Configuring AWS Observer jobs
Using the AWS Observer, you can define jobs that read services data from the Amazon Web Services (AWS) through AWS SDK and generate a topology. The AWS Observer supports multiple Amazon web services such as EC2 for its 'elastic compute' services.
Before you begin
Important: The AWS Observer supports the cloud and SaaS AWS version 1.11.
The AWS Observer supports EC2 service and currently processes EC2 resources in the following order. When the account in use has insufficient privileges to access a resource, the observer skips the resource(s) and proceed to the next one.
- Instance
- AvailabilityZones
- NetworkInterfaces
- Volumes
- SecurityGroups
- VPCs
- Subnets
- RouteTables
Important: As a minimum, the account in use must have the DescribeInstances policy, or the observer job fails. For more information, see Identity and access management for Amazon EC2.
About this task
You define and start the following job.
Full Topology Upload job
By default, Load jobs are one-off, transient jobs that do a full upload of all requested topology data as soon as they are triggered.
You can also run these jobs (again) from the Observer UI, or schedule them to run at set times when configuring them.
Procedure
Define or edit the following parameters, then click Run job to save and run the job.
Encryption requirement: See the Configuring observer jobs security topic for more information.
| Parameter | Action | Details |
|---|---|---|
| Unique ID | Enter a unique name for the job | Required |
| Job data tenant | Specify the unique data tenant name to track the discovered data for each job. | Required |
| AWS Access Key ID | Specify the AWS access key. Tip: You can find your access key ID using AWS's IAM console, the AWS CLI, or the AWS API. See the AWS Managing access keys for IAM users website for more information. | Required |
| AWS Secret Access Key | Specify the AWS secret key. For more information, see the AWS Managing access keys for IAM users website | Required |
| AWS Region | Specify the AWS region or multiple regions to discover | Required |
| Proxy | Specify the proxy (true or false) |
Required. If set to true, you must supply the proxy host, port and protocol. |
| Proxy Host | Specify the proxy host | Optional (unless proxy is set to true) |
| Proxy Port | Specify the proxy port | Optional (unless proxy is set to true) |
| Proxy Protocol | Specify the proxy protocol | Optional (unless proxy is set to true) |
| Property to exclude | Single or multiple properties to exclude | Optional |
| Access scope | Enter text to provide a scope for the resources. Access scope can help map alerts to resources when resources in different scopes share the same parameters, such as matchTokens. | Optional. Tip: You can define access scope for locations, project names, namespaces, etc. |
| Generate debug support file | Set this parameter to 'True' in order to capture the output of the next scheduled job run as a file. This file will be stored with an observer's log files and can be used to debug observer issues, for example at the request of your designated support team, or while using a test environment. For one-off jobs (that is, Load jobs), this parameter reverts to 'False' after the next completed run. To examine the output produced, you can load the generated debug file using the File Observer. | Optional |
| Observer job description | Enter additional information to describe the job | Optional |
| Job schedule | Specify when the job runs | Optional. Load jobs only. |