Configuration Items
The core configurable entities used for file transfers in UDMG are referred to as Configuration Items.
Understanding UDMG key concepts helps explain how its core Configuration Items interact.
Briefly,
- Domains logically separate and organize Configuration Items for different business units, environments, or administrative boundaries.
- Administrative Users configure, monitor, and manage UDMG through the UDMG Admin UI and UDMG REST API.
- Accounts are created for partners who want to exchange files with you.
- Account Groups connect Accounts to one or more Pipelines and define which transfer services Accounts can use.
- Credentials store passwords, cryptographic keys, and certificates used to authenticate and enable secure communications.
- Partners initiate connections through Endpoints, which determine how files are processed or handled.
- Pipelines manage the flow of data between Endpoints, enabling a flexible and reliable system for transferring files across your ecosystems.
- Tasks define optional automated actions that can run during or after transfer processing as part of a Pipeline Workflow. A Pipeline Workflow defines which Tasks run, which transfer lifecycle event triggers them, and the order in which they are executed.
The following table summarizes each Configuration Item and how it is used in UDMG:
| Name | Definition | Role/Function/Purpose | Example |
|---|---|---|---|
| Domains | A logical unit that organizes and isolates all other Configuration Items. Each Domain has independent configurations tailored to its needs. The Primary Domain is the default operational domain and provides access to global administration settings. Additional Domains can be added for more separation and control. | Enable separation based on business needs, including organization, region, or responsibility. Domains can also be used to support development, test, and pre-production environments on top of the same IT infrastructure. | The primary Domain manages all Supply Chain department file transfers. The Suppliers_East Domain manages all supplier file transfers in the east region. |
| Users | Administrative users who access the UDMG Admin UI and UDMG REST API to configure, monitor, and manage UDMG. | Responsible for maintaining UDMG system operations, setting up Pipelines, managing Accounts, and monitoring transfers. | Robi needs a User with the Pipeline Management Role to help him configure Pipelines and set up Accounts. |
| Accounts | Accounts represent the entity and configuration (e.g., login and authentication credentials) that enable your partners (such as customers, vendors, organizations, departments, internal/external users, or automated systems) to exchange files with you and your business ecosystem. Account access to MFT services is determined by the Account's associated Account Groups. | Main participants involved in the file transfer (sending or receiving) process. | Account_Supplier1, a parts supplier, needs an Account to exchange shipping files securely with you. |
| Account Groups | A grouping of Pipelines that are then associated with one or more Accounts to enable file transfers. Account Groups can be organized by similar permissions or transfer types, or based on the needs of a specific type of Account. | Connects Accounts to Pipelines and enables LDAP and Single Sign-On authentication for Accounts. | An Account Group MainAccounts_Input_Output holds two Pipelines that allow Accounts to upload files to one folder and download files from another. The Account Group is assigned to all manufacturing part supplier Accounts, including Account_Supplier1. The Account Group name aligns with one of your LDAP groups. |
| Endpoints | A specific transfer protocol or storage location used to send or receive files within the data transfer process. Endpoints are configured with the necessary protocol settings, authentication methods, and file paths to ensure secure and reliable transfers. | The source and destination points that make up a Pipeline for file transfers. | You create two Endpoints: a Local SFTP Server Endpoint named LocalSFTP_Server1 with port 2222, and a Local File System Endpoint named Local_FS1 with a root directory of /data. |
| Pipelines | A defined path, comprising a Source Endpoint and Destination Endpoint, to transfer files between two Endpoints. Pipelines allow for flexible, repeatable, and customizable configurations for transferring files across partners, platforms, and ecosystems. Accounts must be associated with Account Groups and thus Pipelines to send/receive files. | Defines the Source and Destination of a file transfer between you and your partners. | A Pipeline named MainAccounts_Input has LocalSFTP_Server1 as the Source Endpoint and Local_FS1 as the Destination Endpoint. The Pipeline allows Account_Supplier1 to upload files to the /input virtual path. The Pipeline is associated with Account Group MainAccounts_Input_Output. |
| Credentials | Keys, passwords, and certificates that are stored in a credential vault. Credentials are created centrally and referenced throughout the configuration process to authenticate file transfers. | Required authentication component of most Configuration Items. | An SSH Host Private Key is associated with the Local SFTP Server Endpoint (LocalSFTP_Server1). An SSH Public Key is associated with the Account_Supplier1 Account for authentication with the Local SFTP Server Endpoint. |
| Tasks | Reusable configurations that define optional automated actions performed during or after transfer processing. Tasks are assigned to Pipeline Workflows, which define the transfer lifecycle event that triggers each Task and the order in which Tasks are executed. | Automate transfer-related operations, such as executing system commands or publishing Universal Events to Universal Controller. | A Command Task runs a script on the UDMG Server host after a file is received. A Publish Event Task publishes a Universal Event to Universal Controller when a transfer fails. |