Configuring Mode

To enable the Automated Mode, click the menu Configuration > Automated mode.

General

AWS

Automated Mode (AWS) general configuration

Automated Mode (AWS) general configuration

In General AWS tab, you can configure:

  • AWS Credentials Access Keys: enter the access key ID and the secret access key of the AWS account of your organization.

    You can check the page Access Keys of the AWS documentation for further details. The Solution Manager stores these encrypted.

    We suggest reading What is IAM? and Security best practices in IAM of the documentation of AWS to understand how identity management works in AWS.

    Additionally, when the Solution Manager is running in an EC2 instance, and this instance has an IAM role assigned, you can use the role for authentication, avoiding the need to provide specific AWS credentials.

    AWS role authentication

    Authenticate using the server IAM role

  • IAM Role & Logging & Updates (optional):

    • IAM role: the instance profile that will be assigned to the instances launched. Please check Instance Profiles for further details.

    • S3 base location URL: The URL where the Solution Manager will store logs or updates downloaded from the Denodo updates repository. For instance s3://my-bucket/denodo/. When input, an IAM role must be defined.

Note

See an example of minimum permissions for S3 access.

Azure

Automated Mode (Azure) general configuration

Automated Mode (Azure) general configuration

In General Azure tab, you can configure:

  • Azure Credentials: the values that identifies the Azure Credentials of your organization. Please check Understanding Azure Active Directory application and service principal to access resources for further details.

  • Logging & Updates (optional): to enable Blob storage centralized logging, enter this:

    • Blob storage base location URL: URL of the blob storage with container and prefix where the logs will be saved. For instance https://my-storage-account.blob.core.windows.net/my-container/denodo-logs/.

    • Storage account connection string: The connection string that can be used to authorize access to data in your storage account via Shared Key authorization.

    Please check Introduction to Azure Blob storage for further details.

Denodo Support

Automated Mode Denodo Support general configuration

Automated Mode Denodo Support general configuration

In General Denodo Support tab, you can configure:

  • Denodo Support Access Keys (optional): enter the access key ID and secret access key provided by Denodo Support. The Solution Manager will use these credentials to:

    • Download the updates from the Denodo Support site.

    • Obtain the identifier of the Amazon Machine Images (AMI) generated by Denodo. These AMIs include the Denodo Platform pre-installed and are configured to be managed with the Solution Manager.

    • Obtain the identifier of the Azure Virtual Machines generated by Denodo. These Virtual Machines include the Denodo Platform pre-installed and are configured to be managed with the Solution Manager.

    To get the credentials of the Denodo Support account of your organization, follow the instructions in the Denodo Support Site Quick Start Guide

Server Access

Normally, you can leave the boxes in Server access empty. If you installed the Solution Manager or the License Manager on a computer that the AWS EC2 instances or the Azure Virtual Machines will not be able to resolve using its hostname or use different ports, expand Server access and fill in the boxes:

Automated Mode Server Access common configuration

Automated Mode Server Access common configuration

This may occur if the Solution Manager or the License Manager are installed on a computer on your premises, and there is no direct access to this computer from outside, only through a VPN. Or they are accessed through a load balancer.

Note

The hostname or IP indicated should be reachable from the AWS server instances and/or Azure Virtual Machines.

You can specify the hostname, ports and protocol to be used from the AWS server instances and/or Azure Virtual Machines to connect to the Solution manager or License Manager. Leaving any field empty means using the default values.

Note

To apply the field Connect to License Manager with SSL/TLS, ensure that the Denodo Platform image configured in the Automated Cloud Cluster includes at least the update 8.0u20220126.

If the values need to be different for AWS and Azure, it exists the possibility to specify concrete values for each platform:

Automated Mode Server Access configuration

Automated Mode Server Access configuration

Default Region & Images

AWS

In Default region & Images AWS tab, configure:

  • Default region: the region that will be used by default when you create a new AWS cloud environment.

  • The default AMIs for each type of product (Virtual DataPort, Scheduler and Data Catalog).

    • Custom: the AMI id that you provide will be the default value for each type of server when you create a new cluster in automated mode. To create a custom AMI follow the instructions of the appendix Creating A Custom AWS AMI for the Denodo Platform.

    Automated Mode (AWS) - Default region & Images

    Automated Mode (AWS) - Default region & Images

    • Provided: You can select an AMI provided by Denodo if you have Denodo Support Access Keys configured with correct values.

    Automated Mode (AWS) - Provided AMIs

    Automated Mode (AWS) - Provided AMIs

Azure

In Default region & Images Azure tab, configure:

  • Default region: the region that will be used by default when you create a new Azure cloud environment.

  • Resource group: the resource group that will be used by default when you create a new Azure cloud environment.

  • The default Images for each type of product (Virtual DataPort, Scheduler and Data Catalog).

    Automated Mode (Azure) - Default region & Images

    Automated Mode (Azure) - Default region & Images

    • Provided: You can select an Image provided by Denodo if you have Denodo Support Access Keys configured with correct values.