AWS Integration Guide

  • Updated
Table of Contents:

This article covers how to enable AWS integration and configuration of AWS details to onboard assets from AWS to Resolution Intelligence Cloud.

AWS (CMDB)

To onboard entities from AWS to Resolution Intelligence Cloud, you must configure the settings in AWS and Resolution Intelligence Cloud. For this, you must create a user with IAM role in AWS and use the generated access key and secret access key (credentials) of this user while adding an instance in the platform to query the AWS API. This fetches the entities stored on AWS to the platform.

Roles Required:

  • Owner
  • Global Admin
  • A user with manager role
  • Configuration Manager

Enabling AWS integration and configuring AWS details

Use this procedure to integrate AWS with the Resolution Intelligence Cloud by adding an Instance. This establishes the connection with AWS and fetches the entities stored in AWS to the RIC platform.

To enable the integration,

  1. Click  the gear icon at the top (or) hover over  icon at the top left corner.

  2. In the bottom of the left menu, click Configurations.

  3. In the left menu, under Data Ingestion, click Integrations.
    You will be navigated to the available integrations page.

  4. Select the CMDB option from the drop-down list to view the list of CMDB integrations available. 
  5. Locate and click the AWS tile. If the AWS integration is already enabled, you can see in the enabled integrations. Else, you can see this in Available Integrations section. 
available integrations.png

                                                                         Figure 1 Available Integrations

  3. Click the Add --> Add New Integration.
      The integration will be enabled.

Enabling AWS integration.png

                                                       Figure 2 Enabling AWS integration

4. On the AWS integrations page, click Add Instance to activate the integration. 
A window appears on your screen

5. Specify the Instance details to authenticate the requests made to AWS.

Field name Field description
Name The name of the instance. 
Access key The access key is an account identifier to authenticate requests made to AWS while fetching the entities. 
Secret key The secret key is a private key used to sign the request to fetch entities. 
Region

Select the region from which entities should be synced. During the syncing process, the system directly searches for entities in the chosen region, reducing latency.

 

6. Under Specify Ingestion Criteria, construct the condition expression. Select a field and operator from the drop-down lists. For the value, select a value from the drop-down list or enter it manually, depending on the field type. The condition is used to determine the records to which the rule will apply.
A condition expression can consist of several phrases, joined by an And or Or. For each phrase, select a field, operator, and value. Click the  button to add an additional row. Use the parentheses and And/Or options to join the phrases together to form a condition expression.

The conditions include the following attributes:

    • Alias Name
    • Created time
    • Updated time
    • Name

7. Under Schedule, choose the following to sync the incoming data from AWS

    • Timezone: Select the appropriate timezone at which the sync should happen. (for example, (UTC+05:30) Asia/Kolkata)
    • Time: Select the appropriate date and time at which the sync should happen. 
    • Repeat: From the drop-down, select the following
      • Monthly: Specify the number of months and the day. (for example, for every 6 months on the 30th day according to the timezone you selected)
      • Weekly: Specify the day (for example, Every Thursday at 10:AM according to the timezone you selected)
      • Daily: On every day at a specific time based on the time you have specified

8. Click Validate and Save.

Once the AWS instance is set up, entities from AWS begin syncing to the platform, and you can view them on the Entities Overview page. However, syncing follows the scheduled time. To sync manually, use the Sync Now option.

Syncing AWS Entities

Use this procedure to sync the AWS entities to the Resolution Intelligence Cloud instantly.

To sync the AWS entities:

  1. Select Integrations, under the Data Ingestion section to see all the data sources and monitoring tools that you want to integrate. This opens the Integrations page where you can see all the enabled and available integrations.
  2. Click the AWS card in the Enabled Integrations section. This opens the page where you can see the existing instances.
  3. Click the ellipses icon corresponding to the AWS instance you want to sync and select Sync now to manually sync any new entities to the Resolution Intelligence Cloud. 

Viewing the job history

Use this procedure to track the job history. This gives you details, such as when the job was performed and what is the outcome of the job.

To view the history of job runs:

  1. Select Integrations, under the Data Ingestion section. This opens the Integrations page where you can see all the enabled and available integrations.
  2. Click the AWS card in the Enabled Integrations section. This displays the existing instances.
  3. Click the ellipses icon corresponding to the AWS instance whose job history you want to view and select Job History. This displays the Job History tab.
  4. Review the following job details:
Field name Field description
Job ID A unique ID generated for every run. Click on the ID to view the job logs. 
Start time The time when the job was started.
End time The time when the job ended.
Execution time The time taken to run a job. 
Status

The status of the job run. Possible values:

  • Success – Indicates that the job run was successful.
  • Failed – Indicates the job has failed to execute successfully.
  • Running – Indicates the job run is in progress.

Note: If the job is failed, you can use the Retry button to re-run the job

Viewing the job logs for a specific job run

Use this procedure to view the job logs of a specific job run. You can use the search box to quickly find the log you need.

To view the history of job runs:

  1. Go to Integrations under the Data Ingestion section. This opens the Integrations page, where you can see all enabled and available integrations.
  2. Click the AWS card in the Enabled Integrations section to view existing instances.
  3. Click the ellipsis icon next to the AWS instance whose job history you want to view, then select Job History. This opens the Job History tab.
  4. Click the Job ID hyperlink of the job whose logs you want to view.
  • Status – Indicates whether the entity was successfully synced to the platform. Possible values: Success or Failed.
  • Message – Provides details on the success or failure of the job.
  • Event Time – The timestamp when the log was generated.

To view real-time logs, click the Refresh button.

To download logs to a CSV file, click Download.

Deleting an Instance

Use this procedure to delete an AWS Instance.

  1. Select Integrations, under the Data Ingestion section. This opens the Integrations page where you can see all the enabled and available integrations.
  2. Click the AWS card in the Enabled Integrations section. This displays the existing instances.
  3. Click the ellipses icon corresponding to the ManageEngine instance you want to delete and select Delete Instance. A pop-up window appears.
  4. Click Yes to delete.

Deleting a schedule

Use this procedure to delete a schedule associated with the AWS instance. You cannot view the Delete schedule option when no schedules are set for this instance.

  1. Select Integrations, under the Data Ingestion section. This opens the Integrations page where you can see all the enabled and available integrations.
  2. Click the AWS card in the Enabled Integrations section. This displays the existing instances.
  3. Click the ellipses icon corresponding to the AWS instance and select Delete Schedule to delete the scheduled job for this instance.
    You can now view the scheduler being removed from this instance.

Modifying the Instance details

Use this procedure to modify the instance details.

  1. Select Integrations, under the Data Ingestion section. This opens the Integrations page where you can see all the enabled and available integrations.
  2. Click the AWS card in the Enabled Integrations section. This displays the existing instances.
  3. Click the ellipses icon corresponding to the AWS instance you want to modify and select Edit Instance. This takes you to the Edit Instance page.
  4. Change the Instance details and Click Validate and Save to validate and save the updated changes.

Deactivating AWS integration

Use this procedure to deactivate the AWS integration. Once deactivated, you cannot receive the entities from AWS to the platform. You can also reactivate the integration anytime you want and retrieve the old and latest asset information. 

To deactivate the integration:

  1. Click  the gear icon at the top (or) hover over  icon at the top left corner.

  2. In the bottom of the left menu, click Configurations.

  3. In the left menu, under Data Ingestion, click Integrations.
    You will be navigated to the available integrations page.

  4. Locate and click the AWS tile.

5. Click the ellipses icon ellipsis.png and select Deactivate to disable the AWS integration to the platform. 

AWS CloudWatch

AWS integration with Resolution Intelligence CloudTM provides monitoring for AWS resources and applications, collects events, gains insights, and fixes problems when a critical signal is raised. AWS integration provides deeper insights into resource utilization and sends notifications when a certain metric crosses a specified threshold. These notifications will notify the on-call persons via their preferred contact types through the Resolution Intelligence Cloud.

CloudWatch is a tool that captures critical details mandatory to track the performance and efficiency of all applications hosted in the AWS cloud. CloudWatch tracks performance metrics such as - latency, request count, application logs, CPU usage, & other custom metrics. CloudWatch logs are captured in near-real-time and CloudWatch Alarms can be used to watch your metrics against a specified threshold and proactively make decisions like trigger an EC2 instance to auto-shutdown when the CPU usage crosses a particular threshold.

Our CloudWatch Integration allows you to

- Visualize the automatic updates in AWS environment.

- Get metrics, and logs without installing the AWS agent.

- See CloudWatch alarms in the event stream. 

- Send On-call signals to reduce and resolve ActOns faster.

Resolution Intelligence Cloud normalizes alarm data from Cloudwatch into tags so that you can use these tag values to search, to filter the ActOns feed, and to define the filter conditions.

How AWS CloudWatch integration works

Resolution Intelligence uses an AWS instance to create an SNS (Simple Notification Service) topic in the AWS environment. After enabling the AWS CloudWatch, a token and a webhook URL will be generated. This token and webhook URL will be appended to SNS topic in the AWS environment internally. Appending webhook URL to SNS topic will help the triggered signal flow into our Resolution Intelligence.

 

Enabling AWS Cloudwatch Integration

In Resolution Intelligence Cloud

Use this procedure to integrate AWS Cloudwatch to receive signals if there is an abnormality detected in the assets on AWS. 

To integrate AWS Cloudwatch,

  1. Click  the gear icon at the top (or) hover over  icon at the top left corner.

  2. In the bottom of the left menu, click Configurations.

  3. In the left menu, under Data Ingestion, click Integrations.
    You will be navigated to the available integrations page.

  4. Locate and click the AWS CloudWatch tile.
  5. Click Add --> Add Integration.
    The integration will be enabled.
  6. On the AWS integration page, under the Inbound section, select the authentication type as JWT (JSON Web Token) in the authentication window.
  7. Select the Token Source. Possible values:
    • URL: By default, URL is selected.
    • Header

Figure 3 Enabling AWS Cloudwatch

6. Click Save.
A token and a webhook URL will be generated.

7. To confirm that your signals are monitored by AWS CloudWatch, go to Resolutions --> Signals where you can visualize the signals that are created.

                                                                Figure 4 Verifying Signals

 

Configuring settings in AWS Cloudwatch 

Use this procedure to configure AWS Cloudwatch settings and select the entity to be monitored. The CloudWatch will continuously monitor the entity and send signals when any suspicious activity is detected to the Resolution Intelligence Cloud. 

Let's create an alarm based on CPU usage. This alarm sends signals to the Resolution Intelligence Cloud when the CPU utilization in a database instance exceeds the given percentage. 

1. Log in to the AWS platform and search by Amazon SNS (Simple Notification Service). This takes you to the SNS dashboard page. 

 

Creating a topic

2. Click on topics to navigate to the Topics page.

3. Click Create topic to create an SNS topic. 

4. Select the topic type as Standard or FIFO. Here, we have selected the topic type as Standard

5. Provide the topic name and display name (optional)

6. Click Create topic

 

Subscribing to a topic

7. Select Subscriptions to subscribe an endpoint to the created SNS topic. This opens the Subscription creation page.

8. Click Create Subscription

9. Select the topic you have created from the Topic ARN list. 

10. Select the protocol. We have selected HTTPs here. 

11. In the Endpoint field, enter the authentication token (URL and token) that you have generated in the Resolution Intelligence Cloud after enabling the AWS CloudWatch integration

12. Click Create Subscription

 

Creating an alarm

13. Search for Cloudwatch from the drop-down. The Cloudwatch page is displayed.

14. Click Alarms from the left menu. This displays the alarms page where you can see the list of existing alarms. 

15. Click Create alarm. This takes you to the metrics page.

16. Click Select Metric to set the metric for CPU or RAM after which a signal should be triggered. 

17. Locate the metric, for example, the RDS metric, and then the DBInstanceIdentifier on which you want to set the alarm on. 

18. Click the CPU utilization against the database instance that you want to monitor. This opens the metrics page.

19. Review the metric name and DBInstanceIdentifier values that are defaulted in the respective fields.

20. Select the Statistic as Average from the drop-down list. 

21. Select the period as 5 minutes. In case the CPU utilization is above the set threshold for the given period continuously, then a signal is triggered. 

22. Under the Conditions section, select the Threshold type as Static

23. Whenever CPU Utilization is specified as Greater, then it triggers an alarm when the given threshold value exceeds. For instance, if the CPU utilization goes above 5, then a signal is sent to the Resolution Intelligence Cloud. 

24. Configure the topic to which the alarm messages should be sent. When you select the created topic, the endpoint configured is populated. All the messages published on this topic are sent to this endpoint. 

25. Provide the alarm name and click Preview and Create to create the alarm.

Related articles

Comments

0 comments

Please sign in to leave a comment.