Security-Related Parameters - InterSystems Cloud Manager Guide

Parameter	Meaning
SSHUser	Nonroot account with sudo access used by ICM for access to provisioned nodes. Root of SSHUser’s home directory can be specified using the Home field. Required value is provider-specific, as follows: AWS — As per AMI specification (usually "ec2-user" for Red Hat Enterprise Linux instances) vSphere — As per VM template Azure — At user's discretion GCP — At user's discretion
SSHPassword	Initial password for the user specified by SSHUser. Required for marketplace Docker images and deployments of type vSphere, Azure, and PreExisting. This is used only during provisiong, at the conclusion of which password logins are disabled.
SSHOnly	If True, ICM does not attempt SSH password logins during provisioning (providers PreExisting and vSphere only). Default: False.
SSHPublicKey	Public key of SSH public/private key pair; required for all deployments. For provider AWS, must be in SSH2 format, for example: ---- BEGIN SSH2 PUBLIC KEY --- AAAAB3NzaC1yc2EAAAABJQAAAQEAoa0 ---- BEGIN SSH2 PUBLIC KEY --- For other providers, must be in OpenSSH format, for example: ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAoa0
SSHPrivateKey	Private key of SSH public private key pair, required, in RSA format, for example: -----BEGIN RSA PRIVATE KEY----- MIIEogIBAAKCAQEAoa0ex+JKzC2Nka1 -----END RSA PRIVATE KEY-----
TLSKeyDir	Directory containing TLS keys used to establish secure connections to Docker, InterSystems Web Gateway, JDBC, and mirrored InterSystems IRIS databases, as follows: ca.pem cert.pem key.pem keycert.pem server-cert.pem server-key.pem keystore.p12 truststore.jks SSLConfig.properties
SSLConfig	Path to an SSL/TLS configuration file used to establish secure JDBC connections. Default: If this parameter is not provided, ICM looks for a configuration file in /TLSKeyDir/SSLConfig.Properties (see previous entry).