To discover your AWS services, you need to create a discovery profile.
Create Discovery Profile
The Discovery Profile specifies the range of devices that you want to discover, with multiple discovery profiles for different resource sets. Save a profile to be reused for future discoveries.
- Go to Setup > Integrations > Integrations to list of all installed integrations.
- From the installed integrations, click the installed AWS integration. The AWS Integration page displays the Credentials and Discovery Profiles.
- In the Discovery Profiles section, click Add.
- In the Add Discovery Profile page, enter a descriptive name in the Profile Name field.
- In Filter Criteria Type:, select Smart Filters to select specific or all the services.
- Select Resources Filters to define the criteria and filter the resources.
Add resources to the group
Choose Any or All to match any one or all of the defined conditions for filtering.
Select the options for the following filter criteria fields:
- Resource Type: List all the supported resource types.
- Attribute Name: List attributes for the selected resource type. Attributes are resource type-dependent.
- Logic condition: Logical match criteria for search:
Contains
,Not Contains
,Equals
,Not Equals
,Starts With
,Ends With
, andRegex
. - Value: Value corresponding to the attribute name and logical condition.
Click Add Criteria to include more filter criteria.
Select the actions you want to run on the services:
- Manage Device: Discover the AWS services in a managed state.
- Stream CloudWatch Alarms: Enter SQS URL to get alarms.
- Ingest unsupported AWS resource alarms: Process all Amazon CloudWatch alarms and AWS services not supported by OpsRamp.
- Create a resource based on CloudTrail events stream: Enter SQS URL to get events. See Configuring Amazon CloudTrail.
- Access CloudTrail S3 Bucket with Access and Secret Keys: (available only for installing integration as IAM with AssumeRole credentials) You configured Amazon CloudTrail with Amazon S3 bucket in the trusting/root account. OpsRamp accesses the Amazon S3 bucket using the access key and secret key entered during integration onboarding. Ensure that the access key and secret key have access to the Amazon S3 bucket in the root/trusting account.
- Stream AWS Events: Enter SQS URL to get events. See configuring AWS Events.
- Collect Cost Analytics: Collect project cost details of the services utilized. To collect Cost Analytics, create an Amazon S3 bucket and set up Amazon S3 for collecting AWS billing data. Amazon S3 bucket can be configured on the root account only.
- Assign Credentials Matching with Fingerprint: Check if the credential set of EC2 instance matches the credential set of the key pair.
- Assign Gateway Management Profile: Gateway management profile you want.
Select Agent Type:
- Direct: Outbound port 443 is used on EC2 and other types of AWS compute services, such as desktops and servers.
- Proxy: Outbound port 3128 is used on EC2 and other types of AWS compute services, such as desktops and servers.
Select the gateway management profile from the drop-down list.
If the agent needs to be installed on the device click Install Agent (Linux only) and select the device credentials.
Select the Discovery Schedule option to schedule a discovery and define the Recurrence pattern.
Click Save, which displays the discovery profile in the list of Discovery Profiles.
Discover services
To discover the Amazon Web Services in your environment, you can:
- Set a discovery schedule and define a preferred recurrence pattern. The system scans regularly at the defined schedule to discover any new services added to your environment.
- Click the Scan Now button to discover the resources at any time independent of the predefined schedule.
All the discovered services are visible in theInfrastructure page AWS folder.