The SignifAI Community Hub

Welcome to the SignifAI Community Hub.
This is the place for you to find something new, express your thoughts, share and collaborate with other people. You'll find comprehensive guides and documentation to help you start working with SignifAI as quickly as possible, as well as support if you get stuck. Let's jump right in!

Amazon Web Services

Integrating with Amazon Web Service Public Cloud

Integrating With AWS Using Active Inspector™

SignifAI Active Inspector™ for Amazon Web Services (AWS) provides you powerful automatic data gathering from your cloud infrastructure with no need to install any agent.
Receive cloudwatch metrics, configuration changes, AWS events such as AutoScaling, and instance status changes - all completely automated.
We tailor cloudwatch metrics gathering for the most critical services in production environments: ELB, RDS, AutoScaling, DynamoDB, ElastiCache, CloudFront, Kinesis, Lambda, Redshift, SQS, and SNS, and also allow you to specify AWS Tags so we collect EC2 and EBS information that you care most about.
By collecting real-time data from your Amazon Web Services, SignifAI tracks metrics and events across your infrastructure all the time.

Active Inspector™ Installation

We currently only support the most secure and recommended way of integration by AWS: account-to-account trust integration.
To get started, you will need to first create a security policy.

  1. In your AWS account, click on Services tab, than search for IAM.
  2. Inside the IAM, go to the Policies tab and click Create Policy. Select Create Your Own Policy
  3. Name the policy SignifaiAWSIntegrationPolicy.
  4. In order to make your life easier, you can simply download the following json file and copy and paste the policy into your AWS policy console.

Policy permissions

For a full policy explanation and why we need those permissions, please check out our further documentation.

  1. Copy and paste the policy into your AWS policy document text box, than click Create Policy.

The next step is to create a security role and allow SignifAI to assume it.

  1. In the IAM console, go to Roles tab and click Create a new role. Select Role for Cross-Account Access, than select Provide access between your AWS account and a 3rd party AWS account.
  2. For Account ID, enter 265975144233.
  3. For External ID, copy the SignifAI Active Inspector™ AWS External ID and paste it in the AWS console, than click Next Step.

MFA

Make sure you leave Require MFA disabled. For more information about the External ID, refer to AWS

  1. Select the policy you created above, and click Next Step.
  2. For Role Name, Copy the SignifAI Active Inspector™ AWS Role Name and paste it as your new role name, than click Create Role.
  3. Enter your AWS Account Number into SignifAI Active Inspector and select your region for integration.

Specifying What to Collect

If you wish to only monitor a subset of EC2 instances on AWS, Tag them inside your AWS account first and specify the Tag name under the integration advance mode. (currently in Beta)

  1. In the SignifAI console, choose Sensors and click on the AWS integration point.
  2. Make sure to choose the Active Inspector™ tab and provide your AWS Account ID and choose your AWS Region.
  3. Click on Activate. We will start the provisioning process which might take a few minutes.

Provisioning SNS Topic as Part of the Provisioning Process

Please note that as part of the provisioning process, the Active Inspector will also provision a unique SNS Topic and automatically and registers it with the SignifAI platform.
We will also enable all CloudWatch events automatically for you, as well as most relevant Config Changes, RDS and ElasticCache events and set them all to report over to the provisioned SNS topic.
We worked hard on this entire automation process so it's easier for you. We found out that those steps are usually not implemented in most environments but extremely valuable for determining and narrowing down a potential root cause of an issue in your infrastructure.

Active Inspector Integration

Active Inspector Integration

First Time Collection

The first time the AWS Active Inspector™ runs, it will take a while to complete. During that time, it collects between 14 to 30 days worth of information (depending on your account size). This helps to tune our algorithms with a much lower false positive rate. It also allows us to discover different types of metrics and events over time.

Integrating With AWS Using a Web Collector

SignifAI supports Amazon Web Services (AWS) integration so you can receive all cloudwatch alerts, configuration changes events, and any other event data sent to AWS SNS.
By sending all your alerts and events to AWS SNS, you create a secure integration and can define access control policy and auditing.
You only need to set up a single SNS topic and subscribe SignifAI's web collector to it. Then, route any event or alert to that SNS topic and SignifAI will process everything.

AWS Web Collector Installation

  1. In your AWS account, click on the Simple Notification Service (SNS) section.
  2. Create a new topic and name it something meaningful (for example: SignifaiHook)
  3. In the Protocol option, choose HTTPS.
  4. Log in to the SignifAI platform and go to the Sensors section.
  5. Click on AWS integration and choose Web Collector.
  6. Click on Provision.
  7. Copy the SignifAI collector URL provided and paste it into the AWS SNS endpoint. Click create subscription.

SignifAI Automatically Validates Your SNS Subscription

SignifAI will automatically verify the subscription for you. You can refresh the AWS SNS console to see the new integration is no longer in pending mode.
You will be able to point any event or cloudwatch alarm to the SNS Topic created.

Web Collector Integration

Web Collector Integration

Need help with the integration?

Contact us at: support@signifai.io and we will be happy to help.

Amazon Web Services

Integrating with Amazon Web Service Public Cloud