Account Settings
The account configuration is captured in the account Settings. Each Everyware Cloud service can expose configuration parameters that are scoped at the account level. For example, a Device Registry Service can expose the maximum number of devices that an account can accept or a Data Service can allow to configure a data retention parameter to control for how long data should be retained in the platform.
A account can review its settings in the Settings page.
Account Description
The Description tab contains useful information regarding the account configuration.
Deployment Info
The Deployment Info section contains the MQTT endpoints that are available for the account. Devices that need to connect to the platform have to use these endpoints.
Account Settings
The Account Settings tab contains the current service plan of the account. The service plan defines:
- which services are enabled
- the configuration of their behavior
- the usage limits assigned to the account
To change the settings of a current account, you need to switch to current account in scope to the parent one and manage the account settings from the Settings Tab in the Child Account section.
For example, Everyware Cloud Administrators can review and adjust the settings of any top level account. An account administrator can review and adjust the settings of all its child accounts.
When creating a new Account, review the default settings of the Everyware Cloud services to size appropriately the required functionalities.
Account Service
Controls the settings of the Account service which manages accounts and child accounts.
| Parameter | Default | Description |
|---|---|---|
| infiniteChildAccounts | false | If true, the number of child accounts that can be created for the this account is unlimited. If false, the maximum number of child accounts is limited by the maxNumberChildAccounts parameter. |
| maxNumberChildAccounts | 0 | Defines the maximum number of child accounts that can be created under this account. Note: The number limits the overall number of child accounts in the account hierarchy descending from this account. |
Certificate Service
Controls the settings of the Certificate service which manages the repository if the certificates used by several Everyware Cloud functionalities like for example Device Mutual Authentication, Device Massage Signing, etc.
| Parameter | Default | Decription |
|---|---|---|
| infiniteChildCertificates | false | If true, the number of certificates that can be added to the repo for the account is unlimited. If false, the maximum number of certificates in the repo for the account is limited by the maxNumberChildCertificates parameter. |
| maxNumberChildCertificates | 0 | Defines the maximum number of certificates that can added to the repo for this account. Note: The number limits the overall number of certificates in the account hierarchy descending from this account. |
Cluster Service
Controls the settings of the MQTT message service which manages the MQTT connections with the devices of this account.
| Parameter | Default | Description |
|---|---|---|
| portConnectionTcp | true | Allow connections via plain TCP port. Warning: plain TCP connection may be insecure. Consider disabling it if not needed. |
| portConnectionSsl | true | Allow connections via the TLS port |
| portConnectionMutualAuth | true | Allow connections via the TLS port with mutual authentication |
Credentials Service
Controls the settings of the Credential service which manages the user's lockout policy for this account. The lockout policy controls the platform behavior after repeated login failures due to wrong credentials.
| Parameter | Default | Description |
|---|---|---|
| lockoutPolicy.enabled | true | Enable the user lockout policy |
| lockoutPolicy.maxFailures | 3 | Number of consecutive login failures before the user gets locked. Valid if lockout policy is enabled. |
| lockoutPolicy.resetAfter | 3600 | The amount of time in seconds required after the last login failure to automatically reset the failure counter. |
| lockoutPolicy.lockDuration | 10800 | For a locked user, the amount of time in seconds required after the last login failure to automatically unlock the user. |
| password.minLength | The minimum length of the passwords for this account. This value cannot be less than the system default value. If empty, system default value will be used. System default value may vary by Everyware Cloud instance. The system default length is 12. Changing this won't affect existing passwords. |
Device Connection Service
Controls the settings of the Device Connection service which manages the incoming device connection policy for this account.
| Parameter | Default | Description |
|---|---|---|
| deviceConnectionUserCouplingDefaultMode | LOOSE | Sets the user connection policy that will be assigned to the Device. Available values are LOOSE, STRICT. LOOSE allows the device to connect on behalf of any valid user except the reserved users currently assigned. With STRICT the platform registers the device user the first time the device connects, later the platform forces the device to always connect on behalf of the same user. Same as for the LOOSE case, the platform checks that the user of the first connection is not a reserved user. Note for the connection to succeed, device users must all have the required minimum permissions. |
Device Log Store Service
Controls the settings of the Log Store service which stores the device logs in the a back-end storage.
| Parameter | Default | Description |
|---|---|---|
| deviceLogStore.enabled | true | Enable the Log Store Note: When false the service will not be available to none of the child accounts in the account hierarchy descending from this account. |
| storageTTL | 30 | Device logs retention period (in days) See Logs Access for more details regarding the retention period. Note: The number limits the overall retention period in the account hierarchy descending from this account. |
| storageByteLimit | 0 | Total storage usage per month |
| logIndexBy | DEVICE_TIMESTAMP | Defines the timestamp used to index the log entries See Logs Access for more details regarding the indexing. |
| logChannelFilter | Filtering regex to filter device logs by channel. The 'LOG/' initial semantic channel part is already implied so must not be specified in the filtering regex. |
Device Registry Service
Controls the settings of the Device Registry service which manages devices registered in the account.
| Parameter | Default | Description |
|---|---|---|
| infiniteChildDevices | false | If true, the number of device entries that can be registered for the account is unlimited. If false, the maximum number of certificates registered for the account is limited by the maxNumberChildDevices parameter. |
| maxNumberChildDevices | 0 | Defines the maximum number of devices that can be registered for this account. Note: The number limits the overall number of registered devices in the account hierarchy descending from this account. |
Group Service
Controls the settings of the Group service which allows to group Kapua entities and have them as a target for access control.
| Parameter | Default | Description |
|---|---|---|
| infiniteChildGroups | false | If true, the number of device group entries that can be added for the account is unlimited. If false, the maximum number of device group entries for the account is limited by the maxNumberChildGroups parameter. |
| maxNumberChildGroups | 0 | Defines the maximum number of device group entries that can be added to this account. Note: The number limits the overall number of device group entries in the account hierarchy descending from this account. |
Job Service
Controls the settings of the Job service which performs batch device management operations on a set of devices.
| Parameter | Default | Description |
|---|---|---|
| infiniteChildJobs | false | If true, the number of job entries that can be added for the account is unlimited. If false, the maximum number of job entries for the account is limited by the maxNumberChildJobs parameter. |
| maxNumberChildJobs | 0 | Defines the maximum number of job entries that can be added to this account. Note: The number limits the overall number of job entries in the account hierarchy descending from this account. |
Message Store Service
Controls the settings of the Message Store service which stores the device telemetry data in the a back-end storage.
| Parameter | Default | Description |
|---|---|---|
| messageStore.enabled | true | Enables the message store Note: When false the service will not be available to none of the child accounts in the account hierarchy descending from this account. |
| dataTTL | 30 | Data retention period (in days) See Data Access for more info regarding the retention period. Note: The number limits the overall retention period in the account hierarchy descending from this account. |
| rxByteLimit | 0 | Total storage usage per month |
| dataIndexBy | DEVICE_TIMESTAMP | Defines the timestamp used to index the data entries See Data Access for more details regarding the indexing. |
Provisioning Request Service
Controls the settings of the ProvisioningRequest service which manages provisioning requests.
| Parameter | Default | Description |
|---|---|---|
| infiniteChildProvisionRequests | false | If true, the number of provisioning request entries that can be added for the account is unlimited. If false, the maximum number of provisioning request entries for the account is limited by the maxNumberChildProvisionRequests parameter. |
| maxNumberChildProvisionRequests | 0 | Defines the maximum number of provisioning requests entries that can be added to this account. Note: The number limits the overall number of provisioning requests entries in the account hierarchy descending from this account. |
Role Service
Controls the settings of the Role service which manages role definitions.
| Parameter | Default | Description |
|---|---|---|
| infiniteChildRoles | true | If true, the number of role entries that can be added for the account is unlimited. If false, the maximum number of role entries for the account is limited by the maxNumberChildRoles parameter. |
| maxNumberChildRoles | 0 | Defines the maximum number of role entries that can be added to this account. Note: The number limits the overall number of role entries in the account hierarchy descending from this account. |
Route Service
Controls the settings of the Routes service which manages route definitions.
| Parameter | Default | Description |
|---|---|---|
| routeService.enabled | true | Enable the routes to external destinations. Note: When false the service will not be available to none of the child accounts in the account hierarchy descending from this account. |
| infiniteChildRoutes | false | If true, the number of route entries that can be added for the account is unlimited. If false, the maximum number of route entries for the account is limited by the maxNumberChildRoutes parameter. |
| maxNumberChildRoutes | 0 | Defines the maximum number of route entries that can be added to this account. Note: The number limits the overall number of route entries in the account hierarchy descending from this account. |
Tag Service
Controls the settings of the Tag service which manages tag definitions.
| Parameter | Default | Description |
|---|---|---|
| infiniteChildTags | false | If true, the number of tag entries that can be added for the account is unlimited. If false, the maximum number of tag entries for the account is limited by the maxNumberChildRoutes parameter. |
| maxNumberChildTags | 0 | Defines the maximum number of route entries that can be added to this account. Note: The number limits the overall number of tag entries in the account hierarchy descending from this account. |
User Service
Controls the settings of the User service which manages users under an account.
| Parameter | Default | Description |
|---|---|---|
| infiniteChildUsers | false | If true, the number of user entries that can be added for the account is unlimited. If false, the maximum number of user entries for the account is limited by the maxNumberChildRoutes parameter. |
| maxNumberChildUsers | 0 | Defines the maximum number of user entries that can be added to this account. Note: The number limits the overall number of user entries in the account hierarchy descending from this account. |
Remote Access Service
Controls the settings of the Vpn Connection service which manages remote access into devices.
| Parameter | Default | Description |
|---|---|---|
| infiniteChildVpnConnections | false | If true, the number of concurrent remote connection entries that can be accepted by the account is unlimited. If false, the maximum number of concurrent remote connection entries for the account is limited by the maxNumberVpnConnections parameter. |
| maxNumberVpnConnections | 0 | Defines the maximum number of concurrent remote connection entries that can be accepted by the account. Note: The number limits the overall number of concurrent remote connection entries in the account hierarchy descending from this account. |
CORS Filter
Check CORS Filter within the RESTful API guide for more details.
Updated 4 months ago