Configuration Items
The core configurable entities used for file transfers in UDMG are referred to as Configuration Items.
Understanding UDMG's key concepts is essential in understanding how its core configuration items interact.
Put briefly,
- Accounts are created for the partners who want to exchange files with you. Accounts are assigned to Account Groups.
- Accounts initiate connections through Endpoints, which determine how files are processed or handled.
- Pipelines manage the flow of data between these Endpoints, enabling a flexible and reliable system for transferring files across your ecosystems.
- Credentials store cryptographic keys used to authenticate and enable secure communications.
- Administrative Users are responsible for configuring and monitoring file transfers through the UDMG Admin UI.
For detailed descriptions of all UDMG Configuration Items, see the table below:
| Name | Definition | Role/Function/Purpose | Example |
|---|---|---|---|
| Domains | A logical unit that organizes and isolates all other Configuration Items. Each Domain has independent configurations tailored to its needs. File transfers and global settings can be managed from the Primary Domain (the default operational instance), but additional Domains can be added for more separation and control. | Enable separation based on business needs, including organization, region, or responsibility. Domains can also be used to support development, test, and pre-production environments on top of the same IT infrastructure. | The Primary Domain manages all Supply Chain department file transfers. The Marketing Domain manages all Marketing and Sales departments' file transfers. |
| Users | Administrative users who access the UDMG User Interface to configure, monitor, and manage file transfers. UDMG supports multiple authentication methods. | Responsible for maintaining UDMG system operations, setting up Pipelines, managing Accounts, and monitoring transfers. | Robi needs a User with the Pipeline Management Role to help him configure Pipelines and set up Accounts. |
| Accounts | Accounts represent the entity and configuration (e.g., login and authentication credentials) that enable your partners (such as customers, vendors, organizations, departments, internal/external users, or automated systems) to exchange files with you and your business ecosystem. Account access to MFT services is determined by its associated Account Groups. | Main participants involved in the file transfer (sending or receiving) process. | 'MyBizPartner', a parts supplier, needs an Account to exchange shipping files securely with you. |
| Account Groups | A grouping of Pipelines that are then associated with an Account to enable file transfers. The Account Groups can be organized by similar permissions or transfer types, or based on the needs of a specific type of Account. | Connects Accounts to Pipelines and enables LDAP Authentication for Accounts. | An Account Group "Standard_Input_Output" holds two Pipelines that allow Accounts to upload files to one folder and download files from another. The Account Group is assigned to all manufacturing part supplier Accounts, including 'MyBizPartner.' The Account Group name aligns with one of your LDAP groups. |
| Endpoint | A specific transfer protocol or storage location used to send or receive files within the data transfer process. Configured with necessary protocol settings, authentication methods, and file paths to ensure the integrity and security of the file transfer. There are three types of Endpoints: Local SFTP Server, Local Filesystem, and Remote SFTP Server. | The Source and Destination points that make up a Pipeline for file transfers. | You create two Endpoints: a Local SFTP Server Endpoint named "EP_SFTPServer" with port 2222, and a Local File System Endpoint named "EP_FileSystem" with a root directory of /data. |
| Pipeline | A defined path, comprising a Source and Destination, to transfer files between two Endpoints. Pipelines allow for flexible, repeatable, and customizable configurations for transferring files across partners, platforms, and ecosystems. Accounts must be associated with Account Groups and thus Pipelines to send/receive files. | Defines the Source and Destination of a file transfer between you and your partners. | An "Input_Pipeline" made up of EP_SFTPServer and EP_FileSystem, as the Source and Destination, respectively. The Pipeline allows 'MyBizPartner' to upload files to the /input virtual path. The Pipeline is associated with Account Group 'Standard_Input_Output'. |
| Credentials | Keys, passwords, and certificates stored in a credential vault. Credentials are created centrally and referenced throughout the configuration process to authenticate file transfers. | Required authentication component of most Configuration Items. | An SSH Host Private Key is associated with the Local SFTP Server Endpoint (EP_SFTPServer). An SSH Public Key is associated with the 'MyBizPartner' Account for authentication with the Local SFTP Server Endpoint. |