Apps
AWS Config
AWS Config Integration
- Type: Cloud
- Vendor: AWS
The AWS Config integration will track a default list of AWS resources (EC2 instances) that Interpres is interested in monitoring.
- 1.0 Create an AWS policy with the following JSON permission:
- Note: You can either create your own limited policy on certain detectors or you can use the AWS managed policy AWSConfigUserAccess
- If creating your own policy please create a policy with the following permissions:
- 2.0 Create an AWS role and attach the policy created in the step 1
- 3.0 Choose one of the authentication methods currently supported by the integration
- Using an AWS user with secret key and id directly to access resources
- Create an AWS User with programmatic access only
- Create AWS Access Key ID and AWS Secret Access Key and store in a safe place
- Attach the role created from step 2 to new user:
- Using an attached role to access resources
- Note: This method can only be used if you are self hosting your Interpres deployments in AWS
- Using an attached role to assume another role to access resources
- Note: This method can only be used if your Interpres deployment is hosted in AWS
- Note: External ID is required for this method. Interpres will provide you with it
* Note *The AWS Integrations can be configured in multiple ways of authentcation and the required inputs are as follows
- Using an AWS user with secret key and id directly to access resources
- Access Key
- Secret Key
- Using an attached role to access resources
- Use attached role when running in EC2 - True
- Using an attached role to assume another role to access resources
- Use attached role when running in EC2 - True
- Use attached role to assume another specified role
- Access Key: If using Authentication method 1 (step 3.1) provide AWS_ACCESS_KEY for user
- Secret Key: If using Authentication method 1 (step 3.1) provide AWS_SECRET_KEY for user
- Use Role: Check this box if using Authentication method 2 (step 3.2) or 3 (step 3.3)
- Assume Role: AWS cross account role arn to assume (Created in step 2)
- Region: AWS Region to monitor for the resources
Check there is connectivity (green light) in the integration created.
- Get Assets: Returns a list of assets (EC2 intances) by executing the following query: