Configuring AWS Observer jobs

Using the AWS Observer, you can define jobs that read services data from the Amazon Web Services (AWS) through AWS SDK and generate a topology. It is installed as part of the core installation procedure.

Before you begin

Important: The AWS Observer supports the cloud/SaaS AWS version 1.11.

Ensure you have the AWS details to hand, such as AWS Region, Access Key ID and Access Secret Key.

About this task

The AWS Observer supports EC2 service and currently processes EC2 resources in the following order. When the account in use has insufficient privileges to access a resource, the observer skips the resource(s) and proceed to the next one.
  • Instance
  • AvailabilityZones
  • NetworkInterfaces
  • Volumes
  • SecurityGroups
  • VPCs
  • Subnets
  • RouteTables
Important: As a minimum, the account in use must have the DescribeInstances policy, or the observer job fails. Please see the following for more information: Identity and access management for Amazon EC2
You define and start the following job. You must edit the parameters in the configuration file before running this job.
Full Topology Upload job
By default, these jobs are one-off, transient jobs that carry out a full upload of all requested topology data when they are triggered.
You can also run these jobs (again) manually from the Observer UI, or schedule them to run at set times when you configure them.

Procedure

To find your Access Key and Secret Access Key:

  1. Log into your AWS Management Console.
  2. Click on your user name at the top right of the page.
  3. Click on the Security Credentials link from the drop-down menu.
  4. Find the Access Credentials section, and copy the latest Access Key ID.
  5. Click on the Show link in the same row, and copy the Secret Access Key.

To find the region

  1. Check the region at the following location:
    https://docs.aws.amazon.com/general/latest/gr/rande.html
    Note: To discover more than one region, select the check boxes from the Amazon Region drop-down.

To configure the AWS job

  1. On the Observer jobs page, perform one of the following actions:
    To edit an existing job
    Open the List of options overflow menu next to the job and click View & edit.
    To create a new job
    Click Add a new job + and select the AWS Observer tile.
  2. Enter or edit the following parameters, then click Save to save your job and begin retrieving information:
    Table 1. AWS Observer Load job parameters
    Parameter Action Details
    Unique ID Enter a unique name for the job Required
    Data Tenant Specify the unique data tenant name to track the discovered data for each job. Required
    Access Key Specify the AWS access key. Required
    Secret Key Specify the AWS secret key. Required. Use plain text.
    Region Specify the AWS region or multiple regions to discover. Required
    Property to exclude Single or multiple properties to exclude Optional
    Proxy Specify the proxy ('true' or 'false') Required. If set to 'true', you must supply the proxy host, port and protocol.
    Proxy Host Specify the proxy host Optional (unless proxy is set to 'true')
    Proxy Port Specify the proxy port Optional (unless proxy is set to 'true')
    Proxy Protocol Specify the proxy protocol Optional (unless proxy is set to 'true')
    Access scope

    Enter text to provide a scope for the resources.

    Access scope can help map alerts to resources when resources in different scopes share parameters, such as matchTokens.

    		 Optional.
    Tip: You can define access scope for locations, project names, namespaces, and so on.
    Generate debug support file
    Set the optional Generate debug support file parameter to True to capture the output of the next scheduled job run as a file. This file is stored with an observer's log files and can be used to debug observer issues, for example at the request of your designated Support team, or while using a test environment. For one-off jobs (that is, Load jobs), this parameter reverts to False after the next completed run. To examine the output produced, you can load the generated debug file using the File Observer. The file is saved to the following locations:
    On-premises
    $ASM_HOME/logs/<obs>-observer/
    On OpenShift Container Platform
    /var/log/itsm/<obs>-observer
    		 Optional
    Observer job description Enter additional information to describe the job. Optional
    Job schedule

    Specify when the job should run, and whether it should run at regular intervals.

    By default the job runs immediately, and only once.

    Optionally you can specify a future date and time for the job to run, and then set it to run at regular intervals after that.

    Optional. Transient (one-off) jobs only.

    If you set a job schedule, the run intervals must be at least 90 seconds apart. If you set them at less than 15 minutes, a warning is displayed, as the frequency can impact system performance.