Using Amazon RDS with IBM App Connect Enterprise

Amazon Relational Database Service (RDS) is a managed SQL database by Amazon Web Services that you can use to set up, run, and scale a relational database on the AWS Cloud. It provides cost-efficient security, high availability and durability, resizable capacity for an industry-standard relational database, and manages common database administration tasks. IBM® App Connect Enterprise provides an Amazon RDS Request node, which you can use to connect to Amazon RDS and issue requests to perform actions on objects such as database clusters, database instances, database snapshots, exports, and tags.

1. In the IBM App Connect Enterprise Toolkit, create a flow containing a Amazon RDS Request node.
2. Select the Amazon RDS Request node in the flow to show the node properties in the editor.
3. On the Basic tab, click Launch Connector Discovery.
   A panel is displayed in which you specify the name of the policy project and vault details to be used during connector discovery.
4. Specify the details of the policy project and vault to be used during connector discovery:
   1. In the Policy Project field, specify the policy project that is used to store the policies that are created during connector discovery.
      Alternatively, you can create a new policy project by clicking New and then specifying the name of the new policy project. Then click Finish.
   2. Specify the vault to be used during connector discovery. By default, credentials that are used during connector discovery are stored in an external directory vault, which is an App Connect Enterprise vault that can be used by any integration server. Alternatively, you can store the credentials in an integration server vault, which is created in the integration server's work directory and can be used only by that specific integration server.
      To specify the vault to be used for storing the credentials, complete the steps in the Using the Connector Discovery wizard section of one of the following topics:

      • Configuring an external directory vault
      • Configuring an integration server vault
   3. In the Vault key field, enter the vault key that is used to access the credentials stored in the vault. The vault key must be at least 8 characters in length.
   4. Optional: By default, the specified vault location and vault key are saved as preferences in the Toolkit so that the values are preset when you launch Connector Discovery. If you do not want the preferences to be saved, deselect Save in vault preferences.
5. Click Launch Discovery to start the Connector Discovery wizard for the Amazon RDS connector.
   The Connector Discovery window is displayed. If existing Amazon RDS connections (accounts) are available, a list of those connections is displayed. If there are no existing connections, the status of the Amazon RDS connector is shown as Not connected.
   • If one or more Amazon RDS connections (accounts) are available, complete the following steps:
     1. Select the connection (account) that you want to use, by clicking on it.
     2. Click the required object type and then select the action that you want to perform on the object. For example, to retrieve database instances from Amazon RDS, click Database instances and then Retrieve database instances.
   • If there are no existing connections (accounts), complete the following steps:
     1. Click the required object type and then select the action that you want to perform on that object. For example, to retrieve database instances from Amazon RDS, click Database instances and then Retrieve database instances.
     2. Click Connect.
     3. Enter the required details for connecting to Amazon RDS:
        • Secret access key: The secret access key of your Amazon RDS account. Get the secret access key from the Security Credentials page in the AWS Management Console.
        • Access key ID: The access key ID of your Amazon RDS account. Get the access key ID from the Security Credentials page in the AWS Management Console.
        • Region: The region of your Amazon RDS instance, for example, us-east-1.

          You can find the value for the Region parameter at the end of the URL when you are logged in to the AWS Management Console (for example, https://us-east-2.console.aws.amazon.com/console/home?region=us-east-2#).

        For more information about obtaining the connection details, see How to use IBM App Connect with Amazon RDS in the IBM App Connect Enterprise as a Service documentation.

     4. Click Connect.
6. You can add conditions for the retrieval of the data, by clicking Add condition and then selecting the property that you want to filter. For example, select Database instance resource ID and then specify the ID of the database instance that you want to retrieve. You can also set properties that specify the maximum number of records to retrieve and the action to be taken if that limit is exceeded.
7. When you have finished specifying the properties in the Connector Discovery wizard, click Save.
   The credentials used for connecting to Amazon RDS are stored in the vault, and the other connection details are saved in the Amazon RDS policy. The values of the properties that you set in the wizard are returned to the Amazon RDS Request node in the IBM App Connect Enterprise Toolkit.
8. When you have finished discovery and saved the property values, exit the Connector Discovery wizard by clicking the X in the upper-right corner of the window or by pressing Alt+F4.
9. Return to editing the Amazon RDS Request node in the IBM App Connect Enterprise Toolkit.
   The connector properties that were set in the Connector Discovery wizard (in step 6) are now visible on the Amazon RDS Request node in the property editor. The Basic tab shows the values of the Action and Object properties that you set in the wizard. For example, if you selected Database instances > Retrieve database instances in the wizard, the following properties will be visible on the Basic tab of the node:

   • Action - RETRIEVEALL
   • Object - DatabaseInstance

   The values of the Action and Object properties are displayed in read-only format. If you want to change these values, you can do so by clicking Launch Connector Discovery again and setting new values in the Connector Discovery wizard.

   The Schema base name property specifies the base name of the schema files that describe the format of the request and response messages sent and received from the Amazon RDS connector. The schema base name is set automatically the first time you run discovery for the node, and it is based on the current flow name and node name. If you set this property manually before running discovery for the first time, the value that you set will be used. If you rename the schemas after discovery, you must edit this property so that it matches the schema base name used by the renamed schemas in the project. If you change this property after discovery, you must either rename the schema names to match or run discovery again.

   Depending on the action that was selected during discovery, the Connector Discovery wizard generates either a request schema and a response schema, or a response schema only. A request schema is generated only if the selected action and object require a request message. The generated request schema is used for validation of the request message. If the action was RETRIEVE or DELETE, only the response schema is returned by the connector.

   The generated schema files are added to the project and can be used by a Mapping node for transforming input or output data. The full filename of the schema is derived from the schema base name (such as gen/MyMessageFlow.AmazonRDS_Request), suffixed with either response.schema.json or request.schema.json. You can open the schema by clicking Open request schema or Open response schema.

10. Check that the property settings on the Amazon RDS Request node are correct and then save the message flow.
11. On the Connection tab of the Amazon RDS Request node, the Policy property shows the name of the policy that contains the details of the security identity to be used for the connection. The policy has a type of Amazon RDS. For more information, see Amazon RDS policy.
12. Optional: Set the Timeout property on the Connection tab to specify the time (in seconds) that the node waits for Amazon RDS to process the operation.
13. The Filter tab of the Amazon RDS Request node contains properties that control the way in which the message flow selects data. The initial values of these properties are taken from the property values that were set for the Amazon RDS connector in the Connector Discovery wizard, including the filter options properties and any conditions that were specified (as described in step 6). If you subsequently return to the Connector Discovery wizard and change the values of any properties (by adding new conditions, for example) those updates are reflected in the properties set on the node.

    The Filter Options properties control which objects are to be operated upon when the Amazon RDS Request node executes. The Filter Limit properties control the maximum number of items to be retrieved and the action to be taken if the limit is exceeded.

    You can modify the values by clicking Edit next to the value that you want to modify in the Filter Options section, and by changing the property values that have been set in the Filter Limit section.

    The property values can be either text values or ESQL or XPATH expressions that are resolved from the contents of the message passed to the Amazon RDS Request node as it executes.

14. On the Request tab, set the Data location property to specify the location in the incoming message tree that contains the object data to be created in Amazon RDS. This data forms the request that is sent from the Amazon RDS Request node to the Amazon RDS system.
15. On the Result tab, set the Output data location property to specify the location in the output message tree that will contain the data of the record that is created in Amazon RDS.
16. By default, request messages are validated against the request schema that was generated during connector discovery. You can turn off request validation or change the validation settings by using the Validation properties of the Amazon RDS Request node.
17. Save the message flow.