Infrastructure as Code Connection Profiles

Defines the AWS CloudFormation API authentication endpoint.

Determines the region where the AWS CloudFormation jobs are located.

Determines one of the following authentication methods:

• AWS Key & Secret: Authenticates with an AWS access key and secret, which are used for services outside the AWS infrastructure.

• AWS IAM Role: Authenticates with an AWS IAM role from within the AWS infrastructure, which removes the need to provide additional credentials.

Defines the AWS CloudFormation account access key.

Defines the AWS CloudFormation account secret access key.

Defines the Identity and Access Management (IAM) role for the AWS CloudFormation connection.

Determines whether to locate and retrieve a secret from an external vault, as described in CyberArk Secret Parameters in Connection Profiles.

(Service Principal) Defines the Azure Active Directory authentication endpoint URL.

Default: https://login.microsoftonline.com

Defines the Azure Resource Manager authentication endpoint base URL.

Default: https://management.azure.com

Defines the registered subscription ID for the Azure Resource Manager service.

Determines one of the following identity types that connects to Azure Resource Manager:

• Service Principal: Enables you to use Azure Resource Manager with applications, hosted services, and automated tools that access Azure resources. This identity, also known as an App Registration, is restricted by the roles assigned to the Service Principal. These roles give the Azure Administrator control over which resources are accessible, and at which level. Use this option if the Agent is installed on-premises, on an Azure virtual machine, or on any other cloud vendor.

• Managed Identity: Enables you to access other protected resources on the Azure Active Directory (AD). The identity is managed by the Azure platform. You do not need to provide credentials within Control-M. Use this option if the Agent is installed on an Azure virtual machine that has an assigned a Managed Identity with the required permissions.

To prepare for authentication with a Service Principal authentication, you must assign the Service Principal an Owner or Contributor role through the Azure platform.

(Service Principal) Defines the Azure tenant ID, which represents your organization.

(Service Principal) Defines the Azure AD application ID for Resource Manager.

The Service Principal must be an Azure Resource Manager workspace user with a Contributor or Owner role.

(Service Principal) Defines the password associated with the Azure user and the Azure AD application ID.

(Managed Identity) Determines whether to define a specific Managed Identity.

(Managed Identity) Defines the specific Managed Identity that connects to Azure Resource Manager.

You must complete this field only if your Azure virtual machine has multiple Managed Identities and you have selected the Specify Managed Identity Client ID checkbox. If you only have one Managed Identity, it is detected automatically.

Determines whether to locate and retrieve a secret from an external vault, as described in CyberArk Secret Parameters in Connection Profiles.

Determines one of the following authentication types using GCP Access Control:

• Service Account: Authenticates using an application ID (service account) and client secret.

• IAM: Authenticates based on a detected IAM role, which removes the need to provide additional credentials.

Defines the Google Cloud Platform (GCP) authentication endpoint for Deployment Manager.

(Service Account) Defines a service account that is associated with an RSA key pair.

Determines whether to locate and retrieve a secret from an external vault, as described in CyberArk Secret Parameters in Connection Profiles.

Defines the organization name where the Terraform workspace is located.

Defines a Terraform token for authentication of connections to the Terraform workspace.

Determines whether to locate and retrieve a secret from an external vault, as described in CyberArk Secret Parameters in Connection Profiles.