The SignifAI Active Inspector® for Amazon Web Services (AWS) provides you powerful automatic data gathering from your cloud infrastructure with no need to install any agent. You'll be able to receive cloudwatch metrics, configuration changes, AWS events such as AutoScaling, and instance status changes - all completely automated.
We tailor cloudwatch metrics gathering for the most critical services in production environments: ELB, RDS, AutoScaling, DynamoDB, ElastiCache, CloudFront, Kinesis, Lambda, Redshift, SQS, and SNS, and also allow you to specify AWS Tags so we collect EC2 and EBS information that you care most about.
We currently only support the most secure and recommended way of integration by AWS: account-to-account trust integration.
To get started, you will need to first create a security policy.
- In your AWS account, click on Services tab, then search for IAM.
- Inside the IAM, go to the Policies tab and click Create Policy. Select Create Your Own Policy
- Name the policy
SignifaiAWSIntegrationPolicy. Make sure to use that exact policy name.
- In order to make your life easier, you can simply download the following json file and copy and paste the policy into your AWS policy console.
For a full policy explanation and why we need those permissions, please check out our further documentation.
- Copy and paste the policy into your AWS policy document text box, then click Create Policy.
The next step is to create a security role and allow SignifAI to assume it.
- In the IAM console, go to Roles tab and click Create a new role.
Name the role name:
SignifaiIntegration(it is very important to use that exact same name). Select Role for Cross-Account Access, then select Provide access to your AWS account and a 3rd party AWS account.
- For Account ID, enter
- For External ID, copy the SignifAI Active Inspector® AWS External ID and paste it in the AWS console, then click Next Step.
Make sure you leave Require MFA disabled. For more information about the External ID, refer to AWS
- Select the policy you created above, and click Next Step.
- For Role Name, Copy the SignifAI Active Inspector® AWS Role Name and paste it as your new role name, then click Create Role.
- Enter your AWS Account Number into SignifAI Active Inspector and select your region for integration.
Specifying What to Collect
If you wish to only monitor a subset of EC2 instances on AWS, Tag them inside your AWS account first and specify the Tag name under the integration advance mode. (currently in Beta)
- In the SignifAI console, choose Sensors and click on the AWS integration point.
- Make sure to choose the Active Inspector® tab and provide your AWS Account ID and choose your AWS Region.
- Click on Activate. We will start the provisioning process which might take a few minutes.
Provisioning SNS Topic as Part of the Provisioning Process
Please note that as part of the provisioning process, the Active Inspector will also provision a unique SNS Topic and automatically and registers it with the SignifAI platform.
We will also enable all CloudWatch events automatically for you, as well as most relevant Config Changes, RDS and ElasticCache events and set them all to report over to the provisioned SNS topic.
We worked hard on this entire automation process so it's easier for you. We found out that those steps are usually not implemented in most environments but extremely valuable for determining and narrowing down a potential root cause of an issue in your infrastructure.
Active Inspector Integration
First Time Collection
The first time the AWS Active Inspector® runs, it will take a while to complete. During that time, it collects between 14 to 30 days worth of information (depending on your account size). This helps to tune our algorithms with a much lower false positive rate. It also allows us to discover different types of metrics and events over time.
SignifAI supports Amazon Web Services (AWS) integration so you can receive all cloudwatch alerts, configuration changes events, and any other event data sent to AWS SNS.
By sending all your alerts and events to AWS SNS, you create a secure integration and can define access control policy and auditing.
You only need to set up a single SNS topic and subscribe SignifAI's web collector to it. Then, route any event or alert to that SNS topic and SignifAI will process everything.
- In your AWS account, click on the Simple Notification Service (SNS) section.
- Create a new topic and name it something meaningful (for example: SignifaiHook)
- In the Protocol option, choose HTTPS.
- Log in to the SignifAI platform and go to the Sensors section.
- Click on AWS integration and choose Web Collector.
- Click on Provision.
- Copy the SignifAI collector URL provided and paste it into the AWS SNS endpoint. Click create subscription.
SignifAI Automatically Validates Your SNS Subscription
SignifAI will automatically verify the subscription for you. You can refresh the AWS SNS console to see the new integration is no longer in pending mode.
You will be able to point any event or cloudwatch alarm to the SNS Topic created.
Web Collector Integration
Need help with the integration?
Contact us at: firstname.lastname@example.org and we will be happy to help.