Versions Compared

Version Old Version 92 New Version Current
Changes made by

Roza Leyderman

Harold Lim

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In the account where the services are running whose metrics need to be captured, an IAM scraper role needs to be created which has the following policy attached to it for kloudfuse to scrape the additional labels from AWS. Refer to https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_create.html for assistance.

Code Block
			"Action": [
				"autoscaling:DescribeAutoScalingGroups",
				"acm:ListCertificates",
				"acm:ListTagsForCertificate",
				"apigateway:GET",
				"athena:ListWorkGroups",
				"athena:ListTagsForResource",
				"autoscaling:DescribeAutoScalingGroups",
				"cloudwatch:ListMetrics",
				"cloudwatch:GetMetricStatistics",
				"dynamodb:ListTables",
				"dynamodb:DescribeTable",
				"dynamodb:ListTagsOfResource",
				"ec2:DescribeInstances",
				"ec2:DescribeInstanceStatus",
				"ec2:DescribeSecurityGroups",
				"ec2:DescribeNatGateways",
				"ec2:DescribeVolumes",
				"ecs:ListClusters",
				"ecs:ListContainerInstances",
				"ecs:ListServices",
				"ecs:DescribeContainerInstances",
				"ecs:DescribeServices",
				"ecs:ListTagsForResource",
				"elasticache:DescribeCacheClusters",
				"elasticache:ListTagsForResource",
				"elasticfilesystem:DescribeFileSystems",
				"elasticfilesystem:DescribeBackupPolicy",
				"elasticloadbalancing:DescribeTags",
				"elasticloadbalancing:DescribeLoadBalancers",
				"es:ListDomainNames",
				"es:DescribeDomains",
				"es:ListTags",
				"events:ListRules",
				"events:ListTagsForResource",
				"events:ListEventBuses",
				"firehose:DescribeDeliveryStream",
				"firehose:ListDeliveryStreams",
				"firehose:ListTagsForDeliveryStream",
				"fsx:DescribeFileSystems",
				"fsx:ListTagsForResource",
				"glue:ListJobs",
				"glue:GetTags",
				"kafka:ListTagsForResource",
				"kafka:ListClustersV2",
				"kinesis:ListStreams",
				"kinesis:ListTagsForStream",
				"kinesis:DescribeStream",
				"lambda:GetPolicy",
				"lambda:List*",
				"lambda:ListTags",
				"logs:DescribeLogGroups",
				"logs:ListTagsLogGroupListTagsForResource",
				"mq:ListBrokers",
				"mq:DescribeBroker",
				"rds:DescribeDBInstances",
				"rds:ListTagsForResource",
				"rds:DescribeEvents",
				"redshift:DescribeClusters",
				"redshift:DescribeTags",
				"route53:ListHealthChecks",
				"route53:ListTagsForResource",
				"s3:ListAllMyBuckets",
				"s3:GetBucketTagging",
				"sns:ListTagsForResource",
				"sns:ListTopics",
				"sqs:ListQueues",
				"sqs:ListQueueTags",
				"wafv2:ListWebACLs",
				"wafv2:ListRuleGroups",
				"wafv2:ListTagsForResource"
			]

...

Supported AWS Component

Component

Namespace

AmazonMQ (ActiveMQ)

AWS/AmazonMQ

ApplicationELB

AWS/ApplicationELB

ACM

AWS/CertificateManager

Route 53

AWS/Route53

EBS

AWS/EBS

EC2

AWS/EC2

EFS

AWS/EFS

ElastiCache

AWS/ElastiCache

ELB

AWS/ELB

Component

Namespace

Dashboards

Alerts

Autoscaling Group

AWS/AutoScaling

Yes

AmazonMQ (ActiveMQ)

AWS/AmazonMQ

Yes

AmazonMQ (RabbitMQ)

AWS/AmazonMQ

Coming soon

ApplicationELB

AWS/ELBV2

Yes

ACMYes

AWS/CertificateManager

EBS

Yes

EC2

Yes

Yes

EFS

Yes

ElastiCache (Memcache)

Yes

ElasticCache (Redis)

Coming soon

ELB

Yes

Firehose

Yes

Lambda

Yes

Yes

NetworkELB

Yes

RDS

Yes

Yes

Redshift

Yes

S3

Yes

SNS

Yes

SQS

Yes

Yes

OpenSearch

Yes

DynamoDB

Yes

API Gateway

Yes

Glue

Yes

Athena

Yes

ECS

Yes

EventBridge

Yes

Kafka

Yes

Log Groups

NA

AWS Namespaces

Route53

AWS/Route53

No

EBS

AWS/EBS

Yes

EC2

AWS/EC2

Yes

Yes

EFS

AWS/EFS

Yes

ElastiCache (Memcache)

AWS/ElastiCache

Yes

ElasticCache (Redis)

AWS/ElastiCache

Coming soon

AWS/NATGateway

AWS/EC2

No

ELB

AWS/ELB

Yes

Firehose

AWS/Firehose

Yes

Lambda

AWS/Lambda

Yes

Yes

NetworkELB

AWS/

NetworkELB

ELBV2

Yes

RDS

AWS/RDS

Yes

Yes

Redshift

AWS/Redshift

Yes

S3

AWS/S3

Yes

SNS

AWS/SNS

Yes

SQS

AWS/SQS

Yes

Yes

OpenSearch

AWS/ES

Yes

DynamoDB

AWS/DynamoDB

Yes

API Gateway

AWS/ApiGateway

Yes

Glue

AWS/Glue

Yes

Athena

AWS/Athena

Yes

ECS

AWS/ECS

Yes

EventBridge

AWS/Events

Yes

Kafka

AWS/Kafka

Yes

Log Groups

AWS/Logs

NA

WAF

AWS/WAFV2

Log Groups

Yes

AWS/Logs

See also Collecting AWS Events with EventBridge.