameters) Defines the OCI Tenancy ID in OCI Functions, which is a global unique identifier for this account within the OCI environment. |
|
Fingerprint |
(Defined Parameters) Defines a fingerprint that is used to uniquely identify and verify the integrity of the associated certificate or key. |
|
Private Key |
(Defined Parameters) Defines the Private key within a set of API signing keys that are used for authentication and secure access to OCI resources. You can use Secrets in Code to hide this value in the code. |
|
Config File Path |
(Configuration File) Defines the path to the configuration file that contains authentication information. This file is stored on the Control-M/Agent. |
|
Profile |
(Configuration File) Defines the name of a specific section in the configuration file, such as, DEFAULT or PROFILE2 in the code sample above. |
|
Connection Timeout |
Determines the number of seconds to wait after Control-M initiates a connection request to OCI Functions before a timeout occurs. Default: 30 |
|
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. Valid Values:
Default: false |
ConnectionProfile:OCI VM
Oracle Cloud Infrastructure Virtual Machine (OCI VM) plug-in enables you to create, manage, and delete virtual machines in the Oracle cloud.
The following examples show how to define an OCI VM connection profile that authenticates based on a service account.
-
This JSON defines a connection profile that authenticates with defined parameters:
Copy"OCI_VM":
{
"Type": "ConnectionProfile:OCI VM",
"OCI Instances URL": "https://iaas.us-phoenix-1.oraclecloud.com/20160918",
"OCI Region": "us-phoenix-1",
"Authentication": "DefineParameters",
"User OCID": "ocid1.user.oc1..aaaaaaaatcnn2lw4tjcoemgnm4*********",
"Tenancy OCID": "ocid1.tenancy.oc1..aaaaaaaaxzv5ies3pwo7s5it******",
"Fingerprint": "c6:d6:28:82:b3:2d:5f:***********",
"Private Key": "*****",
"Connection Timeout": "30",
"Description": "",
"Centralized": true
} -
This JSON defines a connection profile that authenticates with a configuration file:
Copy"OCI_VM":
{
"Type": "ConnectionProfile:OCI VM",
"OCI Instances URL": "https://iaas.us-phoenix-1.oraclecloud.com/20160918",
"OCI Region": "us-phoenix-1",
"Authentication": "ConfigurationFile",
"Config File Path": "\home\dbauser\config.example",
"Profile": "DEFAULT",
"Connection Timeout": "30",
"Description": "",
"Centralized": true
}
The following table describes the OCI VM connection profile parameters.
|
Parameter |
Description |
|---|---|
|
OCI Instances URL |
Defines the OCI Instances URL, in the following format: https://iaas.{{Region}}.oraclecloud.com/20160918 |
|
OCI Region |
Determines the region where the OCI Virtual Machine is located. us-phoenix-1 |
|
Authentication |
Determines one of the following authentication methods:
|
|
User OCID |
(Defined Parameters) Defines an individual user within the OCI environment. |
|
Tenancy OCID |
(Defined Parameters) Defines the OCI Tenacy ID in the OCI VM, which is a global unique identifier for this account within the OCI environment. |
|
Fingerprint |
(Defined Parameters) Defines a fingerprint to uniquely identify and verify the integrity of the associated certificate or key. |
|
Private Key |
(Defined Parameters) Defines the Private key within a set of API signing keys that are used for authentication and secure access to OCI resources. You can use Secrets in Code to hide this value in the code. |
|
Config File Path |
(Configuration File) Defines the path to the configuration file that contains authentication information. This file is stored on the Control-M/Agent. |
|
Profile |
(Configuration File) Defines the name of a specific section in the configuration file, for example, DEFAULT and PROFILE2 in the code sample above. |
|
Connection Timeout |
Determines the number of seconds to wait after Control-M initiates a connection request to OCI VM before a timeout occurs. Default: 20 |
|
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. Valid Values:
Default: false |
ConnectionProfile:VMwareByBroadcom
VMware By Broadcom enables you to run multiple virtual machines on a single physical server.
The following example shows how to define a VMwareByBroadcom connection profile that authenticates based on a service account.
"VMWARE":
{
"Type": "ConnectionProfile:VMwareByBroadcom",
"vCenter URL": "https://VCenter.domain.com",
"Username": "** Username **",
"Password": "*****",
"Connection Timeout": "30",
"Description": "",
"Centralized": true
}|
Parameter |
Description |
|---|---|
|
vCenter URL |
Defines the URL of the vCenter server. https://isr-vcenter.Domain.bmc.com |
|
Username |
Defines the name of the user that runs the VMware By Broadcom job. |
|
Password |
Defines the password of the user that runs the VMware By Broadcom job. |
|
Connection Timeout |
Determines the number of seconds to wait before a timeout occurs after Control-M initiates a connection request to VMware. Default: 1000 |
|
Centralized |
Determines whether to create a centralized connection profile, which is stored in the Control-M/EM database and is available to all Agents. You must set this parameter to true. Valid Values:
Default: false |
YouTube
Twitter
Facebook
LinkedIn