# Cloud Profiles
SUMMARY
- Cloud profiles let you configure on-prem connections directly in Workato, rather than manually editing a local config file on the agent's system.
- Cloud profiles support databases, on-prem file systems, SAP, Apache Kafka, certain secrets management systems, and other systems.
- OPA versions starting from
2.15.0support cloud profiles. - When you create a new connection, Workato automatically propagates the configuration details to all agents in the on-prem group.
A single Workato on-prem agent (OPA) can connect to multiple on-prem applications. A cloud profile allows you to set up a connection directly in Workato. This option can be selected when creating a new on-prem group.
# Basics
# What's a cloud profile?
A cloud profile is a new way of setting connection for on-prem agent. Since OPA version 2.15.0 you can configure on-prem connections directly in Workato instead of editing local on-prem agent config file. This is a big simplification of the existing process as you no longer need a direct access to the machine where the agent is installed. Just make sure your agent is up and running.
When creating a connection you will see the input field called Connection type. It is a list of existing on-prem groups. For some of the cloud connectors there can be a default Cloud setting. Make sure you select on-prem group that supports cloud profiles so you can create a connection directly in Workato.
Below is an example of SQL Server connection when on-prem group with cloud profiles is selected. As you can see database connection properties can be set just like for a normal cloud connector.
SQL Server cloud profile connection
# What types of systems can I connect to?
Cloud profiles are supported by the following system types:
- Databases
- On-prem file systems
- SAP
- Java messaging service
- Apache Kafka
- Active Directory
- Command-line scripts
WARNING
Please note that configuring some additional settings like google secrets manager, azure key vault or more advanced settings is not yet supported by cloud profiles. If you want to use them please check connection profiles.
# How do I apply a new configuration?
When you create a new connection the details are automatically propagated to all agents in the specific on-prem group. It should happen almost immediately but in some cases it might take a while for an agent to get updated connection details.
# Database Cloud Profiles
Database cloud profiles provide the information your OPA uses to connect to a database.
All database connectors give you the option to connect through an on-prem agent. In the connection fields, select the desired on-prem group from the field labeled Connection type.
Once you select the on-prem group that allows cloud profile configuration you can set up the connection directly in Workato as for the regular cloud connector. Just fill in the required fields and click Connect.
Database connection using cloud profile
In this section, we'll cover:
# Profile Properties
Database cloud connection profiles can contain the following properties:
| Name | Type | Description | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| url/host | required | The host address of the database. For example, localhost.
Note: A url or host value must be provided to fully configure the connection profile.
| ||||||||||||
| port | required | The port of the database. If using the default port for a database type, this property may be omitted.
For example, PostgreSQL databases use port 5432 by default. If your PostgreSQL uses this port, you don't need to add a port property to the connection profile.
Default ports are listed in the Supported databases section. | ||||||||||||
| database | required | The name of the database. For example: sales
Note: This property may be omitted if the url property is provided.
| ||||||||||||
| username | required | The username of a database user that will be used to connect to the database. | ||||||||||||
| password | required | The password of the database user (username).
| ||||||||||||
| ssl | optional | Options for configuring SSL connections. SSL is supported for the following databases:
|
# Supported Databases
The following table contains information about the databases OPA currently supports.
| Database name | Default port |
|---|---|
| Amazon Redshift | 5439 |
| JDBC-compatible databases | |
| Microsoft SQL Server | 1433 |
| MySQL | 3306 |
| Oracle | 1521 |
| PostgreSQL | 5432 |
# On-prem Files Cloud Profile
Please refer to On-prem Files connector documentation.
# SAP Cloud Profile
There are two connection types that the SAP connector supports - Direct connections or Message Server connections.
SAP default ports
Our SAP connector uses these ports by default:
- Via SAP Message Server : 36xx (where xx is SAP system number)
- W/o SAP Message Server, e.g. direct call to SAP : 48xx (with SNC) and 33xx (w/o SNC)
Furthermore for HTTP(s) inbound communication (for example for consuming REST OData services, SOAP WebServices etc. provisioned from SAP) ports are per default 8000 (HTTP) and 44300 (HTTPs). If this ports have been setup on SAP in custom way, port numbers can be figured out in SAP by
- Go to the ICM Monitor ( SMICM ) transaction.
- Choose Goto Services to display the services configured in ICM and correlated ports.
If these ports differ from our defaults, please contact Workato support.
# SAP - Direct Connection
Below is the example of Direct connection type. Use this connection type if SAP system is directly exposed as an application server.
On-prem sap direct connection using cloud profile
| Parameter | Description | Click to expand image |
|---|---|---|
| Gateway host | Could be either DNS name or IP address. If present, this describes a direct connection to SAP host. Could be in the format xx.xx.xx.xx. This is the IP Address of the SAP application server you are connecting directly. This can be seen on the SAP Logon Pad which is used to login to your on-premise SAP Application server. |  |
| System number | Two digit SAP system number. It identifies the logical port on which the application server is listening for incoming requests. Commonly found from the TCP Port 33XX where XX is the system_number |  |
| Program ID | OPTIONAL. Only needed when IDOCs are used in recipes. This matches the program ID given to the RFC destination linked to Workato in Tcode SM59. This is defaulted to WORKATO if not supplied. |  |
| Client | The actual client number which is used for connecting to Workato. Use the same one you log into with your SAP Logon Pad. It's always a 3 digit integer. |  |
| Language | OPTIONAL. Represents the logon language. If the property is not provided, the user's or system's default language is used. Valid values are two-character ISO language codes or one-character SAP language codes. |  |
| User | SAP user provisioned for Workato. Using background user and disabling dialog properties are recommended. |  |
| Password | SAP user password. |  |
# SAP - Message Server Connection
Below is the example of Message server connection type. Use this connection type when SAP system is behind message server gateway.
On-prem sap message server connection using cloud profile
| Parameter | Description | Click to expand image |
|---|---|---|
| Message server host | Message Server host in the format of xx.xx.xx.xx. This is the IP Address of the Message Server you are connecting. |  |
| System ID | The system ID of the system the message server belongs to. See SAP Note 52959 in case of connection error. | |
| Logon group | (Optional) Logical group name of the application servers. Can be found in SAP Tcode SMLG |  |
| Program ID | OPTIONAL. Only needed when IDOCs are used in recipes. This matches the program ID given to the RFC destination linked to Workato in Tcode SM59. This is defaulted to WORKATO if not supplied. | |
| Client | The actual client number which is used for connecting to Workato. Use the same one you log into with your SAP Logon Pad. It's always a 3 digit integer. | |
| Language | OPTIONAL. Represents the logon language. If the property is not provided, the user's or system's default language is used. Valid values are two-character ISO language codes or one-character SAP language codes. | |
| User | SAP user provisioned for Workato. Using background user and disabling dialog properties are recommended. | |
| Password | SAP user password. | |
# JMS Cloud Profile
The following JMS providers are supported by the cloud profile on-prem agent:
- Amazon Simple Queue Service
- Apache ActiveMQ
- Azure Service Bus
# Amazon SQS
You need the following configuration properties when connecting to Amazon SQS:
On-prem cloud profile amazon
| Property name | Comment |
|---|---|
| region | Your Amazon API region, eg 'us-east-2' |
| accessKey | Your Amazon API access key |
| secretKey | Your Amazon API secret |
Note that you need to make sure your SQS queue is created before sending messages.
# Apache ActiveMQ
For connecting to a running ActiveMQ broker you only need to specify the broker URL:
On-prem cloud profile activemq
ActiveMQ broker cannot be embedded into the agent. Using any vm:// broker connections is not supported.
# Azure Service Bus
Azure Service Bus uses custom JMS provider. You will need the following configuration properties when connecting to Azure Service Bus:
On-prem cloud profile custom
| Property name | Comment |
|---|---|
| provider | Custom |
| class | org.apache.qpid.jms.JmsConnectionFactory |
| remoteURI | amqps://host-name.servicebus.windows.net |
| username | policy-name |
| password | primary-key |
Download jar files from here (opens new window) and extract it inside the lib_ext folder.
Add the classpath inside the config.yml file.
server:
classpath: lib_ext
# Apache Kafka Cloud Profile
Please refer to Apache Kafka connector documentation.
# Active Directory Cloud Profile
Please refer to Active Directory connector documentation.
# Command-line Scripts Cloud Profile
Please refer to On-prem Files connector documentation.
Last updated: 8/14/2023, 2:25:15 PM