Account Settings

The account configuration is captured in the account Settings. Each Everyware Cloud service can expose configuration parameters that are scoped at the account level. For example, a Device Registry Service can expose the maximum number of devices that an account can accept or a Data Service can allow to configure a data retention parameter to control for how long data should be retained in the platform.

A account can review its settings in the Settings page.

Account Description

The Description tab contains useful information regarding the account configuration.

Deployment Info

The Deployment Info section contains the MQTT endpoints that are available for the account. Devices that need to connect to the platform have to use these endpoints.

Account Settings

The Account Settings tab contains the current service plan of the account. The service plan defines:

  • which services are enabled
  • the configuration of their behavior
  • the usage limits assigned to the account
13591359

To change the settings of a current account, you need to switch to current account in scope to the parent one and manage the account settings from the Settings Tab in the Child Account section.
For example, Everyware Cloud Administrators can review and adjust the settings of any top level account. An account administrator can review and adjust the settings of all its child accounts.

13581358

📘

When creating a new Account, review the default settings of the Everyware Cloud services to size appropriately the required functionalities.

Account Service

Controls the settings of the Account service which manages accounts and child accounts.

ParameterDefaultDescription
infiniteChildAccountsfalseIf true, the number of child accounts that can be created for the this account is unlimited.

If false, the maximum number of child accounts is limited by the maxNumberChildAccounts parameter.
maxNumberChildAccounts0Defines the maximum number of child accounts that can be created under this account.

Note: The number limits the overall number of child accounts in the account hierarchy descending from this account.

Certificate Service

Controls the settings of the Certificate service which manages the repository if the certificates used by several Everyware Cloud functionalities like for example Device Mutual Authentication, Device Massage Signing, etc.

ParameterDefaultDecription
infiniteChildCertificatesfalseIf true, the number of certificates that can be added to the repo for the account is unlimited.

If false, the maximum number of certificates in the repo for the account is limited by the maxNumberChildCertificates parameter.
maxNumberChildCertificates0Defines the maximum number of certificates that can added to the repo for this account.

Note: The number limits the overall number of certificates in the account hierarchy descending from this account.

Cluster Service

Controls the settings of the MQTT message service which manages the MQTT connections with the devices of this account.

ParameterDefaultDescription
portConnectionTcptrueAllow connections via plain TCP port.

Warning: plain TCP connection may be insecure. Consider disabling it if not needed.
portConnectionSsltrueAllow connections via the TLS port
portConnectionMutualAuthtrueAllow connections via the TLS port with mutual authentication

Credentials Service

Controls the settings of the Credential service which manages the user's lockout policy for this account. The lockout policy controls the platform behavior after repeated login failures due to wrong credentials.

ParameterDefaultDescription
lockoutPolicy.enabledtrueEnable the user lockout policy
lockoutPolicy.maxFailures3Number of consecutive login failures before the user gets locked. Valid if lockout policy is enabled.
lockoutPolicy.resetAfter3600The amount of time in seconds required after the last login failure to automatically reset the failure counter.
lockoutPolicy.lockDuration10800For a locked user, the amount of time in seconds required after the last login failure to automatically unlock the user.
pawwsord.minLengthThe minimum length of the passwords for this account. This value cannot be less than the system default value. If empty, system default value will be used.

System default vale may vary by Everyware Cloud instance. The system default length is 12.

Changing this won't affect existing passwords.

Device Connection Service

Controls the settings of the Device Connection service which manages the incoming device connection policy for this account.

ParameterDefaultDescription
deviceConnectionUserCouplingDefaultModeLOOSEDefines the policy fr the binding between the device and the user identity used to establish the connection with the platform.
LOOSE: no check
STRICT: check the device lastUserId and/or reservedUserId fields

Device Log Store Service

Controls the settings of the Log Store service which stores the device logs in the a back-end storage.

ParameterDefaultDescription
deviceLogStore.enabledtrueEnable the Log Store

Note: When false the service will not be available to none of the child accounts in the account hierarchy descending from this account.
storageTTL30Device logs retention period (in days)

See Logs Access for more details regarding the retention period.

Note: The number limits the overall retention period in the account hierarchy descending from this account.
storageByteLimit0Total storage usage per month
logIndexByDEVICE_TIMESTAMPDefines the timestamp used to index the log entries

See Logs Access for more details regarding the indexing.
logChannelFilterFiltering regex to filter device logs by channel. The 'LOG/' initial semantic channel part is already implied so must not be specified in the filtering regex.

Device Registry Service

Controls the settings of the Device Registry service which manages devices registered in the account.

ParameterDefaultDescription
infiniteChildDevicesfalseIf true, the number of device entries that can be registered for the account is unlimited.

If false, the maximum number of certificates registered for the account is limited by the maxNumberChildDevices parameter.
maxNumberChildDevices0Defines the maximum number of devices that can be registered for this account.

Note: The number limits the overall number of registered devices in the account hierarchy descending from this account.

Group Service

Controls the settings of the Group service which allows to group Kapua entities and have them as a target for access control.

ParameterDefaultDescription
infiniteChildGroupsfalseIf true, the number of device group entries that can be added for the account is unlimited.

If false, the maximum number of device group entries for the account is limited by the maxNumberChildGroups parameter.
maxNumberChildGroups0Defines the maximum number of device group entries that can be added to this account.

Note: The number limits the overall number of device group entries in the account hierarchy descending from this account.

Job Service

Controls the settings of the Job service which performs batch device management operations on a set of devices.

ParameterDefaultDescription
infiniteChildJobsfalseIf true, the number of job entries that can be added for the account is unlimited.

If false, the maximum number of job entries for the account is limited by the maxNumberChildJobs parameter.
maxNumberChildJobs0Defines the maximum number of job entries that can be added to this account.

Note: The number limits the overall number of job entries in the account hierarchy descending from this account.

Message Store Service

Controls the settings of the Message Store service which stores the device telemetry data in the a back-end storage.

ParameterDefaultDescription
messageStore.enabledtrueEnables the message store

Note: When false the service will not be available to none of the child accounts in the account hierarchy descending from this account.
dataTTL30Data retention period (in days)

See Data Access for more info regarding the retention period.

Note: The number limits the overall retention period in the account hierarchy descending from this account.
rxByteLimit0Total storage usage per month
dataIndexByDEVICE_TIMESTAMPDefines the timestamp used to index the data entries

See Data Access for more details regarding the indexing.

Provisioning Request Service

Controls the settings of the ProvisioningRequest service which manages provisioning requests.

ParameterDefaultDescription
infiniteChildProvisionRequestsfalseIf true, the number of provisioning request entries that can be added for the account is unlimited.

If false, the maximum number of provisioning request entries for the account is limited by the maxNumberChildProvisionRequests parameter.
maxNumberChildProvisionRequests0Defines the maximum number of provisioning requests entries that can be added to this account.

Note: The number limits the overall number of provisioning requests entries in the account hierarchy descending from this account.

Role Service

Controls the settings of the Role service which manages role definitions.

ParameterDefaultDescription
infiniteChildRolestrueIf true, the number of role entries that can be added for the account is unlimited.

If false, the maximum number of role entries for the account is limited by the maxNumberChildRoles parameter.
maxNumberChildRoles0Defines the maximum number of role entries that can be added to this account.

Note: The number limits the overall number of role entries in the account hierarchy descending from this account.

Route Service

Controls the settings of the Routes service which manages route definitions.

ParameterDefaultDescription
routeService.enabledtrueEnable the routes to external destinations.

Note: When false the service will not be available to none of the child accounts in the account hierarchy descending from this account.
infiniteChildRoutesfalseIf true, the number of route entries that can be added for the account is unlimited.

If false, the maximum number of route entries for the account is limited by the maxNumberChildRoutes parameter.
maxNumberChildRoutes0Defines the maximum number of route entries that can be added to this account.

Note: The number limits the overall number of route entries in the account hierarchy descending from this account.

Tag Service

Controls the settings of the Tag service which manages tag definitions.

ParameterDefaultDescription
infiniteChildTagsfalseIf true, the number of tag entries that can be added for the account is unlimited.

If false, the maximum number of tag entries for the account is limited by the maxNumberChildRoutes parameter.
maxNumberChildTags0Defines the maximum number of route entries that can be added to this account.

Note: The number limits the overall number of tag entries in the account hierarchy descending from this account.

User Service

Controls the settings of the User service which manages users under an account.

ParameterDefaultDescription
infiniteChildUsersfalseIf true, the number of user entries that can be added for the account is unlimited.

If false, the maximum number of user entries for the account is limited by the maxNumberChildRoutes parameter.
maxNumberChildUsers0Defines the maximum number of user entries that can be added to this account.

Note: The number limits the overall number of user entries in the account hierarchy descending from this account.

Remote Access Service

Controls the settings of the Vpn Connection service which manages remote access into devices.

ParameterDefaultDescription
infiniteChildVpnConnectionsfalseIf true, the number of concurrent remote connection entries that can be accepted by the account is unlimited.

If false, the maximum number of concurrent remote connection entries for the account is limited by the maxNumberVpnConnections parameter.
maxNumberVpnConnections0Defines the maximum number of concurrent remote connection entries that can be accepted by the account.

Note: The number limits the overall number of concurrent remote connection entries in the account hierarchy descending from this account.

CORS Filter

Check CORS Filter within the RESTful API guide for more details.