Environments¶
Introduction¶
The Management Console Environments page allows organization administrators (members of a role with Admin permission) to set up environments within an organization to define and manage an integration project's lifecycle. You must set up at least one environment in order to create projects within Jitterbit Harmony.
Each integration project is deployed to a specific Harmony environment. Environments can be used to segregate different states of an integration project. For example, a common project lifecycle configuration might have three environments: Development, Test, and Production.
The access that users have in a specific environment depends on the combination of their organization role's permissions and its environment access:
- A role's permissions are defined by organization administrators on the Organizations page.
- A role is granted access to an environment as described under Manage Role Access to Environments later on this page.
In order to access an environment, all roles (even roles with Admin permission) must be granted access to an environment for most apps. This includes being able to access areas of Jitterbit Harmony applications that require an environment to be selected, and the ability to install agents in an environment. The exceptions are the EDI and Vinyl applications, which do not require any environment access levels to be granted to roles; access to these apps is governed by organization permissions alone.
When you're ready to move a project between environments, such as from Development to Test, you migrate the project. This can be done from within Cloud Studio (see Project Migration) or Design Studio (under File > Migrate Project).
Note
After making changes to an environment, you may need to log out and log back in to the Harmony Portal for those changes to take effect in other Harmony applications.
Access the Environments Page¶
Users are able to see or edit the Environments page depending on the combination of their organization role's permissions and its environment access:
- Members of a role with only Read permission whose role has been granted access to an environment can see information about the environment on the Environments page but are not able to edit it.
- Members of a role with Admin permission can see and use all actions for all environments on the Environments page (even if they have not been granted role access to the environment).
To access the Environments page, log in to the Jitterbit Harmony Portal, then use the Harmony Portal menu in the top left to go to Management Console > Environments:
Note
Make sure you are accessing the desired organization, which can be changed in the top navigation bar (see Changing the Selected Organization in Jitterbit Harmony Portal).
Manage Environments¶
Jitterbit Harmony organization administrators (members of a role with Admin permission) manage each environment and the Agent Groups associated with it. Members of a role with only Read permission whose role has been granted access to an environment can see information about the environment but are not able to add, edit, or remove environments.
View Environments¶
The top section of the Environments page contains a table that shows all the environments that you have access to within the selected organization:
The table displays information for each environment. These fields are configurable as explained in the next sections:
-
Environment: The name of the environment.
Tip
Hover over the environment name to reveal the environment ID.
-
Environment Class: The class of the environment for reporting purposes only.
-
Agent Group: The Agent Group associated with the environment. For more information, see Agents > Agent Groups.
-
App Runtime: This setting is deprecated and is no longer used.
-
URL Prefix: The environment's URL prefix, to be used with Custom, OData, and Proxy APIs created with API Manager.
-
Hit Limit: The maximum number of API hits per minute within the environment, for use with API Manager.
Other fields in the table contain automatically populated statistics about your environment, including counts of these items:
- Projects: The combined total number of Cloud Studio projects and Design Studio projects deployed in Jitterbit Harmony for the environment.
- Operations: The combined total number of Cloud Studio operations and Design Studio operations deployed in Jitterbit Harmony for the environment.
- Connections: The combined total number of Cloud Studio connections and Design Studio sources, targets, Jitterbit Connect Wizard, and connector wizard endpoints.
- Hosted Endpoints: The combined total number of Design Studio hosted HTTP endpoints and hosted web service endpoints.
- File Formats: The combined total number of Cloud Studio schema files and Design Studio file formats.
- Scripts: The combined total number of standalone Cloud Studio scripts (as a project component) and Design Studio scripts (as a project item).
To sort the table, click on any of the column headers.
To filter the table, use the search box to enter filter criteria in the syntax shown in the search box. For columns with names containing a space (such as "Agent Group"), remove all spaces when referencing their name (such as "AgentGroup"). See Search for Activities on the Activities page for additional examples of the search syntax.
Add Environments¶
At least one environment must be defined for each organization. You may be limited to the number of environments you can create based on your Jitterbit Harmony subscription plan. If you require additional environments, contact your Customer Success Manager.
To add an environment, click the Add New Environment button to open the Add Environment dialog:
-
Name: The name of the new environment (for example, Development, Test, or Production).
Note
These special characters are not allowed:
<
>
#
%
{
}
|
\
/
^
~
[
]
`
;
,
:
?
@
=
&
-
Organization Name: The currently selected organization. This cannot be changed from the Add Environment dialog. Instead, you can navigate to a different organization from the navigation bar along the top of the Harmony Portal (see Changing the Selected Organization in Jitterbit Harmony Portal).
-
URL Prefix: The environment's URL prefix, to be used with Custom, OData, and Proxy APIs created with API Manager. By default, the name of the environment is used. For more information, see API Service URL.
Whether you use the environment default or enter a custom name, the URL Prefix becomes an integral part of an API Manager API Service URL. The URL Prefix is limited to a maximum of 48 characters.
Note
These special characters are not allowed:
<
>
#
%
{
}
|
\
/
^
~
[
]
`
;
,
:
?
@
=
&
In addition, spaces are not allowed.
-
Associate Group: The Agent Group you want to use to service the new environment. Use the dropdown to select an Agent Group for the environment, choosing from either a Private Agent Group configured through the Agents Groups page (see Agents > Agent Groups) or one of the Jitterbit Cloud Agent Groups (available by default).
-
Associate App Runtime: This setting is deprecated and is no longer used.
-
Environment Class: The class of the new environment. Use the dropdown to select a class that best describes the environment. This field is for reporting purposes only and does not impact how an environment functions. By default, the Production environment class is selected.
-
Hit Limit: The maximum number of Custom API hits per minute within the new environment, for use with API Manager. If left blank, there is no limit to the number of API hits at the environment level and the limit of hits per minute defaults to the organization limit across all APIs in all environments (as stated in your Jitterbit license agreement). For additional information, see Rate Limiting at Profile Level in API Manager Security.
-
Description: A description of the new environment.
Edit Environments¶
To edit an environment after it is created, expand the Action dropdown on the far right:
Click Edit Environment to open the Edit Environment dialog:
-
Name: The name of the existing environment (for example, Development, Test, or Production).
Note
These special characters are not allowed:
<
>
#
%
{
}
|
\
/
^
~
[
]
`
;
,
:
?
@
=
&
-
URL Prefix: The environment's URL prefix, to be used with Custom, OData, and Proxy APIs created with API Manager. By default, the name of the environment is used. For more information, see API Service URL.
-
Environment Class: The class of the existing environment. Use the dropdown to select a class that best describes the environment. This field is for reporting purposes only and does not impact how an environment functions.
-
Hit Limit: The maximum number of Custom API hits per minute within the existing environment, for use with API Manager. If left blank, there is no limit to the number of API hits at the environment level and the limit of hits per minute defaults to the organization limit across all APIs in all environments (as stated in your Jitterbit license agreement). For additional information, see Rate Limiting at Profile Level in API Manager Security.
-
Description: A description of the existing environment.
Environment Actions¶
To change additional information about an environment after it is created, or to remove an environment, expand the Action dropdown on the far right:
- Edit Environment: Opens the Edit Environment dialog to change the Name, URL Prefix, Environment Class, Hit Limit, or Description (described above in Edit Environments).
- Associate Agent Group: Opens the Associate Group dialog to change the Agent Group associated with the environment (described above in Add Environments).
- Remove Environment: Deletes the environment from the organization.
- Associate App Runtime: This setting is deprecated and is no longer used.
Manage Role Access to Environments¶
Before granting role access to an environment, you must define the roles that can have access. The individual membership for those roles is defined at the organization level (see Managing Permissions, Roles, and Members on the Organizations page). After roles are defined, you can grant roles different levels of access to an environment.
Environment-level access levels are used in combination with organization permissions to further the ability of administrators to control what members of a specific role can do in a specific environment. For example, users in an entry-level developer role may have Read, Execute, and Write access in a development environment but only Read access in a test environment and no access in a production environment.
Access Levels¶
When granting a role access to an environment, you can select from one of four cascading environment access levels. View Logs is the lowest level of access, followed by Read, Execute, and then Write as the highest level of access. As you select a higher level of access, all lower access levels are automatically selected and cannot be cleared.
The access levels are independent and different from the organization permissions assigned to a role from the Organizations page. For example:
- A member of a role with Read permission at the organization level may still be able to make edits in an environment if Write access is granted to the role at the environment level.
- A member of a role with Admin permission at the organization level but who has only Read access at the environment level is not able to deploy, execute, or edit projects in that environment.
- A member of a role with Admin permission at the organization level but who has not been granted environment access is not able to access the environment at all.
The four environment access levels are described in the table below.
Note
Access as described below is provided only if the assigned organization role has Read or Admin permission. If the organization role has only Agent-Install, ApiConsumer, or App Developer permission, members of these roles do not have access to the pages or actions described here, despite the environment access levels being selected.
Tip
Environment access levels grant no additional access to the EDI and Vinyl applications; access to these apps is governed by organization permissions alone.
Environment Access Level | Access Level | Environment Access When Granted to a Role with Read or Admin Permission | Notes |
---|---|---|---|
View Logs | Lowest | Access to:
| View Logs is automatically selected if any other access level (Read, Execute, or Write) is selected. |
Read | Low | Access to:
| Read is automatically selected if Execute or Write access is selected. When this access level is selected, the View Logs access level is automatically selected and cannot be cleared. This access level is commonly used to limit access to projects deployed to critical environments, such as a production environment. When granted to a role with ApiConsumer permission, Read access provides access to the API Manager Portal page through a direct link. |
Execute | High | Access to perform these actions:
| Execute is automatically selected if Write access is selected. When this access level is selected, the View Logs and Read access levels are automatically selected and cannot be cleared. This access level is commonly used to limit access in test environments and is often granted to users who need to support an integration, as they may need to run operations and view operation logs. In organizations whose Harmony subscription has expired, this access level is effectively the same as the Read access level. |
Write | Highest | Access to and the ability to make edits and perform actions such as deploying (where applicable) on:
| When this access level is selected, the View Logs, Read, and Execute access levels are automatically selected and cannot be cleared. When granted to a role with Agent-Install permission, Write access provides the ability to install agents. In organizations whose Harmony subscription has expired, this access level is effectively the same as the Read access level. |
API Manager Portal¶
These additional criteria must be met before the API Manager Portal page is accessible:
- For each API whose documentation becomes accessible from the Portal page, an organization role that has been granted a minimum of Read access in an environment must be selected in the API configuration (see Step 3: Assign User Roles and Security Profiles in Custom API Configuration).
- The API documentation must have previously been generated and published through the Portal Manager page.
In addition to access through the API Manager application, the Portal page can be accessed by:
-
A direct link for API consumers who have both ApiConsumer permission in an organization and a minimum of Read access in an environment. To obtain the direct link, copy either the URL of the API Manager Portal page or the link to View API Documentation on the Portal Manager page.
-
An invitation from a Harmony organization administrator through the Management Console User Management page.
View and Edit Role Access to an Environment¶
On the bottom section of the Environments page, the Roles tab displays a table of all current roles that currently have access or have previously been granted access to the selected environment.
Note
If a role that had previously been granted access to an environment is deactivated or has been deleted from the organization (from the Organizations page), the role will not be displayed.
In the right column, you can see the environment access levels associated with each role:
To select or clear an access level, click the access level. A confirmation dialog is displayed.
A colored (blue) background with white letters indicates an access level is selected, while a gray background with black letters indicates an access level is not selected. It is not possible to remove a role from an environment unless the role is either deleted or deactivated from the organization (using the Organizations page). To clear a role of all access levels, click a role's View Logs access level to toggle off the selection. The role remains listed but does not have access.
The access levels available in an environment are described in detail above under Access Levels.
Grant a Role Access to an Environment¶
To grant an existing role access to the selected environment, click the Grant Role Access button. In the Grant Role Access dialog, use the dropdown to select the role, select the access levels, and click Save: