Configuring Parameters in the Distributor Portal

Configuration parameters need to be populated with correct values to ensure the proper functioning of the connector. In order to populate the configuration parameters with the correct values, complete the following steps:

  1. Log in to the CloudBlue Connect Distributor Portal.
  2. Click Products in the main menu at the top of the page and then select AWS.
  3. Click Configuration.
  4. Assign the proper value to each required parameter.

In the table below you can see a description of the parameters.

Parameter ID Description
provisionServiceControlPolicies

Policy IDs which can be obtained by following the instructions provided in the AWS Management Console section. This value must be a string of IDs (separated by commas) of the AWS Service Control Policies.

Note: Please bear in mind that this feature will be available only for AWS Organizations with All Features enabled, as described in the AWS Management Console section.

awsApiMasterKey Provide the AWS Master API key which will be used in a production environment, which can be obtained by following the instructions provided in the AWS Management Console section.
awsApiMasterKey_TEST Provide the AWS Master API key which will be used in a test environment, which can be obtained by following the instructions provided in the AWS Management Console section.
awsApiMasterSecret

This value is the AWS API Master Secret to be used in a production environment, which can be obtained by following the instructions provided in the AWS Management Console section.

The AWS API Master secret must be encrypted by using the following public key:

Copy
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Npx7HWHvSkKqJzXDAAZ
dZiexBkmoIpk19jF7eFqizglJVDwwxCRKWXj8RpUPA5/lQh0bCObDiarVbi0DeQW
HeO/vMFWYIzCOk0sWx8QDsSWzwjotlYz1LTVufeu6KnK2jrikyGTneq9mLLam8KE
5tJ/WC5WQ/l8ry3qir1BGh9AVWVJNLRTioo6DlmN0yV2fMWEWZnLATog5kCPbVa7
U3rVsTMa1FQv7IpO6RTAdTf+zwI1NdNJkLbJOLj2GuevkUc2vWMFTqnRSzV962Te
rZ2SM/71TjiHby3ARxqNvUhFSWXu1RZxPBmuTn+EV4tycW0A1SEY4ilF5a5UtMOC
bwIDAQAB
-----END PUBLIC KEY-----

Note: The public key by itself cannot be used to decrypt the secret.

Please note that the version of the public key is "key_v1". This version has to be used when copying the value of the encrypted secret in the Connect configuration parameter as described below.

Use the following command to encrypt the AWS API Master secret with the provided public key:

echo -n $TOKEN_PLAIN_TEXT | openssl rsautl -encrypt -pubin -inkey pbkey.pem | base64

The resulting value is a base64 string which you must use along with the private/public key pair version to construct a string with the following format: keyVersion:APIMasterSecretEncryptedWithPublicKey

For example:

key_v2:MIIBIjANBgkqhkiG9wEs4QEFAAOCAQ8AMIIBCgKCAQEAv

Important:
- The output of the encryption command may generate the encrypted key with line breaks. Please note that the key must be entered in Connect without any line breaks or spaces. If it is pasted directly in Connect, the line breaks will be replaced by spaces. Please remove all the line breaks manually before pasting the key in Connect.

- Make sure that the encrypted secret is preceded by key_v2, as shown in the example.
- A ticket is required for the CloudBlue Operations team to activate the relevant Connect Marketplace ID in the AWS Consolidated processor configuration.

Finally, use the resulting string to configure the awsApiMasterSecret parameter.

awsApiMasterSecret_TEST

This value is the AWS API Master Secret to be used in a test environment, which can be obtained by following the instructions provided in the AWS Management Console section.

The AWS API Master secret must be encrypted by using the following public key:

Copy
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymqlUB2BmPXy+x3Ak78q
oRR+HMdZeDH/O0g7fSzMzraQYGEwHn7BSr55yXSRmqLy+hPgbg8iiD4UYHCLeGCf
fIE7N4EiBaaKMsHLvXxmaRWug8g1tx4ylWbCcuS0UZ97E6xmJYucpA5351D+oeI4
PHuMwcNL6xxqZT587+C0arvJkfAZmGVa+sYGs6rCT7Wnes3Ps02MyqbC+3CC71Vn
mktzru62WgFhQioJIzTkAHzuOmbjojMprIOKCSGjfD1BONIR2MSkAznIsmvMUTOj
/QDHL82r4EjQ3VUBFGqPcB8iQi3CK7ly3h+GvXwX8iYvzYO0OTMGnq0Qq1aLQbPZ
VQIDAQAB
-----END PUBLIC KEY-----

Note: The public key by itself cannot be used to decrypt the secret.

Please note that the version of the public key is "key_v1". This version has to be used when copying the value of the encrypted secret in the Connect configuration parameter as described below.

Use the following command to encrypt the AWS API Master secret with the provided public key:

echo -n $TOKEN_PLAIN_TEXT | openssl pkeyutl -encrypt -pubin -inkey public.pem | base64

The resulting value is a base64 string which you must use along with the private/public key pair version to construct a string with the following format: keyVersion:APIMasterSecretEncryptedWithPublicKey

For example:

key_v1:MIIBIjANBgkqhkiG9wEs4QEFAAOCAQ8AMIIBCgKCAQEAv

Important:
- The output of the encryption command may generate the encrypted key with line breaks. Please note that the key must be entered in Connect without any line breaks or spaces. If it is pasted directly in Connect, the line breaks will be replaced by spaces. Please remove all the line breaks manually before pasting the key in Connect.

- A ticket is required for the CloudBlue Operations team to activate the relevant Connect Marketplace ID in the AWS Consolidated processor configuration.

Finally, use the resulting string to configure the awsApiMasterSecret_TEST parameter.

awsMasterPayerId Provide the AWS Marketplace Master Payer ID to be used in a production environment, which can be obtained by following the instructions provided in the AWS Management Console section. The master Payer ID is the AWS account ID for the provider AWS account.
awsMasterPayerId_TEST Provide the AWS Marketplace Master Payer ID to be used in a test environment, which can be obtained by following the instructions provided in the AWS Management Console section.

Back to top


awsAthenaCurName

Note: Before configuring this parameter, it is necessary to follow the instructions provided in the Setting up Athena and Creating Cost Usage Reports in AWS section.

This parameter will be used in a production environment and allows you to specify the name of the Athena CUR (Cost and Usage Report). To configure this parameter, log in to the AWS Management Console and follow these steps:

  1. Type S3 in the search bar.

  2. Click the S3 bucket you created previously. For example:

  3. Find a folder whose name contains the report_path_prefix used when CUR was set up following AWS documentation. In this example, the folder is called cur/.

  4. Click the corresponding object.

  5. Click the Properties tab.

  6. Copy the Athena CUR name required to configure the awsAthenaCurName parameter in the Distributor Portal. The format must be as follows: report_path_prefix/report_name

    Please note that no slashes must be used at the beginning or at the end.

Back to top

awsAthenaCurName_TEST

Note: Before configuring this parameter, it is necessary to follow the instructions provided in the Setting up Athena and Creating Cost Usage Reports in AWS section.

This parameter will be used in a test environment and allows you to specify the name of the Athena CUR (Cost and Usage Report). To configure this parameter, follow the steps specified in the awsAthenaCurName parameter description.

awsS3Bucket

Note: Before configuring this parameter, it is necessary to follow the instructions provided in the Setting up Athena and Creating Cost Usage Reports in AWS section.

This parameter will be used in a production environment and allows you to specify the S3 URI. To configure this parameter, log in to the AWS Management Console and follow these steps:

  1. Type S3 in the search bar.

  2. Click the S3 bucket you created previously. For example:

  3. Click the object stored in the S3 bucket. For example:

  4. Copy the S3 URI required to configure the awsS3Bucket parameter in the Distributor Portal. For example:

Back to top

awsS3Bucket_TEST

Note: Before configuring this parameter, it is necessary to follow the instructions provided in the Setting up Athena and Creating Cost Usage Reports in AWS section.

This parameter will be used in a test environment and allows you to specify the S3 URI. To configure this parameter, follow the steps provided in the awsS3Bucket parameter description.

awsAthenaDatabaseName

Note: Before configuring this parameter, it is necessary to follow the instructions provided in the Setting up Athena and Creating Cost Usage Reports in AWS section.

This parameter will be used in a production environment and allows you to specify the Athena database name. To configure this parameter, log in to the AWS Management Console and follow these steps:

  1. Type Athena in the search bar.

  2. Click Data sources.

     

  3. Click the catalog name.

  4. Copy the name of the database required to configure the awsAthenaDatabaseName parameter in the Distributor Portal. To find the database name, follow these steps:
    1. Go to Amathon Athena > Query Editor.

    2. Click the ellipsis icon next to Partitioned and then click View properties.

    3. The database and table names are displayed.

awsAthenaDatabaseName_TEST

Note: Before configuring this parameter, it is necessary to follow the instructions provided in the Setting up Athena and Creating Cost Usage Reports in AWS section.

This parameter will be used in a test environment and allows you to specify the Athena database name. To configure this parameter, follow the steps provided in the awsAthenaDatabaseName parameter description.
awsAthenaTableName

Note: Before configuring this parameter, it is necessary to follow the instructions provided in the Setting up Athena and Creating Cost Usage Reports in AWS section.

This parameter will be used in a production environment and allows you to specify the Athena database table name. To configure this parameter, log in to the AWS Management Console and follow these steps:

  1. Type Athena in the search bar.

  2. Click Data sources.

  3. Click the catalog name.

  4. Copy the name of the database table required to configure the awsAthenaTableName parameter in the Distributor Portal.

Back to top

awsAthenaTableName_TEST

Note: Before configuring this parameter, it is necessary to follow the instructions provided in the Setting up Athena and Creating Cost Usage Reports in AWS section.

This parameter will be used in a test environment and allows you to specify the Athena database table name. To configure this parameter, follow the steps provided in the awsAthenaTableName parameter description.
awsAthenaRegion

Note: Before configuring this parameter, it is necessary to follow the instructions provided in the Setting up Athena and Creating Cost Usage Reports in AWS section

This parameter will be used in a production environment and allows you to specify the Athena region. You can find the corresponding Athena region in the AWS Management Console, but the default value will be "us-east-1":

awsAthenaRegion_TEST

Note: Before configuring this parameter, it is necessary to follow the instructions provided in the Setting up Athena and Creating Cost Usage Reports in AWS section.

This parameter will be used in a test environment and allows you to specify Athena region. You can find the corresponding Athena region in the AWS Management Console, but the default value will be "us-east-1":

Back to top

fxRate Exchange rate to convert USD to the currency of a specific marketplace (USD to local tender). For example: 0.72
customMarkup

This parameter allows you to specify the markup multiplier that will be applied to all the services except for Marketplace services. For example: if the original price is 10 and you apply a 1.2 markup multiplier, the final price will be 12.

customMarkupMarketplace This parameter allows you to specify the markup multiplier that will be only applied to the Marketplace services. For example: if the original price is 10 and you apply a 1.2 markup multiplier, the final price will be 12.
organizationalUnitEnabled This parameters allows you to specify if customer accounts will be created under a specific organizational unit. If this is the case, set this marketplace configuration parameter to Yes. For further information, refer to the FAQs section.
organizationalUnitId This parameter allows you to specify the ID of the Organizational Unit under which customer accounts will be created. For further information, refer to the FAQ section.

Back to top

catchAllDomain It allows you to provide the domain which will be used in a production environment to generate the email addresses for the new AWS accounts.
catchAllDomain_TEST It allows you to provide the domain which will be used in a test environment to generate the email addresses for the new AWS accounts.
activationTemplateId Configure this parameter with the following activation template ID: TL-312-367-194
importActivationTemplateId Configure this parameter with the following activation template ID: TL-403-813-629
transferActivationTemplateId Configure this parameter with the following activation template ID: TL-660-410-680
newActivationTemplateId Configure this parameter with the following activation template ID: TL-498-925-893
marketplaceCurrency Select the corresponding ISO 4217 code for the marketplace currency.
roundingMode This parameter is used to round the cost reported for customers from 10 to 2 digits. The rounding method selected in the drop-down menu will depend on the financial regulations for each country. The default and recommended value is ROUND_HALF_UP
awsAccountModel It allows you to select the default account model for your customers: Solution Provider Account Model (SPAM) or End Customer Account Model (ECAM). The Service Provider Account Model is the default model. When the ECAM model is selected, the AWS Account Email will be requested in the ordering process. Customers must then provide an email of their domain, which will be used to create the root user on the AWs account.
newECAMActivationTemplateId ID of the activation template for End Customer Account Model (ECAM) orders, which should include information on how to access the root user. Configure this parameter with the following activation template ID: TL-630-454-048
provideRootUserForECAM If this parameter is set to No, the default activation template will be used for End Customer Account Model (ECAM) orders, which means that no instructions will be provided on how to access the root user.
enableMultiplePayer

This parameter allows you to enable or disable the ability to transact with multiple consolidated payer accounts in a particular marketplace. If this parameter is set to No, the processor will use the configuration defined in the marketplace configuration parameters. However, if Yes is selected, resellers will be able to set a different configuration for each customer through a Tier Configuration Request. This can be done by clicking the Requires Attention button, which will be available in the Reseller Authorization tile in the UX1 panel for the reseller.

Note: If the Multiple Payer field in the TCR is set to No, the request will be auto-approved and the configuration defined in the marketplace configuration parameters will be used instead.

cancelationGracePeriod Number of days from the manual cancellation of a subscription in AWS until the approval of the cancellation order in Connect. For example: "60".
processor_approve_list

This parameter allows you to configure a list of asset Ids, order IDs or customer IDs for which a subscription cancellation or suspension request will be auto-approved offline. The IDs must be separated by commas as follows:

"AS-1111-1111-1111,PR-1111-1111-1111-001,TA-1111-1111-1111"

Note: Modifying the values of the TCR parameters once the asset request is approved will have an impact on usage.

CloudBlue, an Ingram Micro business, uses cookies to improve the usability of our site. By continuing to use this site and/or logging in you are accepting the use of these cookies. For more information, visit our Privacy Policy.