4.1.3 Considering the method for managing authentication information corresponding to the commands to be executed
Consider the method for managing authentication information corresponding to the interface for the commands to be executed.
If connection processing in 4.1.2 Consideration according to connection-destination services and command execution environments and common environment variables are necessary, see the management methods in (1) and (2). If connection processing is not particularly necessary, see the management method in (3).
- Organization of this subsection
(1) Specifying environment variables during command execution
If the command uses environment variable information (for example, account information or access key information) to perform connection, consider the following management methods.
-
Registering information in the authentication definition
-
Setting the relevant environment variables in Common environment variable settings of the connection definition
With these management methods, environment variables are set and operated for every command that is executed.
(2) Specifying arguments for a command
To specify authentication information in arguments (for example, account information or access key information) to perform connection, consider the following management method.
-
Registering information in the authentication definition
-
Considering the following definition methods depending on the connection method of the cloud service
-
If the following is unnecessary when a command for connection is executed first:
Using Command line of Connection processing in the connection definition to set authentication information in the argument of the command
-
If it is always necessary to specify arguments for the command in the linkage processing:
Using each Command line item of the execution definition or monitoring definition to set authentication information in the argument of the command
-
(3) Performing operations by using the environment settings on the side of the command
On the command's authentication interface, if connection is possible even if you do not perform connection processing by specifying environment variables and argument as in (1) and (2), it is not necessary to define authentication definitions or connection definitions in JP1/AJS3 for Cloud Service Applications.
For example, if the management method exists on the side of the command as in the following, consider using it.
-
Using temporary authentication information
This is a method that assigns access permissions to command execution environments, such as virtual machines, by using the functions of the cloud service. If the management destinations of access permissions are unified on the side of the cloud service, it is advantageous as a method where the distributed management of authentication information is not necessary.
-
Using long-term authentication information
This is a method that sets authentication information on the execution-destination host of the linkage job in advance, for example, by using the setup processing of the command.