This documentation supports the 19.11 version of BMC Digital Workplace Advanced.

To view the latest version, select the version from the Product Version menu.

AWS Marketplace connector

AWS Marketplace connector enables catalog administrators and internal service suppliers to create services for provisioning end users with EC2 instances imported from the AWS (Amazon Web Services) Cloud.

External account requirements

  • You must have an AWS Marketplace account registered in the AWS Cloud. See Create and activate AWS account in the Amazon documentation.
  • You must have permissions to use EC2 products in the IAM console. See IAM policies for Amazon EC2 in the Amazon documentation.

Configuration parameters for the AWS Marketplace connector

Before you can use the AWS Marketplace connector to import services, or in workflows, you must configure a connection as described in Configuring service connectors. The following table describes the parameters required to create a connection:

Parameter

Examples

Description

Access Key ID

AKIAIYXZYMKERDF32BQA

IAM user access key ID.

You can check this value from AWS Marketplace management console > IAM> Users > %USER_NAME% > Security Credentials.

Secret Access Key 7s0jvI5YIUMDTDCPosN2O/72UNHIIKlmq2zYuGzR

IAM user secret access key.

This value is accessible only when you create security credentials for a user, so save it immediately.

For information on managing access keys for IAM users, see  Managing access keys for IAM users in the Amazon documentation.

Region

(Optional)

eu-west-1

The region code used for API calls. For more details about available AWS Marketplace regions, see  Regions and availability zones in the Amazon documentation.

If a value is not provided, us-west-2 is used by default.

Catalog import capabilities

With the AWS Marketplace connector, you can import services from AWS Marketplace as services in BMC Digital Workplace Catalog. You must import AWS Marketplace catalog to the BMC Digital Workplace Catalog so that you can build workflows that include Launch EC2 action. 

Important

Before importing EC2 instances from the AWS Marketplace, create a custom service template with the Offering URL text field (see the Service profile screenshot). For more information, see Service type templates.

While importing an EC2 instance from the AWS Marketplace, configure the service to import the Offering URL value. Map the OfferingUrl value with the Offering URL field from the custom template. For more details about how to import the catalog, see Importing service catalog items.

Workflow actions available through the AWS Marketplace connector 

The following table provides an overview of all AWS Marketplace connector actions:

ActionDescriptionInput parametersPossible output

Create Aws Key Pair

Creates the public and private keys necessary for launching an EC2 instance.

For more details about key pairs, see Managing access keys for IAM users in the Amazon documentation.

Create AWS Key Pairs input parametersCreate AWS Key Pairs output parameters
Create Security GroupCreates a security group that can be associated with a EC2 instance.Create Security Group input parametersCreate Security Group output parameters
Launch EC2 Instances

Launches an existing EC2 instance in the AWS marketplace.

Note: To connect to a running EC2 instance, an SSH key pair is required. If you don't have permissions to use EC2 products, your request will fail. 

Launch EC2 input parametersLaunch EC2 output parameters
Get Connection Details

Retrieves the details of connected instances.

The output of this action can be passed to the input of the Send Aws Instance Creation Email.

Get Connection Details input parametersOutput

Best Practice

We strongly recommend that you set to required all questions in a questionnaire that is attached to a workflow that uses AWS Marketplace actions.

Default service actions

The AWS Marketplace connector provides the following Day 2 predefined service actions mapped with the Launch EC2 Instance action:

  • Start
  • Stop 
  • Terminate

Example: Workflow for a service that launches an EC2 instance in a new security group in the AWS Cloud 

Important

EC2 instances can be launched only when corresponding services are imported to BMC Digital Workplace Catalog from the AWS Cloud.

The Send Aws Instance Creation Email activity can be used only if the Microsoft Office 365 connector is configured.

The described workflow performs the following tasks in the AWS Cloud:

  1. Create Aws Key Pair: Creates the AWS key pair required for launching an AWS EC2 instance.
  2. Create Security Group: Creates a new security group in the AWS Cloud.
  3. Launch EC2 Instance: Associates the created AWS key pair and the security group with a previously imported EC2 instance, and launches this instance.
  4. Send Aws Instance Creation Email: Sends the output from the Launch EC2 activity to the input fields of the Send Aws Instance Creation Email, and sends an email to the defined recipient.   

Input and output parameters for actions

Create Aws Key Pair input parameters

Required

Parameter name

Data type

Example

Description

RequiredConnection IdStringConnection > AWS MarketplaceThe default Connection ID of this connector.
RequiredKey Name BaseStringProcess input > Text variable

The name of the AWS key pair required for launching an EC2 instance.

For the created process variable, add a text question.

OptionalRegionStringProcess input > Text variable

Identifier of an AWS Machine Image (AMI) necessary for launching a virtual server in the AWS Cloud.

The AMI ID is associated with a region in the AWS Marketplace. For the created process variable, add a dropdown question, and add a list of values with the Region and AMI ID mapping. See an example questionnaire for more details.

OptionalAmi IdStringProcess input > Text variable

Identifier of an AMI necessary for launching a virtual server in the AWS Cloud.

OptionalPublic KeyStringProcess input > Text variable

Value of the public key.

  • To generate a new public key, leave the value blank.
  • To import an existing public key, enter the value.
    For the created process variable, add a file attachment question.
    For more details about generating public keys, see What Is AWS CloudHSM? in the Amazon documentation.

Create Aws Key Pair output parameters

ParameterData typeDescription
Key FingerprintString

Key fingerprint automatically generated from the key pair.

For more details about fingerprints, see Verifying your Key Pair's Fingerprint in the Amazon documentation.

Key NameStringName of the AWS key pair.
Private Key MaterialString

Returned value of the private key.

In the example workflow described in this topic, this value is sent to the Private Key input parameter of the Send Aws Instance Creation Email activity.

Create Security Group input parameters

Before creating a security group in the AWS Cloud, review  What Is AWS CloudHSM?  in the Amazon documentation.

Required

Parameter name

Data type

Example

Description

RequiredConnection IdStringConnection > AWS MarketplaceThe default Connection ID of this connector.
RequiredSecurity Group NameStringProcess input > Text variable

Name of a security group in the AWS Cloud.

For the created process variable, add a text field question.

RequiredDescriptionStringProcess input > Text variable

Description of the security group rule in the AWS Cloud.

For the created process variable, add a text area question.

RequiredIp RangesStringProcess input > Text variable

Ip ranges of the security group that determines the traffic that can reach an EC2 instance.

For the created process variable, add a dropdown question with the list of IP values.

Add the following value for selection:

  • A single IP address
  • An IP address range in CIDR notation (for example, 203.0.113.5/32)
    If connecting from behind a firewall, you need the IP address range used by the client computers.
  • The name or ID of another security group in the same region.
  • To specify a security group in another AWS account (EC2-Classic only), prefix it with the account ID and a forward slash, for example, 111122223333/OtherSecurityGroup.
RequiredProtocolStringProcess input > Text variable

Protocol of the security group.

For the created process variable, add a dropdown question with the list of protocol values.

RequiredFrom PortStringProcess input > Text variable

Port value.

For the created process variable, add a dropdown question.

RequiredTo PortStringProcess input > Text variable

Port value.

For the created process variable, add a dropdown question.

OptionalRegionStringProcess input > Text variable

Region value.

For the created process variable, add a dropdown question.

OptionalAmi IdStringProcess input > Text variable

The AMI ID of the group.

For the created process variable, add a dropdown question.

Create Security Group output parameters

ParameterData typeExampleDescription
DescriptionStringSecurity group for connection of windows instancesDescription of the security group.
Group IdStringsg-5168462aAutomatically generated ID of the security group.
Group NameStringWindows_Security_GroupName of a security group in the AWS Marketplace.

Ip Permissions

Auto Construct

StringNot applicableNot applicable

Ip Permissions Egress

Auto Construct

StringNot applicableNot applicable
Owner IdStringNot applicableOwner of the security group.

Tags

Auto Construct

StringNot applicableTags automatically generated from the security group metadata.
Vpc IdStringvpc-586b156jIdentifier of the AWS Virtual Private Cloud.


Launch EC2 Instances input parameters 

Important

Before you can use the Launch EC2 activity in your workflows, you must have the following conditions met:

  • Import the required EC2 instances from the AWS Marketplace
  • The AWS Marketplace user must manually subscribe to the imported EC2 instances. For more information how to subscribe to a EC2 instance, see Managing Your AWS Marketplace Subscriptions in the Amazon documentation.

To find out required details of an EC2 instance, review the imported profile of a service. Follow the link in the Offering URL field, and find out the AMI ID and Instance Type.

Required

Parameter name

Data type

Example

Description

RequiredConnection IdStringConnection > AWS MarketplaceThe default Connection ID of this connector.
RequiredAmi IdStringProcess input > Text variable

Identifier of an AWS Machine Image (AMI).

It provides the information required to launch an virtual server in the AWS Cloud. See the example of AMI ID for the Ubuntu 16.04.3 LTS LAMP provisioned by aMi STACX service.

RequiredProduct IdStringProcess context variable > Service Request > External Service ID

Identifier of a external service in the AWS Marketplace.


RequiredRequested For Login NameStringProcess context variable > Requested For > Login NameUser name who requests an EC2 instance.
RequiredInstance TypeStringProcess input > Text variable

Type of EC2 instance in the AWS Marketplace.

For the process question based on the created variable, create a dropdown question for this process question.

Associate the input variable with the available instance types in the AWS Marketplace. See the example of instance types for the Ubuntu 16.04.3 LTS LAMP provisioned by aMi STACX service.

OptionalNumber Of InstancesStringProcess input > Integer variable

Number of instances to be launched.

For the created process variable, add a text field question.

OptionalRegionStringProcess input > Text variable

Identifier of an AMI necessary for launching a virtual server in the AWS Cloud.

The AMI ID is associated with a region in the AWS Marketplace. For the created process variable, add a dropdown question, and add a list of values with the Region and AMI ID mapping. See the example questionnaire for more details.

OptionalKey Pair NameString

Process input > Text variable

or

Create AWS Key Pair > Output > Key Name

Name of an AWS key pair existing in the AWS Cloud.
OptionalSecurity Group NameStringProcess input > Text variable

To use the default group, leave the value blank.

To use a group other than the default group, specify the name of an existing group.

Launch EC2 Instances output parameters 

ParameterData typeExampleDescription
Instance IdsArrayi-4a1c2fldIdentifiers of launched EC2 instances.
Key Pair NameStringami-edf3b1fs 2018-02-05 T09:26:04.619+0000Key pair name.
Private Key MaterialStringNot applicablePrivate key value.
Security Group nameStringWindows_Security_GroupName of the security group to which the EC2 instance belongs.

Get Connection Details input parameters 

Required

Parameter name

Data type

Example

Description

RequiredConnection IdStringConnection > AWS MarketplaceThe default Connection ID of this connector.
RequiredInstance IdsArrayi-4a1pwf5dIdentifiers of launched EC2 instances.
OptionalPrivate KeyStringNot applicableThe name of the AWS key pair required for launching an EC2 instance.

Reference screenshots

This section includes helpful screenshots about information referenced in this topic.

Custom service profile used for importing the AWS Marketplace instances 

EC2 Instance types in the AWS Marketpace 

The following screenshot shows a dropdown question builder with a list of Instance Type values:

AMI IDs and Regions in the AWS Marketpace 

The following screenshot shows a text question builder with a default AMI ID value:

The following screenshot shows a dropdown question builder with a list of Region values: 

Was this page helpful? Yes No Submitting... Thank you

Comments