Amazon Web Services (AWS)

Amazon Web Services (AWS) is a cloud computing platform. The AWS provides a combination of Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and packaged Software as a Service (SaaS) offerings.
cavna37
Amazon Web Services (AWS) is a cloud computing platform. The AWS provides a combination of Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and packaged Software as a Service (SaaS) offerings.
The plug-in collects inventory for the following items:
  • Regions
  • Availability Zones
  • Amazon EC2 (VM)
  • Virtual Private Cloud (Virtual Network)
  • Subnets
  • NAT Gateways
  • Customer Gateways
  • Internet Gateways
  • VPN Gateways
  • Tunnels
AWS Performance Metrics
The plug-in collects the following performance metrics:
Item Types
VNA Metric Families and Metrics
CA PM Metric Family
Metric Name/ Description
EC2
CPU Utilization
Virtual Machine Aggregate Metrics
CPU Utilization
Aggregated Network Incoming Bytes
Virtual Machine Aggregate Metrics
Aggregated Bits In Of Interfaces
Aggregated Network Outgoing Bytes
Virtual Machine Aggregate Metrics
Aggregated Bits Out Of Interfaces
Aggregated Network Bytes
Virtual Machine Aggregate Metrics
Aggregated Bits Of Interfaces
Aggregated Network Bytes Per Second 
Virtual Machine Aggregate Metrics
Aggregated Bits Per Second Of Interfaces
Aggregated Network Incoming Bytes Per Second
Virtual Machine Aggregate Metrics
Aggregated Bits In Per Second Of Interfaces
Aggregated Network Outgoing Bytes Per Second
Virtual Machine Aggregate Metrics
Aggregated Bits Out Per Second Of Interfaces
Aggregated Network Incoming Packets
Virtual Machine Aggregate Metrics 
Aggregated Packets In Of Interfaces
Aggregated Network Outgoing Packets
Virtual Machine Aggregate Metrics 
Aggregated Packets Out Of Interfaces
Aggregated Network Packets
Virtual Machine Aggregate Metrics 
Aggregated Packets Of Interfaces
Aggregated Network Incoming Packets Per Second
Virtual Machine Aggregate Metrics 
Aggregated Packets In Per Second Of Interfaces
Aggregated Network Outgoing Packets Per Second
Virtual Machine Aggregate Metrics 
Aggregated Packets Out Per Second Of Interfaces
Aggregated Network Packets
Virtual Machine Aggregate Metrics 
Aggregated Packets Per Second Of Interfaces
Disk Capacity
Virtual Disk
Capacity
Disk IOPS
Virtual Disk
I/O per second
Disk Read Bytes
Virtual Disk
Bytes Read Per Sec
Disk Write Bytes
Virtual Disk
Bytes Written Per Sec
Tunnels
Tunnel State
SDN Tunnel
Availability
Tunnel Data In
SDN Tunnel
Bytes In
Tunnel Data Out
SDN Tunnel
Bytes Out
The plug-in collects the following threshold notifications:
VPN Connections
  • Tunnel State
  • Tunnel Data In
  • Tunnel Data Out
The plug-in collects the flow data from VPC logs from AWS Console with the following header:
<version> <account-id> <interface-id> <srcaddr> <dstaddr> <srcport> <dstport> <protocol> <packets> <bytes> <start> <end> <action> <log-status>
The plug-in uses 
aws-java-sdk
 to pull data, which uses the HTTP protocol.
The following table contains the HTTP counts for each poll type:
 The following counts may vary depending on the environment.  You can get more details for HTTP count from the 
server.log
 by turning the root logger of WildFly to debug.
 
Poll Type
 
 
HTTP Count
 
Inventory
35
Performance
39
Flow
17
Notification
17
 
More Information:
 
For more information about flow log header, refer https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html 
Plug-in Configuration Example
The following JSON example shows the AWS plug-in configuration:
{
"PLUGIN_CONFIG": {
"AWS_ACCESS_KEY": "xxxxxxxxxxx",
"AWS_SECRET_KEY": "JWUSJJSJSUIWKSOW",
"PROTOCOL": "https",
"INVENTORY_POLL_RATE": "0 */10 *",
"INVENTORY_DELTA_TIME": 600,
"NOTIFICATION_POLL_RATE": "0 */5 *",
"NOTIFICATION_DELTA_TIME": 300,
"PERFORMANCE_POLL_RATE": "0 */5 *",
"PERFORMANCE_DELTA_TIME": 300,
"FLOW_POLL_RATE": "0 */10 *",
"FLOW_DELTA_TIME": 600,
"DOMAIN_ID": 0
}
}
 
AWS_ACCESS_KEY
Access keys to sign programmatic requests to AWS
AWS_SECRET_KEY
Secret keys to sign programmatic requests to AWS (Access key and Secret access key that is used together to authenticate requests to AWS)
PROTOCOL
The communication protocol with the AWS
INVENTORY_POLL_RATE
How often the product collects inventory data
INVENTORY_DELTA_TIME
Difference between polls (in seconds)
NOTIFICATION_POLL_RATE
How often the product collects notifications from the AWS
NOTIFICATION_DELTA_TIME
Difference between notification polls (in seconds)
PERFORMANCE_POLL_RATE
How often the product collects performance data
PERFORMANCE_DELTA_TIME
The time difference between performance polls (in seconds)
FLOW_POLL_RATE
How often the product collects flow data
FLOW_DELTA_TIME
The time difference between flow polls (in seconds)
DOMAIN_ID
CA Virtual Network Assurance assigns inventory from this plug-in to the specified domain.