Monitoring AWS IoT Core
Instana comprehensively monitors your AWS IoT Core and provides end-to-end visibility into your environment by using the AWS IoT Core sensor. After you install the Instana agent, the AWS IoT Core sensor is automatically deployed and installed. You can view metrics that are related to AWS IoT Core in the Instana UI.
AWS IoT Core is a cloud service to connect devices to the AWS cloud. For other supported AWS services, see the AWS topic.
Required IAM permissions
The AWS IoT Core sensor requires the following AWS IAM permissions to monitor your AWS IoT Core:
cloudwatch:GetMetricData
cloudwatch:GetMetricStatistics
iot:DescribeEndpoint
iot:ListThings
Configuring the AWS IoT Core sensor
After the Instana agent is installed, the AWS IoT Core sensor is enabled by default. Metrics for AWS IoT Core are pulled every 60 seconds. You can change this setting in the <agent_install_dir>/etc/instana/configuration.yml
file:
com.instana.plugin.aws.iotcore:
cloudwatch_period: 60
Enabling proxy configuration
To enable the AWS IoT Core sensor to use the proxy configuration, add the following agent configuration settings:
com.instana.plugin.aws.iotcore:
proxy_host: 'example.com' # proxy host name or ip address
proxy_port: 3128 # proxy port
proxy_protocol: 'HTTP' # proxy protocol: HTTP or HTTPS
proxy_username: 'username' # OPTIONAL: proxy username
proxy_password: 'password' # OPTIONAL: proxy password
Disabling the AWS IoT Core sensor
To disable monitoring of IoT Core instances, use the following configuration:
com.instana.plugin.aws.iotcore:
enabled: false
Configuring monitoring for AWS IoT Core across multiple AWS accounts
To set up monitoring of multiple AWS accounts with one AWS agent in the same region, you can use two approaches. For more information, see Monitoring multiple AWS accounts.
AWS-named profiles approach
To override which profiles are used to monitor AWS IoT Core, use the following configuration:
com.instana.plugin.aws.iotcore:
profile_names:
- 'profile2'
- 'profile3'
If you define profiles on a service level, the global AWS profile configuration is overridden.
AWS STS approach
To override which IAM roles are used to monitor IoT Core, use the following configuration:
com.instana.plugin.aws.iotcore:
role_arns:
- 'arn:aws:iam::<account_1_id>:role/<role_1_name>'
- 'arn:aws:iam::<account_2_id>:role/<role_2_name>'
If you define IAM roles on a service level, the global AWS IAM role configuration is overridden.
Viewing metrics
To view the metrics, complete the following steps:
- From the navigation menu in the Instana UI, select Infrastructure.
- Click a specific monitored AWS IoT Core instance.
You can see the AWS IoT Core dashboard with all the collected metrics.
Configuration data
The AWS IoT Core sensor collects the following IoT Core data:
- Endpoint
- Region
Metrics
The AWS IoT Core sensor collects the following metrics:
Name | Description |
---|---|
Connect Success | The number of successful connections to the message broker. |
Connect Throttle | The number of connection requests that are throttled because the account exceeded the connection request rate that is allowed. |
Connect Client ID Throttle | The number of connection requests that are throttled because the client exceeded the connection request rate that is allowed for a specific client ID. |
Total Connect Throttle | The total number of connection requests that are throttled. |
Rules Executed | The number of AWS IoT rules that are run. |
Ping Success | The number of ping messages that are received by the message broker. |
Connect Auth Error | The number of connection requests that cannot be authorized by the message broker. |
Connect Client Error | The number of connection requests that are rejected because the MQTT message did not meet the requirements that are defined in AWS IoT quotas. |
Connect Server Error | The number of connection requests that failed because an internal error occurred. |
Publish In Auth Error | The number of publish requests that the message broker is unable to authorize. |
Publish In Client Error | The number of publish requests that are rejected by the message broker because the message did not meet the requirements that are defined in AWS IoT quotas. |
Publish In Server Error | The number of publish requests that the message broker failed to process because an internal error occurred. |
Publish In Success | The number of publish requests that are successfully processed by the message broker. |
Publish In Throttle | The number of publish requests that are throttled because the client exceeded the inbound message rate that is allowed. |
Publish Out Auth Error | The number of publish requests that are made by the message broker that cannot be authorized by AWS IoT. |
Publish Out Client Error | The number of publish requests that are made by the message broker that are rejected because the message did not meet the requirements that are defined in AWS IoT quotas. |
Publish Out Success | The number of publish requests that are successfully made by the message broker. |
Publish Out Throttle | The number of publish requests that are throttled because the client exceeded the outbound message rate that is allowed. |
Subscribe Success | The number of subscribe requests that are successfully processed by the message broker. |
Subscribe Throttle | The number of subscribe requests that are throttled because the client exceeded the subscribe request rate that is allowed. |
Get Thing Shadow Accepted | The number of GetThingShadow requests that are processed successfully. |
Update Thing Shadow Accepted | The number of UpdateThingShadow requests that are processed successfully. |
Delete Thing Shadow Accepted | The number of DeleteThingShadow requests that are processed successfully. |
List Thing Shadow Accepted | The number of ListThingShadow requests that are processed successfully. |