Monitoring Azure Key Vault Managed HSM
Azure Key Vault Managed HSM (Hardware Security Module) is a cloud service that protects your cryptographic keys for cloud applications. Instana uses the Azure Key Vault Managed HSM sensor to monitor Azure Key Vault Managed HSM. Instana comprehensively monitors your Azure Key Vault Managed HSM and provides end-to-end visibility into your environment.
After you install the Instana host agent, the Azure Key Vault Managed HSM sensor is automatically installed. You can view infrastructure metrics that are related to the Azure Key Vault Managed HSM in the Instana UI. For more information about other supported Azure services, see Monitored services.
Configuring the Azure Key Vault Managed HSM sensor
To monitor your Azure Key Vault Managed HSM, enable the Azure sensor by updating the agent <agentinstall_dir>/etc/instana/configuration.yaml
file as shown in the following example. For more information, see Installation.
com.instana.plugin.azure:
enabled: true
subscription: "[Your-Subscription-Id]"
tenant: "[Your-Tenant-Id]"
principals:
- id: "[Your-Service-Principal-Account-Id]"
secret: "[Your-Service-Principal-Secret]"
To configure the Azure Key Vault Managed HSM sensor, update the agent configuration file <agentinstall_dir>/etc/instana/configuration.yaml
as shown in the following example:
com.instana.plugin.azure.managedhsm:
enabled: true # Valid values: true, false. Enabled (true) by default
include_tags: # Comma separated list of tags in key:value format (e.g. env:prod,env:staging)
exclude_tags: # Comma separated list of tags in key:value format (e.g. env:dev,env:test)
include_resource_groups: # Comma separated list of resource groups (e.g. rg_prod,rg_staging)
exclude_resource_groups: # Comma separated list of resource groups (e.g. rg_dev,rg_test)
You can disable the Azure Key Vault Managed HSM sensor and filter it by tags and resource groups.
Disabling the sensor
To disable monitoring Azure Key Vault Managed HSM, update the agent configuration file <agentinstall_dir>/etc/instana/configuration.yaml
as shown in the following example:
com.instana.plugin.azure.managedhsm:
enabled: true
Viewing metrics
To view the metrics, complete the following steps:
- From the navigation menu in the Instana UI, click Infrastructure.
- Click an HSM availability zone.
You can see a host dashboard with all the collected metrics and monitored processes.
Metrics are pulled every minute, which is the resolution that Azure provides for the monitoring of these services.
Configuration data
HSM details | Description |
---|---|
Name | HSM name |
Resource Group | Resource group of the HSM |
Location | HSM location |
Type | Type of the resource |
Provisioning State | Provisioning state of the HSM |
Tier | Billing tier of this HSM |
Performance metrics
Metric | Name | Unit | Aggregation | Description |
---|---|---|---|---|
Service | ||||
Overall Service Availability | Availability | Percent | Average | Service requests availability |
Total Service Api Hits | ServiceApiHit | Count | Count | Number of total service API hits |
Overall Service Api Latency | ServiceApiLatency | Milliseconds | Average | Overall latency of service API requests |