CAM Azure Stack utilizes Microsoft Azure services and resources to provide the ability to move documents and content and sync metadata between multiple Document Management Systems (DMS). CAM Content Mover and Data Sync (Content Sync) use Azure storage blobs as an intermediary place while moving content between the supported Document Management Systems.
...
Expand | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
Create a Resource Group
2. Click Create from the Resource groups toolbar. 3. Enter the following resource group details on the Create a Resource group page:
4. Click Review + Create to validate and create new resource groups. 5. Click Next: Tags > to navigate to the next screen. Please skip entering any tags as they aren’t required. 6. Click Review + Create to validate and create new Resource groups successfully. The Validation passed message is displayed if validation passes successfully.
|
Expand | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Deploying CAM Azure Stack to the Azure Subscription
5. Enter the following project details for your Azure deployment:
6. Click Review + Create - Validates and create the template if the validation passes as displayed in the following screen. 7. If the form is valid, then the message Validation passed will be displayed. Now, click the Create button to start the deployment process.
2. The deployment process takes a few minutes to complete. The resources are created one after the other.
3. Once the deployment is completed successfully, you can see the following screen.
Flexible Server from Single Server ConfigurationThese steps are used to convert a single server deployment to the flexible server as designated by Azure.
Update the server configuration within the CAM config yml file next.
Note: Single server username format is username@servername eg: abc@mysql-clientname-io Flexible Server FAQs
|
Expand | ||||
---|---|---|---|---|
| ||||
Initialize CAM Azure Stack Configuration
2. Click Outputs, from the template deployment page left panel. 3. The following screen is displayed. Copy the initializeFunctionUrl and paste it into your Internet browser’s URL address bar. 4. The initialization function process URL will respond with the initialization status in JSON format. A successful response looks like the following: 5. Display the bucketname. 6. Display the apiEndPointBaseUrl.
|
...
Expand | ||
---|---|---|
| ||
All resources created by CAM Azure Stack will be secured using the Azure standard security. Permission will only be granted to the CAM function apps and other CAM Azure Stack resources in the same resource group. No users, accounts, or external apps will be granted access by default except what the Azure subscription administrator has setup previously (inheritance rules). The details of permissions are as follows:
Except for the CAM Azure Stack function apps, none of the resources in the resource group will be accessed externally. For the MySQL Database, the option to “Allow access to Azure services” is enabled during the deployment process and all other IPs are restricted by default. Even though the function apps will be accessed externally, those will be accessed by CAM instance only. If you plan to restrict the function apps inbound IP’s, the Litera Customer Care team (support@litera.com) can provide the list of IPs that should be whitelisted based on your CAM instance Zone. The current list of IPs can be found at iManage . For additional security, the data container in the storage account will be encrypted using Microsoft-managed-keys encryption scope. After the template deployment, this encryption scope can be updated to use your managed keys or to use an encryption with a key in the managed HSM as explained in the following MS article (https://docs.microsoft.com/en-us/azure/storage/common/customer-managed-keys-configure-key-vault-hsm ). Managing Security of the Azure Client StackIn addition to the strong security provided by MS Azure, Litera strengthens data security by controlling and filtering access to even the virtual private clouds hosted by industry-leading cloud services such as MS Azure. While managing the Azure cloud, customers can also take precautions to detect and prevent suspicious activities. Litera helps you to track and monitor logs, audit system calls, and set up alerts for potential intrusions. Litera’s systems support the latest secure cypher suites, including TLS 1.2 and later protocols, AES256 encryption, and SHA2 signatures.
Communication in CAM is completely secure as it happens between the AWS and Azure clouds. By default, SSL is set to False in the templates. However, when you set SSL to True, it works only for some regions.
As part of our disaster recovery plan, Litera provides secure-tested backups. Data is backed up automatically and the backups are encrypted and stored securely. |
...
To Setup SSL on the MYSQL database, set the following on the appconfig.yml in Content Mover:
useSSL = True
requireSSL = True
...