Configuration Items
The core configurable entities used for file transfers in UDMG are referred to as Configuration Items.
Understanding UDMG's key concepts is essential in understanding how its core configuration items interact.
Put briefly,
- Accounts are created for the partners who want to exchange files with you. Accounts are assigned to Account Groups.
- Accounts initiate connections through Endpoints, which determine how files are processed or handled.
- Pipelines manage the flow of data between these Endpoints, enabling a flexible and reliable system for transferring files across your ecosystems.
- Credentials store passwords and cryptographic keys and certificates used to authenticate and enable secure communications.
- Administrative Users are responsible for configuring and monitoring file transfers through the UDMG Admin UI.
For detailed descriptions of all UDMG Configuration Items, see the table below:
| Name | Definition | Role/Function/Purpose | Example |
|---|---|---|---|
| Domains | A logical unit that organizes and isolates all other Configuration Items. Each Domain has independent configurations tailored to its needs. File transfers and global settings can be managed from the Primary Domain (the default operational instance), but additional Domains can be added for more separation and control. | Enable separation based on business needs, including organization, region, or responsibility. Domains can also be used to support development, test, and pre-production environments on top of the same IT infrastructure. | The primary Domain manages all Supply Chain department file transfers. The Suppliers_East Domain manages all suppliers file transfers in the east region. |
| Users | Administrative users who access the UDMG User Interface to configure, monitor, and manage file transfers. UDMG supports multiple authentication methods. | Responsible for maintaining UDMG system operations, setting up Pipelines, managing Accounts, and monitoring transfers. | Robi needs a User with the Pipeline Management Role to help him configure Pipelines and set up Accounts. |
| Accounts | Accounts represent the entity and configuration (e.g., login and authentication credentials) that enable your partners (such as customers, vendors, organizations, departments, internal/external users, or automated systems) to exchange files with you and your business ecosystem. Account access to MFT services is determined by the Account's associated Account Groups. | Main participants involved in the file transfer (sending or receiving) process. | Account_Supplier1, a parts supplier, needs an Account to exchange shipping files securely with you. |
| Account Groups | A grouping of Pipelines that are then associated with an Account to enable file transfers. Account Groups can be organized by similar permissions or transfer types, or based on the needs of a specific type of Account. | Connects Accounts to Pipelines and enables LDAP and Single Sign-On authentication for Accounts. | An Account Group MainAccounts_Input_Output holds two Pipelines that allow Accounts to upload files to one folder and download files from another. The Account Group is assigned to all manufacturing part supplier Accounts, including Account_Supplier1. The Account Group name aligns with one of your LDAP groups. |
| Endpoint | A specific transfer protocol or storage location used to send or receive files within the data transfer process. Configured with necessary protocol settings, authentication methods, and file paths to ensure the integrity and security of the file transfer. There are eight types of Endpoints: Local Filesystem, Local AS2 Server, Remote AS2 Server, Local FTP Server, Remote FTP(S) Server, Local HTTPS Server (WTC), Local SFTP Server, and Remote SFTP Server. | The Source and Destination points that make up a Pipeline for file transfers. | You create two Endpoints: a Local SFTP Server Endpoint named LocalSFTP_Server1 with port 2222, and a Local File System Endpoint named Local_FS1 with a root directory of /data. |
| Pipeline | A defined path, comprising a Source and Destination, to transfer files between two Endpoints. Pipelines allow for flexible, repeatable, and customizable configurations for transferring files across partners, platforms, and ecosystems. Accounts must be associated with Account Groups and thus Pipelines to send/receive files. | Defines the Source and Destination of a file transfer between you and your partners. | An MainAccounts_Input made up of LocalSFTP_Server1 and Local_FS1, as the Source and Destination, respectively. The Pipeline allows Account_Supplier1 to upload files to the /input virtual path. The Pipeline is associated with Account Group MainAccounts_Input_Output. |
| Credentials | Keys, passwords, and certificates stored in a credential vault. Credentials are created centrally and referenced throughout the configuration process to authenticate file transfers. | Required authentication component of most Configuration Items. | An SSH Host Private Key is associated with the Local SFTP Server Endpoint (LocalSFTP_Server1). An SSH Public Key is associated with the Account_Supplier1 Account for authentication with the Local SFTP Server Endpoint. |