Application Config File
Configuring Secure Storage
For the purpose of this guide, a Simple vault type is used to securely store database information.
- Open the app-config.yaml file in a text editor. This file is normally found in the root directory of the AMT Java environment.
- find the secureStorage section.
- Configure the following Secure Storage settings:
- Set the value of vaultType to Simple.
- Set the value of vaultFilePath to the file location of the previously made Key Vault file, called secrets.txt.
- Continue to Defining the Application Database.
Defining an Application Database
The Application Database needs to be defined using the app-config.yaml file. By default, a PostgreSQL database is used, and this guide also assumes the use of a PostgreSQL database.
| Extra information |
|---|
| Visit this page for documentation about all database settings available in the config file. |
A dollar sign $ is used to denote the use of a key stored in the Key Vault file. The values for these keys were defined previously.
Follow the instructions below to add the Application Database:
- Open the app-config.yaml file in a text editor.
- Find the applicationDatabase section.
- Configure the following database settings:
- The Name of the database. warning This value must be exactly the same as the name of the PostgreSQL database.
- The Schema name of the database.
- Enter the previously
defined values of your choosing for the Username, Password,
and URL, prefixed by a dollar sign $. The values
are:
$applicationDatabaseUser
$applicationDatabasePassword
$applicationDatabaseURL
- Save the file.
An example of securely storing credentials:
| app-config.yaml | : username: $applicationDatabaseUser |
| secrets.txt | : applicationDatabaseUser=tom |
| secrets.txt (encrypted) | : applicationDatabaseUser=VNTyz/GCytvX0sm/gGnaq6DuTk8ZHkOPjey2PyNQtN7OanuXEg== |
This makes it possible for the application to access the application database. To access the Application, authentication for the administrator needs to be configured in the app-config.yaml file as well.
Access to Applications
The Control Center's configuration file must contain connection information to all applications available in the environment.
Configure the application server connection settings:
- Find the applications section in the Control Center's cc-config.yaml file.
- Add the name of the application under the applications section. warning The name of the application must equal the value of applicationName found in the Application's app-config.yaml file.
- Add the server name of the application as the host value.
- Add the port of the application as the gRPCPort value. warning The port of the
application must be equal to
the value of gRPCPort found in the Application's app-config.yaml file.
applications:
<application name>:
host: <server>
gRPCPort: <port>
- Save the file.
| Multiple applications can be added by making another entry with the application's name with host and gRPCPort values. |
|---|
Authentication
| This information is incomplete. |
|---|
- Find the authentication section in the app-config.yaml file.
- The server needs to be configured with the same ID used by the identity provider. Configure the following
settings:
authentication:
type: OIDC
settings:
issuerURL: https://login.microsoftonline.com/<Server ID Key>/v2.0
clientID: <Client ID Key> - Save the file.
The clientid needs to be provided with an ID used to authenticate and successfully access the server.
Configure the following settings for the client:
- Open the configuration.json file in a text editor.
- Configure the following settings:
"AuthenticationConfig": {
"issuer": https://login.microsoftonline.com/<ID key>/v2.0,
"redirectUri": http://localhost:4200/,
"clientId": "<ID key>",
"scope": "openid profile email offline_access",
"responseType": "code",
"claimUserName": "preferred_username"
} - Save the file.