Backup and Recovery
The following topics describe the connection profile parameters for backup and recovery platforms and services:
AWS Backup Connection Profile Parameters
Before you can define a job, you must create a connection profile in the Configuration domain. A connection profile contains authorization credentials—such as the username, password, and other plug-in-specific parameters—and enables you to connect to the application server with only the connection profile name. To create a connection profile, see Creating a Centralized Connection Profile.
For more information about this plug-in, see Control-M for AWS Backup.
The following table describes the AWS Backup connection profile parameters.
Attribute |
Description |
---|---|
AWS Backup URL |
Determines the authentication endpoint for AWS Backup, based on the following format: https://backup.<AWS Region>.amazonaws.com |
AWS Region |
Determines the AWS region where the job is located. us-east-2 |
Authentication |
Determines one of the following authentication methods:
|
AWS Access Key |
Defines the access key assigned to the account with the relevant permissions to the AWS service. |
AWS Secret |
Defines the secret access key assigned to the account with the relevant permissions to the AWS service. |
IAM Role |
Defines the Identity and Access Management (IAM) role name for the AWS service connection. |
Use External Vault |
Determines whether to retrieve secret parameter values from an external vault, as described in CyberArk Secret Parameters in Connection Profiles. |
Connection Timeout |
Determines the number of seconds to wait after Control-M initiates a connection request before a timeout occurs. Default: 20 |
AWS DataSync Connection Profile Parameters
Before you can define a job, you must create a connection profile in the Configuration domain. A connection profile contains authorization credentials—such as the username, password, and other plug-in-specific parameters—and enables you to connect to the application server with only the connection profile name. To create a connection profile, see Creating a Centralized Connection Profile.
For more information about this plug-in, see Control-M for AWS DataSync.
The following table describes the AWS DataSync connection profile parameters.
Attribute |
Description |
---|---|
AWS DataSync URL |
Determines the authentication endpoint for AWS DataSync, based on the following format: https://datasync.<AWS Region>.amazonaws.com |
AWS Logs URL |
Defines the AWS Logs URL, based on the following format: https://logs.<AWS Region>.amazonaws.com |
AWS Region |
Determines the AWS region where the job is located. us-east-2 |
AuthenticationDetermines the AWS region where the job is located.us-east-2 |
Determines one of the following authentication methods:
|
AWS Access Key |
Defines the access key assigned to the account with the relevant permissions to the AWS service. |
AWS Secret |
Defines the secret access key assigned to the account with the relevant permissions to the AWS service. You can use Secrets in Code to hide this value in the code. |
IAM Role |
Defines the Identity and Access Management (IAM) role name for the AWS service connection. |
Use External Vault |
Determines whether to retrieve secret parameter values from an external vault, as described in CyberArk Secret Parameters in Connection Profiles. |
Connection Timeout |
Determines the number of seconds to wait after Control-M initiates a connection request before a timeout occurs. Default: 30 |
Azure Backup Connection Profile Parameters
Before you can define a job, you must create a connection profile in the Configuration domain. A connection profile contains authorization credentials—such as the username, password, and other plug-in-specific parameters—and enables you to connect to the application server with only the connection profile name. To create a connection profile, see Creating a Centralized Connection Profile.
For more information about this plug-in, see Control-M for Azure Backup.
The following table describes the Azure Backup connection profile parameters.
Attribute |
Authentication Method |
Description |
---|---|---|
Azure Login URL |
|
Defines the base URL of the Microsoft Entra/Azure AD authentication endpoint. |
Azure Management URL |
|
Defines the endpoint that enables you to perform API calls and retrieve the token for authentication. Default: https://management.azure.com |
Subscription ID |
|
Defines the Azure account ID of your organization. |
Authentication Method |
|
Determines one of the following authentication methods:
|
Specify Managed Identity Client ID |
Managed Identity |
Determines whether the managed identity is specified by the Managed Identity Client ID attribute. Toggle on this option when you use the Managed Identity authentication method and there are multiple managed identities defined on your Azure VM. |
Managed Identity Client ID |
Managed Identity |
Defines the client ID of the managed identity used for access. This attribute requires a value only if there are multiple managed identities defined on your Azure VM and you toggle on Specify Managed Identity Client ID. |
Tenant ID |
Service Principal |
Defines the Azure tenant ID for your organization. |
Application ID |
Service Principal |
Defines the Registered App for the Azure service in your Microsoft Entra/Azure AD tenant. The corresponding Service Principal must be assigned the Owner or Contributor role for the Azure service. |
Client Secret |
Service Principal |
Defines the password associated with the Service Principal/registered application. |
Use External Vault |
Service Principal |
Determines whether to retrieve secret parameter values from an external vault, as described in CyberArk Secret Parameters in Connection Profiles. |
Connection Timeout |
|
Determines the number of seconds to wait after Control-M initiates a connection request before a timeout occurs. Default: 60 |
Veeam Backup Connection Profile Parameters
Before you can define a job, you must create a connection profile in the Configuration domain. Connection profiles contain authorization credentials (such as the usernames, passwords, and other plug-in-specific parameters) and enable you to connect to the application server with only the connection profile name. To create a centralized connection profile, see Creating a Centralized Connection Profile.
For more information about this plug-in, see Control-M for Veeam Backup.
The following table describes the Veeam Backup connection profile parameters.
Attribute |
Description |
---|---|
Enterprise Manager Server |
Defines the Enterprise Manager Server for Veeam Backup. You must provide the full name of the server, which includes the server name and domain name. |
URL |
Determines the API URL to communicate with the Veeam Backup Server. The server name in the URL is populated automatically. |
API Supported Version |
Determines the version for the Veeam Backup REST API. Default: latest |
Username |
Defines the account name for authentication. |
Password |
Defines the corresponding password for authentication. |
Use External Vault |
Determines whether to retrieve secret parameter values from an external vault, as described in CyberArk Secret Parameters in Connection Profiles. |
HTTP Codes |
Defines the HTTP code that appears in the response if you want to rerun a job execution step (authentication, trigger or completion). Multiple HTTP codes must be separated with a space. You cannot rerun a step with HTTP codes when you perform manual execution, such as rerun from point of failure. Default: 429 |
Rerun Interval |
Defines the number of seconds to wait before Control-M reruns the job step. Default: 10 |
Attempts Rerun |
Defines the number of attempts to rerun a job step. Default: 3 |
Connection Timeout |
Determines the number of seconds to wait after Control-M initiates a connection request before a timeout occurs. Default: 30 |
Veritas NetBackup Connection Profile Parameters
Determines whether to retrieve secret parameter values from an external vault, as described in CyberArk Secret Parameters in Connection Profiles.Before you can define a job, you must create a connection profile in the Configuration domain. Connection profiles contain authorization credentials (such as the usernames, passwords, and other plug-in-specific parameters) and enable you to connect to the application server with only the connection profile name. To create a centralized connection profile, see Creating a Centralized Connection Profile.
For more information about this plug-in, see Control-M for Veritas NetBackup.
The following table describes the Veritas NetBackup connection profile parameters.
Attribute |
Authentication Type |
Description |
---|---|---|
Master Server Name |
|
Defines the primary NetBackup server. |
Endpoint URL |
|
Defines the URL of the API on the NetBackup server, in the following format: https://<Master Server Name>:<port> where
|
Authentication Type |
|
Determines one of the following authentication methods:
|
Domain Type |
Username & Password |
Determines the type of domain used for authentication. Valid Values:
|
Domain Name |
Username & Password |
Defines the name of the authentication domain. |
Username |
Username & Password |
Defines the account name used when the Authentication Type value is Username & Password. |
Password |
Username & Password |
Defines the password used when the Authentication Type value is Username & Password. |
Use External Vault |
Username & Password |
Determines whether to retrieve secret parameter values from an external vault, as described in CyberArk Secret Parameters in Connection Profiles. |
API Token |
API Token |
Defines the token used when Authentication Type value is API Token. |
Connection Timeout |
|
Determines the number of seconds to wait after Control-M initiates a connection request before a timeout occurs. Default: 60 |