Azure Connection Profiles

Defines the Azure Active Directory

Format: <company name>.onmicrosoft.com

Defines the Azure account subscription ID. The subscription ID can be retrieved from the Azure portal by selecting the Subscription menu

Defines the application ID in Azure that represents Control-M. It can be retrieved using the Azure portal.

Defines the username that connects to the Azure server

Defines the password of the username that connects to the Azure server

Determines whether to use a Batch account

Defines the batch account name

Defines the batch account primary access key, which can be retrieved from the Azure portal

Determines the Batch account location, as defined in the Batch account properties

Determines one of the following identity types to connect to Azure Batch Accounts:

• Managed Identity: Enables you to access other Azure AD-protected resources. The identity is managed by the Azure platform and does not require you to provide credentials within Control-M. Use this option if the Agent is installed on an Azure virtual machine that has an assigned Managed Identity with the required permissions.

  Managed Identity authentication is based on an Azure token that is valid, by default, for 24 hours. Token lifetime can be extended by Azure.

• Service Principal: An Azure service principal, also known as App Registration, is an identity created for use with applications, hosted services, and automated tools to access Azure resources. This access is restricted by the roles assigned to the service principal, which gives the Azure Administrator control over which resources can be accessed and at which level. Use this option if the Agent is installed on-premises or any other cloud vendor.

(Managed Identity) Determines whether the client ID for your Managed Identity is specified by the Managed Identity Client ID parameter.

Select this check box if you are using the Managed Identity authentication method and you have multiple Managed Identities defined on your Azure virtual machine.

(Managed Identity) Determines which client ID to use as the Managed Identity.

This parameter requires a value only if you have multiple Managed Identities defined on your Azure virtual machine and you selected the Specify Managed Identity Client ID check box.

If you have only one Managed Identity, it is detected automatically.

(Service Principal) Defines the Azure AD authentication endpoint base URL.

Example: https://login.microsoftonline.com

(Service Principal) Defines the Tenant ID in Azure AD.

Defines the application (service principal) ID of the registered application for the Azure Batch service.

The service principal must be for an Azure Batch account with a Contributor role.

(Service Principal) Defines the secret (password) associated with the Azure user and the application.

Defines the identifier for the Azure Batch account for login via Azure AD.

This identifier is a constant value set to https://batch.core.windows.net/

Defines the region ID associated with the Batch account in Azure Portal.

Defines the Azure account subscription ID.

The subscription ID can be retrieved from the Azure portal by selecting the Subscription menu.

Determines one of the following identity types to connect to Azure Functions:

• Managed Identity: Enables you to access other Azure AD-protected resources. The identity is managed by the Azure platform and does not require you to provide credentials within Control-M. Use this option if the Agent is installed on an Azure virtual machine that has an assigned Managed Identity with the required permissions.

  Managed Identity authentication is based on an Azure token that is valid, by default, for 24 hours. Token lifetime can be extended by Azure.

• Service Principal: An Azure service principal, also known as App Registration, is an identity created for use with applications, hosted services, and automated tools to access Azure resources. This access is restricted by the roles assigned to the service principal, which gives the Azure Administrator control over which resources can be accessed and at which level. Use this option if the Agent is installed on-premises or any other cloud vendor.

(Managed Identity) Determines whether the client ID for your Managed Identity is specified by the Managed Identity Client ID parameter.

Select this check box if you are using the Managed Identity authentication method and you have multiple Managed Identities defined on your Azure virtual machine.

(Managed Identity) Determines which client ID to use as the Managed Identity.

This parameter requires a value only if you have multiple Managed Identities defined on your Azure virtual machine and you selected the Specify Managed Identity Client ID check box.

If you have only one Managed Identity, it is detected automatically.

(Service Principal) Defines the Tenant ID in Azure AD.

Defines the application (service principal) ID of the registered application.

The service principal must be an Azure Functions workspace user with a Contributor or Owner role associated.

(Service Principal) Defines the secret (password) associated with the Azure user and the application.

(Service Principal) Defines the Azure AD authentication endpoint base URL.

Example: https://login.microsoftonline.com