Pipelines
Pipelines in UDMG define a file transfer path between two Endpoints—a source and a destination. Pipelines provide the following features:
- Flexibility and Reusability: By defining a few standardized Endpoints, they can be configured in multiple ways through Pipeline-specific configurations. This means you don't have to build new Endpoints from scratch every time you have a new transfer scenario—you can mix and match existing components.
- Protocol Versatility: Supporting both server and client SFTP scenarios means UDMG can adapt to your partners' existing infrastructure rather than forcing them to change their setup. Whether you need to receive files, push them out, or pull them from remote systems, you can create a Pipeline type that fits.
- Scalable Organization: The hierarchical structure (Pipelines → Account Groups → Accounts) makes it easy to manage permissions and access at scale. You can set up Pipelines once and apply them to multiple Accounts, or create partner-specific variations as needed.
- Enforced Data Integrity: UDMG automatically validates Pipeline configurations to prevent file path conflicts that could cause data loss or overwrites, ensuring clean separation between transfer scenarios.
Pipeline Types
UDMG supports three Pipeline types, each with specialized configurations, to serve your different transfer and protocol needs.
| # | Source Endpoint | Destination Endpoint | Description | Triggered By |
|---|---|---|---|---|
| 1 | Local SFTP Server | Local Filesystem | Standard SFTP file transfer where UDMG acts as the server. | SFTP client (outside of UDMG and Admin UI). |
| 2 | Local Filesystem | Remote SFTP Server | Standard SFTP file transfer where UDMG acts as the client in a push scenario. | UDMG Transfers Scheduled API. Not assigned to an Account Group or Account. |
| 3 | Remote SFTP Server | Local Filesystem | Standard SFTP file transfer where UDMG acts as the client in a pull scenario. | UDMG Transfers Scheduled API. Not assigned to an Account Group or Account. |
See the individual Pipeline pages for specific Pipeline information and Endpoint-specific configuration options:
- UDMG acting as an SFTP server (Use Case #1)
- UDMG acting as an SFTP client (Use Case #2 and Use Case #3)
Configuration Structure
Each Pipeline consists of:
- Source Endpoint: where files are retrieved, originated, or come from. Selected from a list of all available Endpoints created.
- Destination Endpoint: where files are delivered to or being sent. Selected from a list of allowable Endpoints, which is based on the selected Source Endpoint and available Pipeline Types.
- Endpoint-specific Configuration (Pipeline Configuration): required and optional Endpoint-specific fields (i.e., file and folder permissions, virtual path). This allows you to reuse a minimal set of Endpoints in a variety of Pipeline scenarios, giving you flexibility without having to reconfigure the base Endpoint configuration multiple times.
Account Authentication
The Local SFTP Transfers Pipeline is integrated with the Account and Account Group model to control access:
In this scenario, UDMG acts as an SFTP server. Accounts connect to UDMG using SFTP credentials, and access is controlled by the Account Groups they belong to. Each Account Group is associated with one or more Pipelines, which define the available file transfer paths.
This integration ensures that:
- Only authenticated Accounts can initiate SFTP connections.
- Each Account can only access the Pipelines explicitly assigned through its Account Groups.
- Access control is enforced at the file transfer level without requiring external firewall or directory-based restrictions.
The other Pipeline types—Remote SFTP Transfers - Push (Local Filesystem to Remote SFTP Server) and Remote SFTP Transfers - Pull (Remote SFTP Server to Local Filesystem)—are not Account-based. The required authentication credentials are added directly to the Pipeline and are dictated by the authentication methods of the external SFTP server. These Pipelines operate independently of Account or Account Group assignments.
Pipeline Validation
UDMG enforces validation checks on Pipelines to ensure file paths don't conflict. The Pipeline validation checks occur on creation and then throughout the configuration process to ensure configuration integrity.
- When a Pipeline is created:
Checks for Source Endpoint + Destination Endpoint + Endpoint-specific Configuration + Virtual Path uniqueness. - When a Pipeline is associated with an Account Group:
Checks for Destination Endpoint + Virtual Path uniqueness across all Pipelines within an Account Group. - When an Account is associated with an Account Group:
Checks for Destination Endpoint + Virtual Path uniqueness across all Pipelines associated with an Account's Account Groups.
If a conflict is identified, then the Configuration Item is blocked from being created or associated, or a detailed error message is displayed.