AMT Help Files
Home AMT Admin Advanced Configuration AMT Control Center Config File

AMT Control Center Config File

The YAML cc-config.yaml file is used to configure the AMT Control Center. Each key and setting found in this file is described below.

Base Configuration

Settings Description Accepted Values Examples
version The version of this configuration file. <version> version: v1
name The name of the AMT environment. <name> name: AMT Java
environment The description for this AMT environment. <description> environment: prod

Secure Storage

The settings for the Secure Storage provider, which relate to the database settings further down.

Settings Description Accepted Values Examples
vaultType The vault type used to secure credentials. It is possible to add multiple Secure Storage configurations and use them simultaneously.
  • Azure: Makes use of the Microsoft Azure Key Vault.
  • GCP: Makes use of the Secret Manager of the Google Cloud Platform.
  • HashiCorp: Makes use of the HashiCorp Vault.
  • Custom: Use any vault implementation of your choice.
  • Simple: This type of key vault makes use of a text file with encrypted credentials. Not recommended for use in production.
Azure
GCP
HashiCorp
Custom
Simple
vaultType: Azure
azureCredentialType (only for Microsoft Azure) Only used if 'vaultType' is set to 'Azure'. Set the Azure credential type. Environment
...
azureCredentialType: Environment
azureVaultName (only for Microsoft Azure) Only used if 'vaultType' is set to 'Azure'. Enter the name of the Azure vault. <key vault name> azureVaultName: app-keyvault
gcpProjectId (only for Google Cloud Platform) Only used if 'vaultType' is set to 'GCP'. Set the GCP vault ID. <GCP vault ID> gcpProjectId: vault-33
securePath (only for HashiCorp) Only used if 'vaultType' is set to 'HashiCorp'. Set this to the folder path containing the secrets for the HashiCorp Vault. <folder path> securePath: "C:\\AMT\HashiCorp"
engineVersion (only for HashiCorp)
Only used if 'vaultType' is set to 'HashiCorp'. '2' is the default value if the engine version is not specified. 1
2
engineVersion: 2
vaultClass (custom) Optional. Used when vaultType is set to "Custom" to use a custom impelementation. <vault class>
vaultFilePath Only used if 'vaultType' is set to 'Simple'. Set this to the file path of the file containing the credentials of the system database. Not recommended for use in production. Also see page: File: Key Vault. <folder path> vaultConfiguration:
  securePath: "C:\\AMT\SimpleVault\\cc-secrets.txt"

Authentication

In the sample config file, the client name is "rest" – this can be named anything, as long as it is unique when defining multiple clients.

Settings Description Available Options Examples
type The type of authentication used. OpenID Connect (OIDC) is the only available option. OIDC type: OIDC
issuerURL The URL of the OpenID provider. <provider url> issuerURL: https://login.microsoftonline.com/<ID>/v2.0
clientID The ID of the application registered at the OpenID provider to identify the application when authentication requests are made. <client ID> clientID: <client ID>
claimUserRoles Optional, but must be set when using OAuth. amt (default)
<user roles>
claimUserRoles: amt
claimRolesKey Must be set when claimUserRoles is set. <roles key> claimRolesKey: <key>

Control Center Node

Settings for the Control Center REST server.

Settings Description Accepted Values Examples
host The server address of the host of the Control Center. <ip address or server name> mode: SINGLE_NODE
restPort Set the REST port of the host. <port number> restPort: 9001
httpOnly If set to True, the system only uses the HTTP protocol for communication between nodes in the cluster. true
false
httpOnly: false

Control Center Managed AMT Applications

Add and configure the applications that the Control Center manages.

Settings Description Accepted Values Examples
<application name> The name of the application to be managed. <application name> CUSTOMER_MANAGEMENT
host The server address. <ip address or server name> host: 0.0.0.0
gRPCPort The server port number. <port number> gRPCPort: 9090
httpOnly If set to True, the system only uses the HTTP protocol for communication. Disables TLS if set to true. true
false
httpOnly: false

Database Configuration

The Database configuration section. First, the database kind needs to be defined. Use 'systemDatabase' for the Control Center and 'transactionDatabase' for Transactions.

All of the database settings can be stored in the key vault. A dollar sign $ prefixing a value denotes the use of a key stored in the key vault file.

Settings Description Accepted Values Examples
type Set the type of database. POSTGRES (default)
ORACLE
MSSQL
DB2
type: POSTGRES
name Enter the name of the System Database. <system database> name: CUSTOMER_MANAGEMENT
name: $systemDb name: $transactionDb
schema Enter the name of the Schema of the System Database. The Schema name must be exactly the same as the Database name. <system database schema> schema: CUSTOMER_MANAGEMENT
schema: $systemDbSchema schema: $transactionDbSchema
username Set the name of the user authorized to access the System Database. <username> username: amtuser
username: $appDbUser
password Set the Password of the user. <password> password: amtpassword
password: $appDbPassword
driverClassname Set the driver for the database.
  • For PostgreSQL: driverClassname: org.postgresql.Driver.
  • For Oracle: driverClassname: oracle.jdbc.driver.
  • For DB2: driverClassname: com.ibm.db2.jcc.DB2Driver.
org.postgresql.Driver
oracle.jdbc.driver
com.ibm.db2.jcc.DB2Driver
<custom>
driverClassname: org.postgresql.Driver
url Set the server database URL. This must be configured according to the type of database used:
  • For PostgreSQL: jdbc:postgresql://<Server>:<Port>/<Database>.
  • For Oracle: jdbc:oracle://<Server>:<Port>/<TNS>.
  • For DB2:
    jdbc:db2://<Server>:<Port>/amtsys
jdbc:postgresql://<Server>:<Port>/<Database>
jdbc:oracle://<Server>:<Port>/<TNS>
jdbc:db2://<Server>:<Port>/amtsys
url: jdbc:postgresql://<Server>:<Port>/<Database>
hibernateDialect Set the database dialect for the Hibernate framework.
  • For PostgreSQL: org.hibernate.dialect.PostgreSQLDialect
  • For DB2: org.hibernate.dialect.DB2Dialect.
org.hibernate.dialect.PostgreSQLDialect
org.hibernate.dialect.DB2Dialect
hibernateDialect: org.hibernate.dialect.PostgreSQLDialect
hibernateShowSql If set to true, this enables the logging of all the generated SQL statements to the console and a log file. true
false
hibernateShowSQL: false
connectionPoolSize The maximum number of onnections to the connection pool. <integer> connectionPoolSize: 200
lockTimeoutSeconds The number of seconds before a database is unlocked. <integer> lockTimeoutSeconds: 20
lockTimeoutReportsProgramsSeconds The number of seconds before a database is unlocked. If the lock is not released after the timeout, the report or program will retry several times. <integer> lockTimeoutReportsProgramsSeconds: 5
sqlCommandTimeout The number of seconds for a screen or report to wait for a SQL command to be performed. <integer> sqlCommandTimeout: 30
nlsLanguage (Oracle databases only) Set the language for an Oracle client connection. <language> nlsLanguage: AMERICAN

Sample File

---
####################################################################################################
#
# CONTROL-CENTER CONFIGURATION
# General Control-Center related configuration items.
#
####################################################################################################
version: v1
name: AMT Control Center Java Configuration Template
environment: DEV
####################################################################################################
#
# SECURE STORAGE
# Settings related to the secure storage provider. This ties into the database settings later on.
#
####################################################################################################
secureStorage:
  # Secure Storage can be configured in a couple of different ways.
  # See the Secure Storage Wiki page for more information.
  vaultType: Simple
  vaultConfiguration:
    vaultFilePath: C:/AMT/cc-secrets.txt
####################################################################################################
#
# AUTHENTICATION CONFIGURATION SECTION
# Settings related to the external authentication provider.
# Defaults are added for a simple KeyCloak setup, if another authentication provider is required,
# then you need to add the correct issuerURL & clientID.
#
####################################################################################################
authentication:
  type: OIDC
  clients:
    rest:
      settings:
        issuerURL: http://localhost:8080/realms/AMTRealm
        clientID: AMT
        #claimUserRoles: amt # "oauth". When using OAuth, claimRolesKey and rolemapping needs to be configured
          #claimRolesKey: # Key to roles in OAth token. For Azure e.g. it is "groups",
                          # where for keycloak it is "resource_access;AMT;roles", it is 3 layers deep, using ; separates the keys.
      #roleMapping:
      #role1: amt_role1
####################################################################################################
#
# SERVER CERTIFICATE CONFIGURATION
# Paths to the server key and certificate (file or classpath resource).
# If not set, the default key and certificate will be loaded from the classpath (/certs/server1.key and /certs/server1.pem)
#
####################################################################################################
serverCertificate:
  # Can be a file path or classpath resource.
####################################################################################################
#
# CONTROL-CENTER NODE
# Settings related to the Control-Center REST server.
#
####################################################################################################
node:
  host: 0.0.0.0
  restPort: 9001
  httpOnly: false # Will disable TLS if set to true.
####################################################################################################
#
# SUPPORTED APPLICATIONS
# Configure any application that the Control-Center will be managing.
#
####################################################################################################
applications:
  smoketest:
    host: localhost
    gRPCPort: 8080
    httpOnly: false # Will disable TLS if set to true.
####################################################################################################
#
# SYSTEM DATABASE CONFIGURATION
# Settings related to the system database. Values can be keys for the configured key vault
# from the Secure Storage section up above.
#
####################################################################################################
systemDatabase:
  type: POSTGRES
  settings:
    name: amtsystem
    schema: amtsystem
    username: amtsystem
    password: amtsystem
    driverClassname: org.postgresql.Driver
    url: jdbc:postgresql://localhost/amtsystem
    hibernateDialect: org.hibernate.dialect.PostgreSQLDialect
    # Uncomment these if you want to override the default values.
    #hibernateShowSql: false
    #connectionPoolSize: 200
    #lockTimeoutSeconds: 20
    #lockTimeoutReportsProgramsSeconds: 5
    #sqlCommandTimeout: 30
####################################################################################################
#
# TRANSACTION DATABASE CONFIGURATION (ENABLE & USE WHEN CONFIGURING A TRANSACTION DATABASE)
# Settings related to the transaction database. Values can be keys for the configured key vault
# from the Secure Storage section up above.
#
####################################################################################################
#transactionDatabase:
#  type: POSTGRES
#  settings:
#    name: amtsystransaction              <Create name>
#    schema: amtsystransaction            <Create schema>
#    username: amtsystransactionUser      <username from secrets file>
#    password: amtsystransactionPassword  <password from secrets file>
#    driverClassname: org.postgresql.Driver
#    url: jdbc:postgresql://localhost/amtsystransaction
#    hibernateDialect: org.hibernate.dialect.PostgreSQLDialect
#    # Uncomment these if you want to override the default values.
#    #hibernateShowSql: false
#    #connectionPoolSize: 200
#    #lockTimeoutSeconds: 20
#    #lockTimeoutReportsProgramsSeconds: 5
#    #sqlCommandTimeout: 30
...

Contents

 Go to top