Using Amazon EC2 with IBM App Connect Enterprise

The Amazon Elastic Compute Cloud (Amazon EC2) is a web-based service that provides scalable computing capacity that allows businesses to run application programs in the Amazon Web Services (AWS) Cloud. IBM® App Connect Enterprise provides an Amazon EC2 Request node, which enables you to connect to Amazon EC2 and issue requests to perform actions on objects such as Amazon machine images, availability zones, instances, key pairs, launch templates, and security groups.

About this task

IBM App Connect Enterprise communicates synchronously with Amazon EC2 through the Amazon EC2 Request node, which is available on Windows, AIX, and Linux® systems.

You can use the Amazon EC2 Request node to connect to Amazon EC2 and perform actions on objects, such as:
Amazon Machine Images
Retrieve images
Availability zones
Retrieve availability zones
Instance types
Retrieve instance types
Instances
Retrieve, launch, start, stop, reboot, or terminate instances
Key pairs
Retrieve key pairs
Launch templates
Retrieve launch templates
Security groups
Retrieve security groups

For additional information about configuring the Amazon EC2 Request node, see Amazon EC2 Request node.

Procedure

  1. In the IBM App Connect Enterprise Toolkit, create a flow containing an Amazon EC2 Request node.
  2. Select the Amazon EC2 Request node in the flow to show the node properties in the editor.
  3. On the Basic tab, click Launch Connector Discovery.
    A panel is displayed in which you specify the name of the policy project and vault details to be used during connector discovery.
  4. Specify the details of the policy project and vault to be used during connector discovery:
    1. In the Policy Project field, specify the policy project that is used to store the policies that are created during connector discovery.
      Alternatively, you can create a new policy project by clicking New and then specifying the name of the new policy project. Then click Finish.
    2. Specify the vault to be used during connector discovery. By default, credentials that are used during connector discovery are stored in an external directory vault, which is an App Connect Enterprise vault that can be used by any integration server. Alternatively, you can store the credentials in an integration server vault, which is created in the integration server's work directory and can be used only by that specific integration server.
      To specify the vault to be used for storing the credentials, complete the steps in the Using the Connector Discovery wizard section of one of the following topics:
    3. In the Vault key field, enter the vault key that is used to access the credentials stored in the vault. The vault key must be at least 8 characters in length.
    4. Optional: By default, the specified vault location and vault key are saved as preferences in the Toolkit so that the values are preset when you launch Connector Discovery. If you do not want the preferences to be saved, deselect Save in vault preferences.
  5. Click Launch Discovery to start the Connector Discovery wizard for the Amazon EC2 connector.
    The Connector Discovery window is displayed. If existing Amazon EC2 connections (accounts) are available, a list of those connections is displayed. If there are no existing connections, the status of the Amazon EC2 connector is shown as Not connected.
    • If one or more Amazon EC2 connections (accounts) are available, complete the following steps:
      1. Select the connection (account) that you want to use by clicking on it.
      2. Click the required object type and then select the action that you want to perform on the object. For example, to retrieve instances from Amazon EC2, click Instances and then Retrieve instances.
    • If there are no existing connections (accounts), complete the following steps:
      1. Click the down-arrow to display the list of available object types.
      2. Click the required object type and then select the action that you want to perform on that object. For example, to retrieve instances from Amazon EC2, click Instances and then Retrieve instances.
      3. Click Connect.
        A window is displayed in which you enter the connection details for your Amazon EC2 account. Enter the following information:
        • Secret access key: The secret access key of your Amazon EC2 account. Get the secret access key from the Security Credentials page in the AWS Management Console.
        • Access key ID: The access key ID of your Amazon EC2 account. Get the access key ID from the Security Credentials page in the AWS Management Console.
        • Region: The region of your Amazon EC2 instance; for example, us-east-1.

        For more information about identifying these connection details, see How to use IBM App Connect with Amazon EC2 in the IBM App Connect Enterprise as a Service documentation.

      4. Click Connect.
  6. Set the required connector properties in the wizard.
    You can add conditions for the retrieval of the data, by clicking Add condition and then selecting the property that you want to filter on. For example, you can retrieve leads with a specified ID or email address. You can also set properties that specify the maximum number of records to retrieve and the action to be taken if that limit is exceeded.
  7. When you have finished specifying the properties in the Connector Discovery wizard, click Save.
    The credential used for connecting to Amazon EC2 is stored in the vault, and the other connection details are saved in the Amazon EC2 policy. The values of the properties that you set in the wizard are returned to the Amazon EC2 Request node in the IBM App Connect Enterprise Toolkit.
  8. When you have finished discovery and saved the property values, exit the Connector Discovery wizard by clicking the X in the upper-right corner of the window or by pressing Alt+F4.
  9. Return to editing the Amazon EC2 Request node in the IBM App Connect Enterprise Toolkit.
    The connector properties that were set in the Connector Discovery wizard (in step 6) are now visible on the Amazon EC2 Request node in the property editor. The Basic tab shows the values of the Action and Object properties that you set in the wizard. For example, if you selected Instances > Retrieve instances in the wizard, the following properties will be visible on the Basic tab of the node:
    • Action - RETRIEVEALL
    • Object - Instances

    The values of the Action and Object properties are displayed in read-only format. If you want to change these values, you can do so by clicking Launch Connector Discovery again and setting new values in the Connector Discovery wizard.

    The Schema base name property specifies the base name of the schema files that describe the format of the request and response messages sent and received from the Amazon EC2 connector. The schema base name is set automatically the first time you run discovery for the node, and it is based on the current flow name and node name. If you set this property manually before running discovery for the first time, the value that you set will be used. If you rename the schemas after discovery, you must edit this property so that it matches the schema base name used by the renamed schemas in the project. If you change this property after discovery, you must either rename the schema names to match or run discovery again.

    Depending on the action that was selected during discovery, the Connector Discovery wizard generates either a request schema and a response schema, or a response schema only. A request schema is generated only if the selected action and object require a request message. This request schema is used for validation of the request message. If the action was RETRIEVE or DELETE, only the response schema is returned by the connector.

    The generated schema files are added to the project and can be used by a Mapping node for transforming input or output data. The full filename of the schema is derived from the schema base name (such as gen/MyMessageFlow.Amazon_EC2_Request), suffixed with either response.schema.json or request.schema.json. You can open the schema by clicking Open request schema or Open response schema.

  10. Check that the property settings on the Amazon EC2 Request node are correct and then save the message flow.
  11. On the Connection tab of the Amazon EC2 Request node, the Policy property shows the name of the policy that contains the details of the security identity to be used for the connection. The policy has a type of Amazon EC2.
    For more information, see Amazon EC2 policy.
  12. Optional: Set the Timeout property on the Connection tab to specify the time (in seconds) that the node waits for Amazon EC2 to process the operation.
  13. The Filter tab of the Amazon EC2 Request node contains properties that control the way in which the message flow selects data. The initial values of these properties are taken from the property values that were set for the Amazon EC2 connector in the Connector Discovery wizard, including the filter options properties and any conditions that were specified (as described in step 6). If you subsequently return to the Connector Discovery wizard and change the values of any properties (by adding new conditions, for example) those updates are reflected in the properties set on the node.

    The Filter Options properties control which objects are to be operated upon when the Amazon EC2 Request node executes. The Filter Limit properties control the maximum number of items to be retrieved and the action to be taken if the limit is exceeded.

    You can modify the values by clicking Edit next to the value that you want to modify in the Filter Options section, and by changing the property values that have been set in the Filter Limit section.

    The property values can be either text values or ESQL or XPATH expressions that are resolved from the contents of the message passed to the Amazon EC2 Request node as it executes.

  14. On the Request tab, set the Data location property to specify the location in the incoming message tree that contains the object data to be created in Amazon EC2. This data forms the request that is sent from the Amazon EC2 Request node to the Amazon EC2 system.
  15. On the Result tab, set the Output data location property to specify the location in the output message tree that will contain the data of the record that is created in Amazon EC2.
  16. By default, request messages are validated against the request schema that was generated during connector discovery. You can turn off request validation or change the validation settings by using the Validation properties of the Amazon EC2 Request node.
  17. Save the message flow.