From 3e793af5927f1926449b8b13a3f418ccdc8a5d75 Mon Sep 17 00:00:00 2001 From: katarzyna_koltun Date: Tue, 10 Feb 2026 11:29:10 +0100 Subject: [PATCH 1/5] New PMP keys fro 2.6 --- .../configuration/pmp-configure-aws-secret.md | 9 +++++++++ .../configuration/pmp-configure-azure-key-vault.md | 9 +++++++++ .../configuration/pmp-configure-hashicorp-vault.md | 9 +++++++++ 3 files changed, 27 insertions(+) diff --git a/content/en/docs/private-platform/configuration/pmp-configure-aws-secret.md b/content/en/docs/private-platform/configuration/pmp-configure-aws-secret.md index b7128e86810..b5bdfa5e026 100644 --- a/content/en/docs/private-platform/configuration/pmp-configure-aws-secret.md +++ b/content/en/docs/private-platform/configuration/pmp-configure-aws-secret.md @@ -125,6 +125,15 @@ When creating a property to use as a key for external secret storage, use the fo * **CIAdmin.AzureBlobStorageToken** - SAS token for the Azure Blob Storage * **CIAdmin.AzureAwsS3SK** - Name of the Azure DevOps organization + * Cluster Manager + + * **ClusterManager.OCIRegistryAWSSK** - OCI Registry: AWS secret access key for the OCI registry + * **serverClusterManager.OCIBasicAuthPassword** - OCI Registry: Password for the OCI registry + * **serverClusterManager.MDAAWSSK** - MDA Storage: AWS secret access key for the MDA file + * **serverClusterManager.MDAFileBasicAuthPassword** - MDA Storage: Password for the MDA file + * **serverClusterManager.KubernetesApiToken** - Kubernetes API: Token for accessing the Kubernetes API + * **serverClusterManager.GrafanaAPIKey** - Grafana: API key for accessing the Grafana server + * Marketplace * **Marketplace.ImportCDNPassword** - Personal access token for the Marketplace admin diff --git a/content/en/docs/private-platform/configuration/pmp-configure-azure-key-vault.md b/content/en/docs/private-platform/configuration/pmp-configure-azure-key-vault.md index daf8928b184..31bf09574fd 100644 --- a/content/en/docs/private-platform/configuration/pmp-configure-azure-key-vault.md +++ b/content/en/docs/private-platform/configuration/pmp-configure-azure-key-vault.md @@ -128,6 +128,15 @@ When creating the JSON structure for your secret, you must use a flat key-value * **CIAdmin.AzureBlobStorageToken** - SAS token for the Azure Blob Storage * **CIAdmin.AzureAwsS3SK** - Name of the Azure DevOps organization + * **Cluster Manager** + + * **ClusterManager.OCIRegistryAWSSK** - OCI Registry: AWS secret access key for the OCI registry + * **serverClusterManager.OCIBasicAuthPassword** - OCI Registry: Password for the OCI registry + * **serverClusterManager.MDAAWSSK** - MDA Storage: AWS secret access key for the MDA file + * **serverClusterManager.MDAFileBasicAuthPassword** - MDA Storage: Password for the MDA file + * **serverClusterManager.KubernetesApiToken** - Kubernetes API: Token for accessing the Kubernetes API + * **serverClusterManager.GrafanaAPIKey** - Grafana: API key for accessing the Grafana server + * Marketplace * **Marketplace.ImportCDNPassword** - Personal access token for the Marketplace admin diff --git a/content/en/docs/private-platform/configuration/pmp-configure-hashicorp-vault.md b/content/en/docs/private-platform/configuration/pmp-configure-hashicorp-vault.md index aa9cabe29b0..672d0373d1b 100644 --- a/content/en/docs/private-platform/configuration/pmp-configure-hashicorp-vault.md +++ b/content/en/docs/private-platform/configuration/pmp-configure-hashicorp-vault.md @@ -138,6 +138,15 @@ Use the exact key names specified by Private Mendix Platform, with dots (`.`) as * `CIAdmin.AzureBlobStorageToken` * `CIAdmin.AzureAwsS3SK` +* **Cluster Manager** + + * `ClusterManager.OCIRegistryAWSSK` - OCI Registry: AWS secret access key for the OCI registry + * `serverClusterManager.OCIBasicAuthPassword` - OCI Registry: Password for the OCI registry + * `serverClusterManager.MDAAWSSK` - MDA Storage: AWS secret access key for the MDA file + * `serverClusterManager.MDAFileBasicAuthPassword` - MDA Storage: Password for the MDA file + * `serverClusterManager.KubernetesApiToken` - Kubernetes API: Token for accessing the Kubernetes API + * `serverClusterManager.GrafanaAPIKey` - Grafana: API key for accessing the Grafana server + * **Marketplace** * `Marketplace.ImportCDNPassword` From 6a3f305d8d2cff30bb070e7226afa2103a964e3f Mon Sep 17 00:00:00 2001 From: katarzyna_koltun Date: Thu, 12 Feb 2026 11:24:32 +0100 Subject: [PATCH 2/5] SME review --- .../configuration/pmp-configure-aws-secret.md | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/content/en/docs/private-platform/configuration/pmp-configure-aws-secret.md b/content/en/docs/private-platform/configuration/pmp-configure-aws-secret.md index b5bdfa5e026..250b0b08fc6 100644 --- a/content/en/docs/private-platform/configuration/pmp-configure-aws-secret.md +++ b/content/en/docs/private-platform/configuration/pmp-configure-aws-secret.md @@ -184,13 +184,12 @@ The following is a JSON template. Copy this template into your secret, and set t "AzureAwsS3SK": "" }, "ClusterManager": { - "KubernetesApiToken": "" - }, - "ClusterSettings": { - "KubernetesAdminPassword": "", - "GrafanaAPIKey": "", - "MDAAWSS3AccessKey": "", - "OCIRegistryPassword": "" + "KubernetesApiToken": "", + "GrafanaAPIKey":"", + "MDAFileBasicAuthPassword": "", + "MDAAWSSK": "", + "OCIBasicAuthPassword": "", + "OCIRegistryAWSSK": "" }, "Marketplace": { "ImportCDNPassword": "" From 371b74f3b367f8d6bc8289013dbb4c5ff4a6348b Mon Sep 17 00:00:00 2001 From: katarzyna_koltun Date: Thu, 12 Feb 2026 11:46:44 +0100 Subject: [PATCH 3/5] PMP PDF Doc Gen --- content/en/docs/private-platform/pmp-quickstart.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/content/en/docs/private-platform/pmp-quickstart.md b/content/en/docs/private-platform/pmp-quickstart.md index d51db774a6f..51474011ec0 100644 --- a/content/en/docs/private-platform/pmp-quickstart.md +++ b/content/en/docs/private-platform/pmp-quickstart.md @@ -455,6 +455,10 @@ To enable PDF Document Generation for Private Mendix Platform, perform the follo * **Image Name** - The image name, for example, *document-generation-service* * **Image Tag** - The image tag of the AppGen image, for example, *1.0.2* +{{% alert color="info" %}} +PDF Document Generation requires additional configuration for your Mendix apps to use the private service. For more information, see [Private PDF Document Generation Service: Configuring your Mendix Apps](/appstore/services/private-document-generation-service/#configuring-your-mendix-apps). +{{% /alert %}} + #### Uninstalling PDF Document Generation If you want to uninstall PDF Document Generation, perform the following steps: From 4ba1d001bf2b6e3fc8e2b96a5dfaf9e25b5f334b Mon Sep 17 00:00:00 2001 From: katarzyna_koltun Date: Thu, 12 Feb 2026 11:48:55 +0100 Subject: [PATCH 4/5] added link --- content/en/docs/private-platform/pmp-quickstart.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/en/docs/private-platform/pmp-quickstart.md b/content/en/docs/private-platform/pmp-quickstart.md index 51474011ec0..96c08622b25 100644 --- a/content/en/docs/private-platform/pmp-quickstart.md +++ b/content/en/docs/private-platform/pmp-quickstart.md @@ -438,7 +438,7 @@ If you want to uninstall Maia, you must do it manually, by running the following ### Installing PDF Document Generation for the Private Mendix Platform -The PDF Document Generation module allows you to generate pixel-perfect PDF documents based on regular pages in your app. +The [PDF Document Generation module](/appstore/services/private-document-generation-service/) allows you to generate pixel-perfect PDF documents based on regular pages in your app. To enable PDF Document Generation for Private Mendix Platform, perform the following steps: From f6d6ce28518565ae47c1bd03eb3b5dcc8bb956d3 Mon Sep 17 00:00:00 2001 From: katarzyna_koltun Date: Fri, 13 Feb 2026 11:59:33 +0100 Subject: [PATCH 5/5] SME review --- .../configuration/pmp-configure-aws-secret.md | 13 ++++ .../pmp-configure-azure-key-vault.md | 7 ++ .../pmp-configure-hashicorp-vault.md | 69 ++++++++++--------- 3 files changed, 58 insertions(+), 31 deletions(-) diff --git a/content/en/docs/private-platform/configuration/pmp-configure-aws-secret.md b/content/en/docs/private-platform/configuration/pmp-configure-aws-secret.md index 250b0b08fc6..5d046146c2a 100644 --- a/content/en/docs/private-platform/configuration/pmp-configure-aws-secret.md +++ b/content/en/docs/private-platform/configuration/pmp-configure-aws-secret.md @@ -142,6 +142,13 @@ When creating a property to use as a key for external secret storage, use the fo * **Email.SMTPPassword** - Password for the SMTP server + * Maia + + * **AmazonBedrockApiKey** - An API key to allow [Maia](/private-mendix-platform/maia/) to connect to a custom AWS Bedrock LLM + * **AzureAiApiKey** - An API key to allow [Maia](/private-mendix-platform/maia/) to connect to a custom Azure LLM + * **AnthropicApiKey** - An API key to allow [Maia](/private-mendix-platform/maia/) to connect to a custom Azure LLM + * **OpenAiApiKey** - An API key to allow [Maia](/private-mendix-platform/maia/) to connect to a custom Azure LLM + The following is a JSON template. Copy this template into your secret, and set the values that you want to use. Leave those you do not want to use empty. ```json @@ -196,6 +203,12 @@ The following is a JSON template. Copy this template into your secret, and set t }, "Email": { "SMTPPassword": "" + }, + "Maia": { + "AmazonBedrockApiKey": "", + "AzureAiApiKey": "", + "AnthropicApiKey": "", + "OpenAiApiKey": "" } } ``` diff --git a/content/en/docs/private-platform/configuration/pmp-configure-azure-key-vault.md b/content/en/docs/private-platform/configuration/pmp-configure-azure-key-vault.md index 31bf09574fd..bfe7a011871 100644 --- a/content/en/docs/private-platform/configuration/pmp-configure-azure-key-vault.md +++ b/content/en/docs/private-platform/configuration/pmp-configure-azure-key-vault.md @@ -144,6 +144,13 @@ When creating the JSON structure for your secret, you must use a flat key-value * Email * **Email.SMTPPassword** - Password for the SMTP server + + * Maia + + * **AmazonBedrockApiKey** - An API key to allow [Maia](/private-mendix-platform/maia/) to connect to a custom AWS Bedrock LLM + * **AzureAiApiKey** - An API key to allow [Maia](/private-mendix-platform/maia/) to connect to a custom Azure LLM + * **AnthropicApiKey** - An API key to allow [Maia](/private-mendix-platform/maia/) to connect to a custom Azure LLM + * **OpenAiApiKey** - An API key to allow [Maia](/private-mendix-platform/maia/) to connect to a custom Azure LLM ### Configuring Azure AD Workload Identity diff --git a/content/en/docs/private-platform/configuration/pmp-configure-hashicorp-vault.md b/content/en/docs/private-platform/configuration/pmp-configure-hashicorp-vault.md index 672d0373d1b..92b3e94a416 100644 --- a/content/en/docs/private-platform/configuration/pmp-configure-hashicorp-vault.md +++ b/content/en/docs/private-platform/configuration/pmp-configure-hashicorp-vault.md @@ -108,52 +108,59 @@ Use the exact key names specified by Private Mendix Platform, with dots (`.`) as * **VCS** - * `VCS.BitbucketProjectAdminPAT` - * `VCS.BitbucketAdminPassword` - * `VCS.GitlabGroupOwnerPAT` - * `VCS.GitlabAdminPAT` - * `VCS.GithubOrgOwnerPAT` - * `VCS.GithubAdminPAT` - * `VCS.GithubEnterpriseClientSecret` - * `VCS.AzureDevOpsOrgAdminPAT` - * `VCS.AzureAuthSecret` + * **VCS.BitbucketProjectAdminPAT** + * **VCS.BitbucketAdminPassword** + * **VCS.GitlabGroupOwnerPAT** + * **VCS.GitlabAdminPAT** + * **VCS.GithubOrgOwnerPAT** + * **VCS.GithubAdminPAT** + * **VCS.GithubEnterpriseClientSecret** + * **VCS.AzureDevOpsOrgAdminPAT** + * **VCS.AzureAuthSecret** * **Kubernetes Build Settings** - * `BuildPackage.FileBasicAuthPassword` - * `BuildPackage.AwsSecretAccessKey` - * `RuntimeBaseImage.PrivateRegistryPassword` - * `RuntimeBaseImage.S3CompatibleAccessKey` - * `MDAStorage.FileBasicAuthPassword` - * `MDAStorage.AwsSecretAccessKey` - * `OCIRegistry.PrivateRegistryPassword` - * `OCIRegistry.S3CompatibleAccessKey` + * **BuildPackage.FileBasicAuthPassword** + * **BuildPackage.AwsSecretAccessKey** + * **RuntimeBaseImage.PrivateRegistryPassword** + * **RuntimeBaseImage.S3CompatibleAccessKey** + * **MDAStorage.FileBasicAuthPassword** + * **MDAStorage.AwsSecretAccessKey** + * **OCIRegistry.PrivateRegistryPassword** + * **OCIRegistry.S3CompatibleAccessKey** * **Build Cluster Settings** - * `BuildCluster.KubernetesConfigureToken` - * `CIAdmin.JenkinsConfigureAPIToken` - * `CIAdmin.JenkinsTriggerAuthToken` - * `CIAdmin.AzureOrgAdminPAT` - * `CIAdmin.AzureBlobStorageToken` - * `CIAdmin.AzureAwsS3SK` + * **BuildCluster.KubernetesConfigureToken** + * **CIAdmin.JenkinsConfigureAPIToken** + * **CIAdmin.JenkinsTriggerAuthToken** + * **CIAdmin.AzureOrgAdminPAT** + * **CIAdmin.AzureBlobStorageToken** + * **CIAdmin.AzureAwsS3SK** * **Cluster Manager** - * `ClusterManager.OCIRegistryAWSSK` - OCI Registry: AWS secret access key for the OCI registry - * `serverClusterManager.OCIBasicAuthPassword` - OCI Registry: Password for the OCI registry - * `serverClusterManager.MDAAWSSK` - MDA Storage: AWS secret access key for the MDA file - * `serverClusterManager.MDAFileBasicAuthPassword` - MDA Storage: Password for the MDA file - * `serverClusterManager.KubernetesApiToken` - Kubernetes API: Token for accessing the Kubernetes API - * `serverClusterManager.GrafanaAPIKey` - Grafana: API key for accessing the Grafana server + * **ClusterManager.OCIRegistryAWSSK** - OCI Registry: AWS secret access key for the OCI registry + * **serverClusterManager.OCIBasicAuthPassword** - OCI Registry: Password for the OCI registry + * **serverClusterManager.MDAAWSSK** - MDA Storage: AWS secret access key for the MDA file + * **serverClusterManager.MDAFileBasicAuthPassword** - MDA Storage: Password for the MDA file + * **serverClusterManager.KubernetesApiToken** - Kubernetes API: Token for accessing the Kubernetes API + * **serverClusterManager.GrafanaAPIKey** - Grafana: API key for accessing the Grafana server * **Marketplace** - * `Marketplace.ImportCDNPassword` + * **Marketplace.ImportCDNPassword** - Personal access token for the Marketplace admin * **Email** - * `Email.SMTPPassword` + * **Email.SMTPPassword** - Password for the SMTP server + +* **Maia** + + * **AmazonBedrockApiKey** - An API key to allow [Maia](/private-mendix-platform/maia/) to connect to a custom AWS Bedrock LLM + * **AzureAiApiKey** - An API key to allow [Maia](/private-mendix-platform/maia/) to connect to a custom Azure LLM + * **AnthropicApiKey** - An API key to allow [Maia](/private-mendix-platform/maia/) to connect to a custom Azure LLM + * **OpenAiApiKey** - An API key to allow [Maia](/private-mendix-platform/maia/) to connect to a custom Azure LLM ### Configuring the Kubernetes Authentication Method {#configure-k8s-auth}