Establish and manage connections to your preferred cloud services and technologies, ensuring secure and efficient integration.
Connection Manager enhances Kyndryl Bridge Services capabilities by connecting to various external technology providers that interact with the platform in one single place. This process is part of the configuration steps required to start using any Kyndryl Bridge Service and Application. You can establish a new connection within minutes and centrally store credentials in a secure manner. After setting the connection type, a set of technology provider recommended Identity and Access Management (IAM) security policies need to be configured to enable the full potential value of Kyndryl Bridge Services and Applications.
Users with an Administrator role, which is the out-of-the-box role granted when the Kyndryl Bridge Services account is first created, can add the connections. Likewise, other users can also manage connections if the access policies they are part of have the correspondent permissions. To understand which roles and permissions are required, see Roles and permissions.
Establishing a cloud connection
The connections configuration is a one-time only process that needs to be done for each of the cloud technology providers that will benefit the use of any Kyndryl Bridge Service and Application. You can establish a connection for common services for the following cloud providers:
IBM Cloud
Microsoft Azure (CSP, EA, Application Insights, MPA, Subscription)
Google Cloud
AWS
Alibaba Cloud
VMware
vSphere
Demo Cloud
BYOD
Private Container Cluster
To register a connection
After creating your cloud account with certain policy permissions, you need to register a connection in Kyndryl Bridge. The credentials of your account are the ones that will be added on the connections page.
The configuration and credential details required will vary based on the selected cloud provider. Be sure to complete all fields on the page with the appropriate information. The following example outlines the onboarding process for an AWS connection.
Click the Global menu icon.
Click
Settings
and select
Service IAM
. The IAM page opens.
Select
Connections
from the left navigation bar. The Connections page opens.
Click
Add New
.
Select
Add Connection
. The Add Connection page opens.
Complete the following information to onboard your supported cloud connection:
Connection Name
: Enter the connection name of your choice.
Description
: Enter the description for the connection.
Technology Category
: Select Cloud Provider from the dropdown menu.
Connection Type
: Select the cloud connection from the dropdown menu.
Tags
: Select a tag from the dropdown menu.
If no access tags have been created, you can add them directly on this page. To learn more about Access Tags, visit Managing Access Tags.
Add the configuration details. Not all the details are required; it depends on the cloud provider selected.
Billing data toggle
: Toggle on if you are using this connection for billing data. If the billing data is enabled, complete the following information:
Cost and Usage Report Path
: Enter the cost and usage report path.
Account Number
: Enter the account number for which the bill is to be generated.
Account Number
: Enter the account number.
S3 Bucket
: Enter the S3 Bucket credential.
Additional Info
: Enter any additional info required.
Region
: Enter the ID of the region where the service will be accessed. In the context of setting up a Bridge Connection credential for AWS, the region refers to the AWS region that will be specified in all AWS APIs calls made through this connection. This setting ensures that the content returned by API calls is limited to the specified AWS region.
Advance
: Click the down arrow and complete the following information:
Delegated Access
: Enter the ARN.
External ID
: Enter the external ID.
Add the credential details. Not all the details are required; it depends on the cloud provider selected.
Access Key ID
: Enter the Access Key ID.
Secret Access Key
: Enter the secret access key.
Client ID
: Enter the client ID.
Secret
: Enter the secret ID or API key.
User
: Enter the username.
API Key
: Enter the API key.
Data Set
: Enter data set.
Service Key
: Enter the billing JSON key (in base 64).
Click
Test Connection
to test whether the credentials are valid. This is a crucial step prior to adding the connection. Typically, the connection fails because the credentials are incorrect or cannot display data due to a permission limitation.
Click
Add
. A “Success: [Connection Name] has been successfully added” alert is displayed. Additionally, the new connection can be viewed on the connections page. If the connection is not successful, a “Failed: [Connection Name] could not be added” alert with the reasons for failure is displayed. If all the information added is correct, and you are still encountering issues, create a support ticket.