Your Matillion ETL instance can be administrated through the Admin Menu found at the top-right of the page. Note that only administrators will be able to view and access this menu.
Selecting this option will give access to the following administrative tools:
- Download Server Log
- Matillion ETL Updates
- Security Configuration
- Restart Server
- Manage Backups
Download Server Log
Tomcat Catalina server logs of your Matillion ETL instance are available. Selecting the 'Download Server Log' option from the admin menu will download a 'catalina.out' file that contains the servlet's logs in plain text.
Server logs record only for a finite time and size so it is likely your download will contain only recent history. For this reason, if an error is encountered, it is recommended that users attempt to reproduce the error then immediately download the log file.
Matillion ETL Updates
Warning: The update process does NOT automatically back up your instance. It is STRONGLY recommended that you perform a backup before upgrading the instance. (This can also be performed manually.)
Selecting the 'Matillion ETL Updates' option from the Admin menu will open a new dialog box. You may check for software updates using the Check for Updates button. Available updates are listed in the console and the Update button will become available if these can be installed.
Selecting 'Update' will download any updated packages and apply them - once applied the server will be restarted, which will disconnect any users and abort any running tasks.
Note: Users can still manually update their Matillion ETL instance and amazon image using their EC2 console with:
sudo yum update
Or to update Matillion ETL only:
sudo yum update matillion*
Note: Controlling user access to the Matillion ETL instance comes in 2 forms; Internal and External.
Note: Passwords used here are given in Plaintext but are stored as SHA512 hashes. If you are manually editing a password either by manually editing the database or via the API, you must supply the desired password as a SHA512 hash. Plaintext passwords are never recoverable by any means.
The 'Internal' option uses an internal (instance-side) database of username, passwords and privileges. You can add remove and modify users in the Security Configuration section.
To change the user's password: select the padlock icon by the appropriate username.
To Remove a user: click the X icon by the appropriate username. A removed user is forced to log out and disconnect from the instance.
To add a user, click the + icon underneath the list of usernames; this will create a new 'Add User' dialog box. Enter a username and password for the user (required) and select any Roles they are allowed (optional).
The 'External' option is used for linking to an existing directory server (e.g. OpenLDAP (Lightweight Directory Access Protocol) or Microsoft Active Directory).
Note: Opting to use External Security will prevent logins using the existing users in Internal Security.
Completing the 'Set Realm Parameters' form will allow you to use LDAP to grant and prevent access to users on your Matillion ETL instance. Sample values below are for an Active Directory server running for the realm EXAMPLE.COM.
|Connection Name||The name of a user to make the initial bind to the directory.
For active directory, that will include a realm using the form "user@REALM"
|Connection Password||The password for the user to make the initial bind to the directory.|
|Encryption Key||A list of KMS keys that the user has access to that are used to encrypt connection passwords.|
The location of the directory server, using one of the forms below:
For non SSL - ldap://<hostname>
|User Base||The part of the directory tree to begin searching for users.
|User Search||The attribute to search for user names.
|Role Base||The part of the directory tree to begin searching for groups/roles - often the same place as users.
|Role Name||The name of the attribute containing the role name.
How to find all the roles for a user.
|METL Role Name||The role a user must be a member of to gain access to the Matillion ETL application.|
|METL Admin Role Name||The role a user must be a member of to gain access to the Matillion ETL administration page - this can be different to the METL Role Name but is not required to be.|
Once the configuration is Saved, you will need to restart the server to take effect - use the Restart Server button on the top-right of the screen.
Remove User: Any user that logs into this Matillion ETL instance is stored in the Access Control List and will persist there even after logging out. To remove a user from the ACL, use the X button beside that user's name. If currently logged in, the removed user will be forced to log out and disconnect from the instance.
Matillion ETL can listen for HTTP requests, HTTPS requests, or both, a choice made through the dropdown 'Select Protocol' menu. By default, Matillion listens only for HTTP requests (port 80).
This can be changed to HTTPS (port 443) or both by selecting the appropriate button. If SSL is enabled, you may optionally upload SSL certificates to allow clients to validate the identity of the server.
You may provide a certificate and key file using the Upload Certificates button once you have chosen the appropriate files. This is optional, but clients using HTTPS will get a certificate validation error until you provide valid certificates.
Pressing 'OK' saves any changes in this section but does not immediately apply it. For the changes to take effect, you must restart the server - this will disconnect any connected client sessions and abort any currently running jobs.
Allows admins to restart the Matillion ETL instance without going through the Amazon EC2 console.
Allows the user to test and schedule automatic backups of the instance. See Manage Backups for more...
While not yet available through the in-client Admin menu, Matillion ETL can be backed up easily from your GCP Console. See here for more...
The Audit Log shows a list of significant activity within a Matillion ETL Instance. Most actions by users are logged here in detail such that they are accountable for any changes made. See here for more information on the Audit feature.
Note that the Audit Log is an Enterprise-Only feature and so is only available on m4.large and m4.xlarge instances.