What we learned from the Start/Reboot actions and during the "StartInstances" action a call was made to KMS to access the key that the EBS volumes attached to the instance are encrypted with. > Amazon EBS encryption - Permissions for IAM users. This is where we found Start and Reboot needed the ADDITIONAL configuration for the AWS SolarWinds User: Good luck in finding this documented somewhere. But we did test Start/Stop/Reboot/Unmanage/Poll Now. Then I started testing "Cloud Instance Management", (minus DELETE, we will not be using this so we left it out of the configuration above, i.e., IAM User Profile for SolarWinds). Once we got our runtime account setup, we were able to connect. We started with Settings/All Settings/Add Cloud Account. Now your ready to make the connection in the Orion UI. Look at the database table dbo.CLM_AwsRegions and modify it to your liking, again for me, NA sites only.įor the Record, to get anything done in AWS you need (for YOUR user account), PowerUserAccess for the EC2 Instance(s) you are trying to manage. I wanted all requests to go to North American Amazon sites, "only". Third, if your like my org, you want to limit "where" your API requests go. Access Key ID and Secret Access Key is what you will need. Second you want one of your AWS admins to create a "runtime" account for Orion to use. Reference: /./orion-urls-for-firewall-whitelisting Here is my experience so far, maybe it will help others.įirst you need to open these URLs if they are blocked by your Cyber Team. Talking needles in haystacks, this is it, SolarWinds and AWS, at least for me.
0 kommentar(er)
