To discover your AWS services, you need to create a discovery profile.
Creating Discovery Profile
Discovery Profile defines the range of devices that you want to discover. You can create multiple discovery profiles, each for a different set of resources. You can save each profile and reuse it for future discoveries.
To create a discovery profile:
- Go to Setup > Integrations > Integrations.
A list of all the installed integrations appears.
- From the installed integrations, click the installed AWS integration.
The AWS Integration page displays the Credentials and Discovery Profiles.
- In the Discovery Profiles section, click Add.
- On the Add Discovery Profile page, provide a suitable name in the Profile Name field.
- From Filter Criteria Type:
- Select Smart Filters to select specific or all the services.
- Select Resources Filters to define the criteria and filter the resources.
Add resources to the group using the following filter criteria options:
- Click Any or All to match any one or all of the defined conditions for filtering.
- Select the options for the following filter criteria fields:
- Resource Type: Lists all the supported resource types.
- Attribute Name: Lists the attributes of the type of resource selected. Attributes vary according to the resource type chosen.
- Logic condition: Refers to a logical match criterion to enhance search results.
Options: Contains, Not Contains, Equals, Not Equals, Starts With, Ends With, and Regex.
- Value: Refers to a value corresponding to the attribute name and logic condition.
- Click Add Criteria to include more filter criteria.
- Select the actions to be performed on the services.
- Manage Device: Select this option to discover the AWS services in a managed state.
- Stream CloudWatch Alarms: Provide SQS URL to receive alarms. See configuring Amazon CloudWatch alarms.
- Ingest un-supported AWS resource alarms: Select this option to process all Amazon CloudWatch alarms and AWS services that are not supported by OpsRamp.
- Create a resource based on CloudTrail events stream: Provide SQS URL to receive events. See Configuring Amazon CloudTrail.
- Access CloudTrail S3 Bucket with Access and Secret Keys: (This option is available only for installing integration as IAM with AssumeRole credentials). Select this option if you have configured Amazon CloudTrail with Amazon S3 bucket in the trusting/root account.
OpsRamp accesses the Amazon S3 bucket using the access key and secret key provided in the integration. Ensure that the access key and secret key have access to the Amazon S3 bucket in the root/trusting account.
- Stream AWS Events: Provide SQS URL to receive events. See configuring AWS Events.
- Collect Cost Analytics: Collects projects cost details of the services utilized.
To collect Cost Analytics, create an Amazon S3 bucket and set up Amazon S3 for collecting AWS billing data. Amazon S3 bucket can be configured on the root account only.
- Assign Credentials Matching with Fingerprint: Select this option to check if the credential set of EC2 instance matches the credential set of the key pair.
- Assign Gateway Management Profile: Select the Gateway management profile from the drop-down list.
- Select Agent Type:
- Direct: Outbound port 443 is allowed on EC2 and other types of AWS compute services, such as desktops and servers.
- Proxy: Outbound port 3128 is allowed on EC2 and other types of AWS compute services, such as desktops and servers.
Select the Gateway management profile from the drop-down list.
- Click Install Agent (Linux only) if the agent needs to be installed on the device and then select the device credentials.
- Select the Discovery Schedule option to schedule a discovery and define the preferred Recurrence pattern.
- Click Save. The discovery profile appears in the list of Discovery Profiles.
Discovering AWS Services
To discover Amazon Web Services in your environment, the following two options are available:
- Set a discovery schedule and define a preferred recurrence pattern. The system scans regularly at the defined schedule to discover any new services added to your environment.
- Click the Scan Now button to discover the resources any time irrespective of the schedule.
All the discovered services are visible in the AWS folder on the Infrastructure page.
Monitoring AWS Services
Monitoring provides 360-degree visibility of applications, servers, virtualization, containers, synthetics, storage, and network devices. A monitoring template defines all parameters used to monitor target resource.
To monitor AWS services:
Create and assign templates
AWS services can be managed more efficiently using templates. Apply the templates manually to initiate the monitoring of your AWS services. See Assign Templates to assign templates to the services in a group. See a recommended template list for predefined templates.
If you do not want to use any recommended templates, [create a template]((/solutions/monitoring/monitor-management/using-templates/#creating-templates).
Assign device management policies
Using device management policies, you can assign templates, availability rule, knowledge base articles and custom attributes. To assign a device management policy, create one. See Managing Device Management Policies to create and assign a device management policy on your AWS services.
Alerts are pre-configured messages that are triggered when there is a change outside a predefined monitoring range of a service or a device. For details, see Managing Alerts.