Backup and Recovery
The following topics describe the connection profile parameters for backup and recovery platforms and services:
AWS Backup Connection Profile Parameters
Before you can define a job, you must create a connection profile in the Configuration domain. A connection profile contains authorization credentials—such as the username, password, and other plug-in-specific parameters—and enables you to connect to the application server with only the connection profile name. To create a connection profile, see Creating a Centralized Connection Profile.
For more information about this plug-in, see
The following table describes the AWS Backup connection profile parameters.
Parameter |
Description |
---|---|
AWS Backup URL |
Determines the authentication endpoint for AWS Backup, based on the following format: https://backup.<AWS Region>.amazonaws.com |
AWS Region |
Determines the region where the AWS Backup jobs are located. us-east-1 |
Authentication |
Determines one of the following authentication methods:
|
AWS Access Key |
Defines the access key assigned to the account in the AWS Backup integration setup. |
AWS Secret |
Defines the secret access key assigned to the account in the AWS Backup integration setup. |
IAM Role |
Defines the Identity and Access Management (IAM) role name on an Amazon EC2 virtual machine (instance) for the AWS Backup connection. |
Use External Vault |
Determines whether to locate and retrieve a secret from an external vault, as described in CyberArk Secret Parameters in Connection Profiles. |
Connection Timeout |
Determines the number of seconds to wait after Control-M initiates a connection request to AWS Backup before a timeout occurs. Default: 20 |
AWS DataSync Connection Profile Parameters
Before you can define a job, you must create a connection profile in the Configuration domain. A connection profile contains authorization credentials—such as the username, password, and other plug-in-specific parameters—and enables you to connect to the application server with only the connection profile name. To create a connection profile, see Creating a Centralized Connection Profile.
For more information about this plug-in, see Control-M for AWS DataSync.
The following table describes the AWS DataSync connection profile parameters.
Parameter |
Description |
---|---|
AWS DataSync URL |
Determines the authentication endpoint for AWS DataSync, based on the following format: https://datasync.<AWS Region>.amazonaws.com |
AWS Logs URL |
Defines the AWS Logs URL, based on the following format: https://logs.{{AwsRegion}}.amazonaws.com |
AWS Region |
Determines the region where the AWS DataSync jobs are located. us-east-1 |
Authentication |
Determines one of the following authentication methods:
|
AWS Access Key |
Defines the access key assigned to the account in the AWS DataSync integration setup. |
AWS Secret |
Defines the secret access key assigned to the account in the AWS DataSync integration setup. You can use Secrets in Code to hide this value in the code. |
IAM Role |
Defines the Identity and Access Management (IAM) role name on an Amazon EC2 virtual machine (instance) for the AWS DataSync connection. |
Use External Vault |
Determines whether to locate and retrieve a secret from an external vault, as described in CyberArk Secret Parameters in Connection Profiles. |
Connection Timeout |
Determines the number of seconds to wait after Control-M initiates a connection request to AWS DataSync before a timeout occurs. Default: 30 |
Azure Backup Connection Profile Parameters
Before you can define a job, you must create a connection profile in the Configuration domain. A connection profile contains authorization credentials—such as the username, password, and other plug-in-specific parameters—and enables you to connect to the application server with only the connection profile name. To create a connection profile, see Creating a Centralized Connection Profile.
For more information about this plug-in, see
The following table describes the Azure Backup connection profile parameters.
Parameter |
Description |
---|---|
Azure Login URL |
(Service Principal) Defines the Azure Backup authentication endpoint base URL. Default: https://login.microsoftonline.com |
Azure Management URL |
Defines the endpoint that enables you to perform API calls and retrieve the token for authentication. Default: https://management.azure.com |
Subscription ID |
Defines the registered subscription ID for the Azure Backup service. |
Authentication Method |
Determines one of the following identity types that connects to Azure Backup:
Each authentication type uses an Azure token that is valid for 24 hours, by default. You can extend token lifetimes through Azure. To prepare for authentication with a Service Principal authentication, you must assign the Service Principal an Owner or Contributor role through the Azure platform. |
Specify Managed Identity Client ID |
(Managed Identity) Determines whether to define a specific Managed Identity. |
Managed Identity Client ID |
(Managed Identity) Defines the specific Managed Identity that connects to Azure Backup. You must complete this field only if your Azure virtual machine has multiple Managed Identities and you have selected the Specify Managed Identity Client ID checkbox. If you only have one Managed Identity, it is detected automatically. |
Tenant ID |
(Service Principal) Defines the Azure tenant ID, which represents your organization. |
Application ID |
(Service Principal) Defines the Azure AD application ID for Azure Backup. The Service Principal must be an Azure Backup workspace user with a Contributor or Owner role. |
Client Secret |
(Service Principal) Defines the password associated with the Azure user and the Azure AD application ID. |
Use External Vault |
Determines whether to locate and retrieve a secret from an external vault, as described in CyberArk Secret Parameters in Connection Profiles. |
Connection Timeout |
Determines the number of seconds to wait after Control-M initiates a connection request to Azure Backup before a timeout occurs. Default: 50 |