AWS integration with Resolution Intelligence CloudTM provides monitoring for AWS resources and applications, collects events, gains insights, and fixes problems when a critical signal is raised. AWS integration provides deeper insights into resource utilization and sends notifications when a certain metric crosses a specified threshold. These notifications will notify the on-call persons via their preferred contact types through the Resolution Intelligence Cloud.
CloudWatch is a tool that captures critical details mandatory to track the performance and efficiency of all applications hosted in the AWS cloud. CloudWatch tracks performance metrics such as - latency, request count, application logs, CPU usage, & other custom metrics. CloudWatch logs are captured in near-real-time and CloudWatch Alarms can be used to watch your metrics against a specified threshold and proactively make decisions like trigger an EC2 instance to auto-shutdown when the CPU usage crosses a particular threshold.
Our CloudWatch Integration allows you to
- Visualize the automatic updates in AWS environment.
- Get metrics, and logs without installing the AWS agent.
- See CloudWatch alarms in the event stream.
- Send On-call signals to reduce and resolve ActOns faster.
Resolution Intelligence Cloud normalizes alarm data from Cloudwatch into tags so that you can use these tag values to search, to filter the ActOns feed, and to define the filter conditions.
Permissions
Asset | Operations |
---|---|
a4b | Get, List, and Search |
access-analyzer | Get, List, and ValidatePolicy |
acm-pca | Get, List, and Describe |
acm | Get, List, and Describe |
airflow | List |
amplify | Get, and List |
apigateway | Get |
appconfig | Get, and List |
application-autoscaling | Describe |
applicationinsights | Describe, and List |
appmesh | Describe, and List |
appstream | Describe, and List |
appsync | Get, and List |
aps | Describe, QueryMetrics, Get, and List |
athena | Get, List, andBatch |
auditmanager | Get, List, and ValidateAssessmentReportIntegrity |
autoscaling-plans | Describe,and GetScalingPlanResourceForecastData |
aws-portal | View |
backup | Describe, Get, and List |
batch | Describe, and List |
braket | GetDevice, GetQuantumTask, SearchDevices, and SearchQuantumTasks |
budgets | Describe, and View |
cassandra | Select |
ce | Get,Describe, and ListCostCategoryDefinitions |
chatbot | Get, and Describe |
chime | Get, List, Retrieve, Search, and Validate |
cloud9 | List, and Describe |
clouddirectory | Get, List,BatchRead, and LookupPolicy |
cloudformation | Get, List, Describe, Detect, and Estimate |
cloudfront | Describe Function, Get, and List |
cloudhsm | Get, List, and Describe |
cloudsearch | Describe, and List |
cloudtrail | Get, List, Describe, Write, and Delete |
cloudwatch | Get, List, Describe, Write, and Delete |
codeartifact | Get, List,Describe, and ReadFromRepository |
codebuild | BatchGet, DescribeCodeCoverages, and DescribeTestCases |
codecommit | BatchGet, Get, List, GitPull, and Describe |
codedeploy | BatchGet, Get, and List |
codeguru-profiler | Get, List, and Describe |
codeguru-reviewer | Get, List, and Describe |
codepipeline | Get, and List |
codestar-connections | Get, and List |
codestar-notifications | describeNotificationRule, and List |
codestar | Get, List, Verify, and Describe |
cognito-identity | Get, List, Lookup, and Describe |
cognito-idp | AdminGet, AdminList, Describe, Get, and List |
cognito-sync | Describe, Get, List, and QueryRecords |
compute-optimizer | DescribeRecommendationExportJobs, Get |
config | BatchGetAggregateResourceConfig, BatchGetResourceConfig, Deliver, Get, List, and Describe |
connect | Describe, GetFederationToken, and List |
dataexchange | Get, and List |
datapipeline | Describe, EvaluateExpression, Get, List, QueryObjects, and Validate |
datasync | Describe, and List |
dax | BatchGetItem, Describe, GetItem, ListTags,Query, and Scan |
deepcomposer | Get, and List |
detective | Get, List, and Searchgraph |
devicefarm | Get, List |
devops-guru | Describe, GetCostEstimation, GetResourceCollection, List, SearchInsights, and StartCostEstimation |
directconnect | Describe |
discovery | Get, List, and Describe |
dlm | Get |
dms | List, Test, and Check |
ds | Get, List, Verify, Check, and Describe |
dynamodb | BatchGet, Get, List, Query, Scan and Describe |
ec2 | Get, Describe, ListSnapshotsInRecycleBin, SearchLocalGatewayRoutes, and SearchTransitGatewayRoutes |
ec2messages | Get |
ecr-public | BatchCheckLayerAvailability, ListTagsForResource, Get, and Describe |
ecr | Get, List, BatchCheck, BatchGet, and Describe |
ecs | List, and Describe |
elasticache | List, and Describe |
elasticbeanstalk | Describe, Check, List, Request, Retrieve, and Validate |
elasticfilesystem | Describe |
elasticloadbalancing | Describe |
elasticmapreduce | Describe, List, View, and GetBlockPublicAccessConfiguration |
elastictranscoder | List, and Read |
elemental-appliances-software | Get, and List |
emr-containers | Describe, and List |
es | Get, List, ESHttpGet, and ESHttpHead |
events | Get, List,Describe, Write, and Delete |
firehose | List, and Describe |
fis | Get, and List |
fms | Get, and List |
forecast | Describe, GetAccuracyMetrics, QueryForecast, and List |
freertos | List, and Describe |
fsx | List, and Describe |
gamelift | Describe, Get, List, Search, and ResolveAlias |
glacier | Get, List, and Describe |
globalaccelerator | List, and Describe |
glue | BatchGet, CheckSchemaVersionValidity, Get, List, and QuerySchemaVersionMetadata |
greengrass | DescribeComponent, Get, and List |
groundstation | DescribeContact, Get, and List |
guardduty | Get, List, Describe, Write, and Delete |
health | Describe |
iam | Get, Simulate, List, and Generate |
imagebuilder | Get, and List |
importexport | Get, and List |
inspector | Get, List, Describe, and Preview |
iot | Get, List, and Describe |
iot1click | Get, List, and Describe |
iotanalytics | Get, List, SampleChannelData, and Describe |
iotevents | List, and Describe |
iotfleethub | ListApplications, and DescribeApplication |
iotroborunner | Get, and List |
iotsitewise | Get, List, and Describe |
iotwireless | Get, and List |
ivs | BatchGetChannel, Get, and List |
kafka | Get, List, and Describe |
kafkaconnect | List, and Describe |
kendra | Describe, GetQuerySuggestions, List, and Query |
kinesisanalytics | Get, List, Describe, and Discover |
kinesisvideo | Get, List, and Describe |
kms | Get, List, and Describe |
lambda | Get, and List |
lex | Get, List, and Describe |
license-manager | Get, and List |
lightsail | Get, and Is |
logs | Describe, FilterLogEvents, Get, ListTagsLogGroup, StartQuery, StopQuery, and TestMetricFilter |
lookoutvision | List, and Describe |
machinelearning | Get, and Describe |
macie | ListMemberAccounts, and ListS3Resources |
macie2 | BatchGetCustomDataIdentifiers, SearchResources, Get, List, and Describe |
managedblockchain | Get, and List |
mediaconnect | Describe, ListFlows |
mediaconvert | Get, and List |
mediapackage | List, and Describe |
mediastore | Get, List, and Describe |
mgh | GetHomeRegion, List, and Describe |
mgn | Get, and Describe |
mobileanalytics | Get |
mobilehub | Describe, Export, Generate, Validate, Verify, Get, and List |
mobiletargeting | Get, and List |
monitron | GetProject, GetProjectAdminUser, ListProjects, and ListTagsForResource |
mq |
List, and Describe |
network-firewall | List, and Describe |
networkmanager | Get, and Describe |
opsworks-cm | List, and Describe |
opsworks | Get, and Describe |
organizations | List, and Describe |
outposts | Get, and List |
personalize | Get, List, and Describe |
pi | DescribeDimensionKeys, Describe, and Get |
polly | SynthesizeSpeech, Get, List, and Describe |
proton | Get, and List |
qldb | Get, List, and Describe |
ram | Get, and List |
rbin | GetRule, and List |
rds | List, Download, and Describe |
redshift | GetReservedNodeExchangeOfferings, View, and Describe |
rekognition | CompareFaces, Search, Detect, and List |
resiliencehub | List and Describe |
resource-groups | Get, List, and Search |
robomaker | Get, List, Describe, and BatchDescribe |
route53-recovery-cluster | Get |
route53-recovery-control-config | List, and Describe |
oute53-recovery-readiness | Get, and List |
route53 | Get, List, and Test |
route53domains | Get, List, View, and Check |
route53resolver | Get, and List |
s3-object-lambda | Get, and List |
s3 | DescribeJob, Get, and List |
sagemaker | GetSearchSuggestions, Describe, List, and Search |
savingsplans | List, and Describe |
schemas | Get, List, Search, and Describe |
sdb | Get, List, and Select |
secretsmanager | GetResourcePolicy, List, and Describe |
securityhub | Get, List, and Describe |
serverlessrepo | Get, List, and SearchApplications |
servicecatalog | Search, Get, List, Scan, and Describe |
servicediscovery | Get, and List |
servicequotas | Get, and List |
ses | Get, and List |
shield | Get, List, and Describe |
signer | DescribeSigningJob, Get and List |
snowball | Get, List, and Describe |
sns | Get, List, Check, CreateTopic, SetTopicAttributes, Subscribe, and Unsubscribe |
sqs | Get, List, and Receive |
ssm-contacts | Get, List, and Describe |
ssm-incidents | Get, and List |
ssm | Get, List, and Describe |
sso-directory | List, Search, and Describe |
sso | Get, List, Search, and Describe |
states | GetExecutionHistory, List, and Describe |
storagegateway | List, and Describe |
sts | Get |
support | DescribeCases |
swf | Describe, Count, Get, and List |
synthetics | Describe, Get, and List |
tag | Get |
timestream | List, and Describe |
transcribe | Get, and List |
transfer | Describe, TestIdentityProvider, and List |
trustedadvisor | Describe |
waf-regional | Get, and List |
waf | Get, and List |
wafv2 | CheckCapacity, Get, List, and Describe, |
workdocs | CheckAlias, Get, and Describe |
worklink | List, and Describe |
workmail | Get, List, Search, and Describe |
workspaces | Describe |
xray | Get, List, Describe, Write, and Delete |
How AWS integration works
Resolution Intelligence uses an AWS instance to create an SNS (Simple Notification Service) topic in the AWS environment. After enabling the AWS CloudWatch, a token and a webhook URL will be generated. This token and webhook URL will be appended to SNS topic in the AWS environment internally. Appending webhook URL to SNS topic will help the triggered signal flow into our Resolution Intelligence.
Integration | Description |
---|---|
API Gateway |
Create, publish, maintain, monitor, and secure APIs at any scale. |
ACM Private CA |
A managed service that automates time-consuming administrative tasks |
App Runner |
Quickly deploy containerized web applications and APIs at scale. |
Appstream 2.0 |
Provides users instant access to their desktop applications. |
AppSync |
Manage and synchronize mobile app data in real time. |
Aurora |
A relational database service |
Athena |
Performs an interactive queries in the web-based cloud storage. |
Autoscaling |
Scale EC2 capacity. |
Cloudfront |
Speeds up content delivery through network. |
Cloudhsm |
Cloudbased hardware security module (HSM). |
CloudSearch |
Access to log files and AWS API calls. |
Chatbot |
An interactive agent |
CodeBuild |
Compiles source code. |
CloudWatch Logs |
Logs from Amazon EC2 instances |
Cognito |
Manage and synchronize app data. |
Connect |
A self-service, cloud-based contact center service. |
CodeGuru Profiler |
Provides different visualizations of profiling data |
Direct Connect |
An alternative network to use AWS cloud services. |
DMS |
Database Migration Service. |
DocumentDB |
NoSQL JSON document database service. |
DynamoDB |
A key-value NoSQL database. |
Data Sync |
An online data transfer service |
EBS (Elastic Block Store) |
Block-level storage for persistent data. |
EC2 (Elastic Cloud Compute) |
Resizable compute capacity in the cloud. |
EC2 Auto Scaling |
Helps to add or remove EC2 instances |
EC2 Elastic Graphics |
Attach low-cost graphics acceleration to a wide range of EC2 instances |
EC2 Spot fleet |
Spare EC2 capacity. |
ECS (Elastic Container Service) |
High performance container management service that supports Docker containers. |
EFS (Elastic File System) |
Simple, serverless, set-and-forget, elastic file system. |
Elastic Inference |
Attach low-cost GPU-powered acceleration to Amazon EC2 |
Elastic Transcoder |
Converts audio and video files in the cloud. |
ElastiCache |
In-memory data cache. |
ES (Elastic Search) |
Deploy, operate, and scale Elasticsearch clusters. |
ElastiCache for Redis |
A Redis-compatible in-memory data store service |
EventBridge |
A serverless event bus used to build event-driven applications |
FSx for Lustre |
A fully managed shared storage |
FSx for Windows File Server |
Provides fully managed shared storage built on Windows Server. |
Gamelift |
Dedicated game server hosting solution. |
Glue |
A serverless data integration service. |
Ground Station |
Monitor the satellite health and status |
Interactive Video Service (IVS) |
A managed live streaming solution |
Inspector |
Enhances the security and compliance of AWS resources. |
IoT (Internet of Things) |
Connect IOT devices with cloud services. |
IoT Analytics |
Analyses and scales peta bytes of IoT data. |
IoT SiteWise |
Remotely configure and centrally manage gateways through the AWS Management Console. |
IoT Things Graph |
An orchestration service that simplifies development of IoT applications. |
Keyspaces (for Apache Cassandra) |
A scalable, highly available, and managed Apache Cassandra–compatible database service |
Kinesis Data Analytics |
Transform and analyze streaming data service. |
Kinesis Data Firehose |
An extract, transform, and load (ETL) service. |
Kinesis Data Streams |
A scalable and durable real-time data streaming service. |
Kinesis Video Streams |
A service that securely stream video from connected devices. |
KMS (Key Management Service) |
Create and manage cryptographic keys. |
Lambda |
Serverless computing service. |
Lex |
Provides interfaces for processing voice and text. |
MediaConnect |
Transports live video. |
MediaConvert |
Transcodes file based video. |
MediaPackage |
Prepare and protect video for delivery over the internet. |
MediaTailor |
Scalable server-side ad insertion. |
MediaStore |
An AWS storage service optimized for media |
MQ |
Managed message broker service for Apache ActiveMQ and RabbitMQ |
Managed Streaming for Kafka |
Build and run applications that use Apache Kafka to process streaming data. |
Neptune |
Fast, reliable, fully managed graph database service |
Network Firewall |
Filter traffic at the perimeter of a VPC. |
RDS (Relational Database Service) |
A collection of data items in the cloud. |
Redshift |
Data warehouse solution |
Route 53 |
DNS and traffic management with availability monitoring. |
S3 (Simple Storage Service) |
A scalable, high-speed, web-based cloud storage service. |
SES (Simple Email Service) |
A cost-effective, flexible, and scalable transactional email service. |
SNS (Simple Notification System) |
Sends signals and notifications. |
SQS (Simple Queue Service) |
A highly-scalable hosted queue for storing messages. |
Storage Gateway |
A set of hybrid cloud storage services. |
VPC (Virtual Private Cloud) |
Launch AWS resources into a virtual network |
WorkSpaces |
A cloud-based virtual desktop. |
Enabling AWS integration
In Resolution Intelligence Cloud
Roles Required:
- Owner
- Global Admin
- A user with manager role
- Configuration Manager
To enable the integration,
-
Click
the gear icon at the top (or) hover over
icon at the top left corner.
-
In the bottom of the left menu, click Configurations.
-
In the left menu, under Data Ingestion, click Integrations.
You will be navigated to the available integrations page. - Locate and click the AWS tile.
Figure 1 Available Integrations
3. Click the Add --> Add New Integration.
The integration will be enabled.
Figure 2 Enabling AWS integration
4. On the AWS integrations page, click Add Instance to activate the integration.
A window appears on your screen
5. Specify the Instance details to authenticate the requests made to AWS.
Field name | Field description |
---|---|
Name | The name of the instance. |
Access key | The access key is an account identifier to authenticate requests made to AWS. |
Secret key | The secret key is a private key used to sign the request. |
6. Under Specify Ingestion Criteria, construct the condition expression. Select a field and operator from the drop-down lists. For the value, select a value from the drop-down list or enter it manually, depending on the field type. The condition is used to determine the records to which the rule will apply.
A condition expression can consist of several phrases, joined by an And or Or. For each phrase, select a field, operator, and value. Click the button to add an additional row. Use the parentheses and And/Or options to join the phrases together to form a condition expression.
The conditions include the following attributes:
-
- Alias Name
- Created time
- Updated time
- Name
7. Under Schedule, choose the following to sync the incoming data from AWS
-
- Timezone: Select the appropriate timezone at which the sync should happen. (for example, (UTC+05:30) Asia/Kolkata)
- Time: Select the appropriate date and time at which the sync should happen.
- Repeat: From the drop-down, select the following
- Monthly: Specify the number of months and the day. (for example, for every 6 months on the 30th day according to the timezone you selected)
- Weekly: Specify the day (for example, Every Thursday at 10:AM according to the timezone you selected)
- Daily: On every day at a specific time based on the time you have specified
8. Click Validate and Save.
Once you have successfully enabled the AWS instance you will see the total number of assets on the Assets overview page within a few minutes.
Deactivating AWS integration
Use this procedure to deactivate the AWS integration. Once deactivated, you cannot receive the data from AWS to the platform. You can also reactivate the integration anytime you want and retrieve the old and latest asset information.
To deactivate the integration:
-
Click
the gear icon at the top (or) hover over
icon at the top left corner.
-
In the bottom of the left menu, click Configurations.
-
In the left menu, under Data Ingestion, click Integrations.
You will be navigated to the available integrations page. - Locate and click the AWS tile.
5. Click the ellipses icon and select Deactivate to disable the AWS integration to the platform.
Enabling AWS Cloudwatch Integration
In Resolution Intelligence Cloud
Use this procedure to integrate AWS Cloudwatch to receive signals if there is an abnormality detected in the assets on AWS.
To integrate AWS Cloudwatch,
-
Click
the gear icon at the top (or) hover over
icon at the top left corner.
-
In the bottom of the left menu, click Configurations.
-
In the left menu, under Data Ingestion, click Integrations.
You will be navigated to the available integrations page. - Locate and click the AWS CloudWatch tile.
- Click Add --> Add Integration.
The integration will be enabled. - On the AWS integration page, under the Inbound section, select the authentication type as JWT (JSON Web Token) in the authentication window.
- Select the Token Source. Possible values:
- URL: By default, URL is selected.
- Header
Figure 3 Enabling AWS Cloudwatch
6. Click Save.
A token and a webhook URL will be generated.
7. To confirm that your signals are monitored by AWS CloudWatch, go to Resolutions --> Signals where you can visualize the signals that are created.
Figure 4 Verifying Signals
Comments
0 comments
Please sign in to leave a comment.