System Configuration

PreviousSystem Logs & Tools NextRepository

Last updated 3 months ago

System Configuration

Use the system configuration page to configure how AppControl interacts with your Mendix hosting environments, and to configure which features are available to users.

The following are the hosting platform currently supported by AppControl:

Mendix Cloud
Mendix Cloud Dedicated

The following are the app repositories currently supported by AppControl:

Mendix Team Server (SVN)
Mendix Team Server (GIT)

If adding multiple hosting platforms, make sure that the credentials you use for each hosting platform do not have access to the same apps. This can cause unpredictable behaviour in the user interface as the app will appear to move between hosting platforms.

If your organization uses Bring Your Own IdP and enforces the use of 2FA, you must change the authentication type used by each detected app repository to be 'Personal Access Token' otherwise authentication will fail.

Hosting Platforms

The hosting platforms tab provides an overview of all hosting platforms currently configured in the AppControl. Use this overview to manage the hosting platforms that AppControl should manage.

For each hosting platform added, AppControl will poll the platform every 5 minutes using the credentials provided. It will download the list of apps that the provided credentials have access to, and update the list of and current status of the environments for each app.

When adding Mendix Cloud platforms use the following information:

Mendix Platform User: The user that AppControl should use to access apps in the Mendix platform. For information on how to create this user see .
Mendix Platform Password (optional): The password for the Mendix platform user that you provided. Note: If you do not provide a password, all build and deploy features will fail to work. Additionally, if your organization does use PAT for authentication to the Mendix Team Server you must provide a password.
API Key: The API key for the Mendix Platform user you provided.
Personal Access Token (PAT): The PAT for the Mendix Platform user you provided.

Repositories

The repositories tab provides an overview of all app repositories currently configured in the AppControl. App repositories are detected automatically if you are using the Mendix Cloud. App repositories are used my AppControl to download and scan your Mendix app project files.

App repositories are automatically detected each configured Mendix Cloud hosting platform. The only thing you will need to configure yourself is the type of authentication to use:

Username & Password: This is the default. The Mendix Platform user and password you configured in the hosting platform will be used to access the repository.
Personal Access Token: Select this if your organization uses Bring Your Own IdP and enforces 2FA. PAT will be used by AppControl to access the repository.

Apps

The apps tab shows you an overview of all apps that have been detected by AppControl. From this overview you can turn ON and OFF various features. Note: These features need to be enabled first from the 'Feature Settings' tab before turning them ON or OFF has any effect:

Release Management. Enable pipeline management and configuration management for this app.
Policy Management. Enable policy checking for this app.
Alert Management. Enable remote alert management for this app (will create remote webhooks for receiving hosting alerts).
Log Management. Enable analysis of access and app logs (Insights).
Enabled? Will turn ON or OFF all features for this app. When disbabled the app will no longer appear in AppControl, even if AppControl has access to the app.
Deleted? If TRUE, this app was previosuly detected by AppControl but it no longer has access to it.

To be able to perform each feature, AppControl needs specific rights to your app hosting platform. (See information about adding a hosting platform on this page) Use the 'verify app' button to check to see if AppControl has sufficient rights to perform all features.

Environments

The environment tab shows you an overview of all the environments that have been detected by AppControl, and the current technical status of the environment (If it is running, and if the deployed model has been processed and checked by AppControl). From this overview you can turn ON and OFF various features at an environment level. Note: These features need to be enabled first from the 'Feature Settings' tab before turning them ON or OFF has any effect:

Release Management. Enable pipeline management and configuration management for this app.
Policy Management. Enable policy checking for this app.
Alert Management. Enable remote alert management for this app (will create remote webhooks for receiving hosting alerts).
Log Management. Enable analysis of access and app logs (Insights).

For each environment the 'Revision Status' is displayed. This shows you whether or not AppControl has scanned and analyzed the revision deployed to the environment. The possible statuses are:

Not Processed. A newly deployed revision has been detected for this environment, but it has not yet been procssed.
Processing Model. The model for this environment is currrently being processed.
Model Processed. The model for this environment has been processed. After processing thee model, information about used components, widgets, Java Libraries, and other technical information is available to the system.
Checking Revision. The revision is currently being checked for compliance with your policies.
Revision Checked. The revision has been checked for compliance with your policies. Policy results are now available in the Policy Dashboard.
Queued for Processing. The model deployed to this environment is queued for processing.
Queued for Checking. The revision is currently queued to be checked for compliance with your policies.
Processing Failed. The system failed to process your model. You can attempt to process the model again from the 'Revisions' tab in the App page. You can check the logs for dettails as to why the processing failed.
Check Failed. The system failed to check the policy compliance of your revision. You can attempt to check the revision again from the 'Revisions' tab in the App page. You can check the logs for dettails as to why the policy check failed.

Note: If AppControl detects that it has insufficient rights to perform the actions needed for a given feature, it will automatically disable the feature for the environment that it doesn't have access to. This is the reason you may see that certain environments have features disabled.

Feature Settings

This tab enables you to turn ON and OFF the various features in AppControl. Depending on the governance needs of your organization you may wish to turn certain features ON or OFF. Additionally, it is possible to customize ceratin features so that they meet your governance needs.

Release Management. Use this to enable the use of pipelines and releases.
- Group admins can manage pipelines. When enabled, users with the Group Administrator role that are assigned as the admin of an App Group can create group and app pipelines for apps in their group.
- App admins can manage pipelines. When enabled, users with the App Administrator role can create app pipelines for apps where they are asigned the App Administrator role.
Policy Management. Use this to enable the use of policy and automated policy checking. When turned on AppControl will automatically check each deployed revision for compliance with your policies. When turned off policies will not be checked.
Alert Management. Use this to enable remote alerting (receiving alerts from your hosting platform). When you turn it on remote webhooks will be configured on your hosting platform to send alerts to AppControl. When you turn it off, the webhooks will be disabled.
Log Management. Use this to enable the automated analysis of access logs and app logs. When you turn it on, a scheduled event will download logs for each app environment and analyze them daily. When you turn it off, log analysis will no longer be performed.
- Deployment type. Choose Mendix Public Cloud or Mendix Cloud Dedicated depending on where you have deployed AppControl.
- Application URL. The URL to your AppControl instance.
- App ID. The App ID of your AppControl app in the Mendix Cloud.
- Personal Access Token. The one-time PAT that will be used to configure the PDF service.

PreviousSystem Logs & Tools NextRepository

Last updated 3 months ago

Use the system configuration page to configure how AppControl interacts with your Mendix hosting environments, and to configure which features are available to users.

The following are the hosting platform currently supported by AppControl:

Mendix Cloud
Mendix Cloud Dedicated

The following are the app repositories currently supported by AppControl:

Mendix Team Server (SVN)
Mendix Team Server (GIT)

Hosting Platforms

The hosting platforms tab provides an overview of all hosting platforms currently configured in the AppControl. Use this overview to manage the hosting platforms that AppControl should manage.

When adding Mendix Cloud platforms use the following information:

Mendix Platform User: The user that AppControl should use to access apps in the Mendix platform. For information on how to create this user see .
Mendix Platform Password (optional): The password for the Mendix platform user that you provided. Note: If you do not provide a password, all build and deploy features will fail to work. Additionally, if your organization does use PAT for authentication to the Mendix Team Server you must provide a password.
API Key: The API key for the Mendix Platform user you provided.
Personal Access Token (PAT): The PAT for the Mendix Platform user you provided.

Repositories

App repositories are automatically detected each configured Mendix Cloud hosting platform. The only thing you will need to configure yourself is the type of authentication to use:

Username & Password: This is the default. The Mendix Platform user and password you configured in the hosting platform will be used to access the repository.
Personal Access Token: Select this if your organization uses Bring Your Own IdP and enforces 2FA. PAT will be used by AppControl to access the repository.

Apps

Release Management. Enable pipeline management and configuration management for this app.
Policy Management. Enable policy checking for this app.
Alert Management. Enable remote alert management for this app (will create remote webhooks for receiving hosting alerts).
Log Management. Enable analysis of access and app logs (Insights).
Enabled? Will turn ON or OFF all features for this app. When disbabled the app will no longer appear in AppControl, even if AppControl has access to the app.
Deleted? If TRUE, this app was previosuly detected by AppControl but it no longer has access to it.

Environments

Release Management. Enable pipeline management and configuration management for this app.
Policy Management. Enable policy checking for this app.
Alert Management. Enable remote alert management for this app (will create remote webhooks for receiving hosting alerts).
Log Management. Enable analysis of access and app logs (Insights).

For each environment the 'Revision Status' is displayed. This shows you whether or not AppControl has scanned and analyzed the revision deployed to the environment. The possible statuses are:

Not Processed. A newly deployed revision has been detected for this environment, but it has not yet been procssed.
Processing Model. The model for this environment is currrently being processed.
Model Processed. The model for this environment has been processed. After processing thee model, information about used components, widgets, Java Libraries, and other technical information is available to the system.
Checking Revision. The revision is currently being checked for compliance with your policies.
Revision Checked. The revision has been checked for compliance with your policies. Policy results are now available in the Policy Dashboard.
Queued for Processing. The model deployed to this environment is queued for processing.
Queued for Checking. The revision is currently queued to be checked for compliance with your policies.
Processing Failed. The system failed to process your model. You can attempt to process the model again from the 'Revisions' tab in the App page. You can check the logs for dettails as to why the processing failed.
Check Failed. The system failed to check the policy compliance of your revision. You can attempt to check the revision again from the 'Revisions' tab in the App page. You can check the logs for dettails as to why the policy check failed.

Feature Settings

Release Management. Use this to enable the use of pipelines and releases.
- Group admins can manage pipelines. When enabled, users with the Group Administrator role that are assigned as the admin of an App Group can create group and app pipelines for apps in their group.
- App admins can manage pipelines. When enabled, users with the App Administrator role can create app pipelines for apps where they are asigned the App Administrator role.
Policy Management. Use this to enable the use of policy and automated policy checking. When turned on AppControl will automatically check each deployed revision for compliance with your policies. When turned off policies will not be checked.
Alert Management. Use this to enable remote alerting (receiving alerts from your hosting platform). When you turn it on remote webhooks will be configured on your hosting platform to send alerts to AppControl. When you turn it off, the webhooks will be disabled.
Log Management. Use this to enable the automated analysis of access logs and app logs. When you turn it on, a scheduled event will download logs for each app environment and analyze them daily. When you turn it off, log analysis will no longer be performed.
Management API. Use this to enable the AppControl . This enables you to integrate AppControl with your own management systems, providing additional automation possibilities.
PDF Service. Use this to configure the PDF service for downloading PDF reports. Before opening the configuration page you must add the /docgen/ request handler to your AppControl environments in the Mendix cloud (). After doing this click on 'configure PDF service' and fill in the following details:
- Deployment type. Choose Mendix Public Cloud or Mendix Cloud Dedicated depending on where you have deployed AppControl.
- Application URL. The URL to your AppControl instance.
- App ID. The App ID of your AppControl app in the Mendix Cloud.
- Personal Access Token. The one-time PAT that will be used to configure the PDF service.