Cloud configuration
Home > Select Project > Management > Cloud Settings
It provides the feature to set up additional collection and monitoring for monitoring metrics provided by cloud services on the dashboard of the database project. Through the Cloud Settings menu, you can monitor the resource status of the cloud database server in real time to maximize the operational efficiency.
-
The configuration process is intuitive and easy, so even non-developers can quickly perform it.
-
After completing the configuration, you can immediately check and correct errors through visual feedbacks.
-
By creating and configuring roles directly on the CSP console, you can enable granular control over security groups and policies.
After configuration, extra charge may be incurred in the cloud depending on the usage, separate from the WhaTap fee. Check the pricing policy of the cloud service in use before installation.
AWS CloudWatch configuration
You can monitor the status and resource usage of the database running in the AWS cloud environment.
Selecting the service to which you want to add metrics
In the first section, select AWS CloudWatch. Install the AWS CloudFormation template to collect the Amazon CloudWatch metric.
Entering parameters
Enter required items before proceeding with the AWS Cloud Formation configuration.
-
DB Identifier: Enter the identifier of the AWS database instance to monitor.
NoteEnter the DB identifier value of the Database instance created by the Amazon RDS service.
-
Instance: Select an instance (agent) to monitor metrics collected from databases running in the AWS cloud environment.
-
Interval: Select a metric collection interval. (60 sec / 300 sec)
Configuring the AWS CloudFormation
Install the AWS CloudFormation template provided by WhaTap. This template allows you to collect the CloudWatch metric through WhaTap. If you select AWS CloudFormation Setting, the installation starts and the configuration process is performed.
-
When you select AWS CloudFormation Setting, the AWS CloudFormation configuration screen appears.
-
Check the values for the items automatically filled in the Stack name and Parameters sections.
-
Select Create stack located at the bottom of the screen.
-
For more information about AWS CloudFormation, see the following link.
-
For the Amazon CloudWatch metrics about Amazon RDS, see the following link.
Setting the required roles
To create a CloudFormation stack, set the following AWS roles:
Guide to AWS roles (JSON)
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"cloudformation:CreateStack",
"cloudformation:UpdateStack",
"cloudformation:DeleteStack",
"cloudformation:DescribeStacks",
"cloudformation:DescribeStackResources",
"cloudformation:GetTemplateSummary",
"cloudformation:DescribeStackEvents",
"cloudformation:ListStacks",
"cloudformation:ListStackResources"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"lambda:CreateFunction",
"lambda:UpdateFunctionCode",
"lambda:UpdateFunctionConfiguration",
"lambda:InvokeFunction",
"lambda:DeleteFunction",
"lambda:GetFunction",
"lambda:GetFunctionConfiguration",
"lambda:ListFunctions"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"events:PutRule",
"events:PutTargets",
"events:RemoveTargets",
"events:DeleteRule",
"events:DescribeRule",
"events:EnableRule",
"events:DisableRule"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"iam:CreateRole",
"iam:AttachRolePolicy",
"iam:PutRolePolicy",
"iam:GetRole",
"iam:DeleteRole",
"iam:PassRole",
"iam:ListRoles"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"cloudwatch:GetMetricData"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"s3:GetObject"
],
"Resource": "arn:aws:s3:::repo.whatap.io/agent/db/WhaTapRDSMonitoring.zip"
},
{
"Effect": "Allow",
"Action": [
"scheduler:GetSchedule",
"scheduler:ListSchedules",
"scheduler:CreateSchedule"
],
"Resource": "*"
}
]
}
-
Copy the JSON content from Guide to AWS roles.
-
In IAM, select a user that will create the CloudFormation stack.
-
Select Create inline policy.
-
After selecting JSON, paste the copied roles to register the policy.
Checking the collection metrics
After completing the cloud data connection, the Added cloud services section is generated on the screen. You can see a list of instances (agents) connected to the cloud database and the metrics being collected.
The metrics collected from AWS CloudWatch fall into the CloudWatch category.
You can check in the following paths.
-
Dashboard > Monitoring a Database Instance: You can select metrics by selecting the
button on the widget. -
Dashboard > Monitoring Multiple Instances: You can select metrics by adding custom widgets.
-
For more information on how to change the metrics of a widget in the Monitoring a Database Instance menu, see the following.
-
For more information on how to add custom widgets in the Monitoring Multiple Instances menu, see the following.
-
In Analysis > Metrics Search, select the Category entry with db_aws_rds. You can check the related tags and fields.
Azure Monitor configuration
You can monitor the status and resource usage of the database running in the Azure cloud environment.
Selecting the service to which you want to add metrics
In the first section, select Azure Monitor. Install the Azure Resource Manager template to collect metrics provided by Azure Monitor.
Entering parameters
Enter required items before configuring the Azure Resource Manager.
-
Instance: Select an instance (agent) to monitor metrics collected from databases running in the Azure cloud environment.
-
Resource ID: Enter the resource ID of the database to monitor. This information can be viewed on the monitored database console. See the following image.
Enter the parameters and then select JSON generation. It generates the JSON to configure the Azure Resource Manager. Copy the generated JSON content.
Configuring the Azure Resource Manager
Install the Azure Resource Manager template provided by WhaTap. This template allows you to install the Function App that collects Azure Monitor metrics by the WhaTap server. If you select Azure Resource Manager Setting, the installation starts and the configuration process is performed.
-
If you select Azure Resource Manager Setting, the template creation screen for Microsoft Azure appears.
-
Select Edit Parameters.
-
Paste the JSON format parameter created through the JSON generation button above.
-
When you select Save at the bottom of the screen, the parameters are automatically entered.
-
Select Resource group. For Resource group, select the group that contains the database to be monitored.
-
Select Review + Create.
-
In the following screen, select Create.
The deployment is processed and all processes are completed.
-
For more information about Azure Resource Manager, see the following link.
-
For information about metrics supported in Azure Monitor, see the following link.
Setting the required roles
Guidance on roles
In order for WhaTap's Function App to properly use the monitoring, the Monitoring Reader role must be assigned to the corresponding resource group or subscription. However, assigning this role itself is a task that requires authorization. It requires the Microsoft.Authorization/roleAssignments/write role, which is not included in general user roles.
Therefore, to assign the Monitoring Reader role, you must have the Role Based Access Control Administrator or User Access Administrator role, which includes the advanced roles.
-
If the Monitoring Reader role was already assigned to the resource group or subscription, you can skip this step.
-
For more information about the Azure roles assignment, see the following link.
Assigning the roles
For the minimum scope, guidance is provided based on the resource group that is a lower level than subscription.
-
On the group dashboard that is to contain the resources, select Access control (IAM) > Add > Add role assignment in order.
-
On the Add role assignment screen, select the Privileged administrator roles tab.
-
Select Role base Access Controle Administator or User Access Administrator.
-
Select Next at the bottom of the screen.
-
In the Assign access to section, select User, group, or service principal, and then select Select Members to add users (User).
-
Select Next at the bottom of the screen.
-
Select Recommended items and then click Review + assign.
To select the fewer privileges items, allow only the Monitoring Reader role.
Checking the collection metrics
After completing the cloud data connection, the Added cloud services section is generated on the screen. You can see a list of instances (agents) connected to the cloud database and the metrics being collected.
Metrics collected from Azure Monitor are included in the Azure category.
You can check in the following paths.
-
Dashboard > Monitoring a Database Instance: You can select metrics by selecting the
button on the widget. -
Dashboard > Monitoring Multiple Instances: You can select metrics by adding custom widgets.
-
For more information on how to change the metrics of a widget in the Monitoring a Database Instance menu, see the following.
-
For more information on how to add custom widgets in the Monitoring Multiple Instances menu, see the following.
-
In Analysis > Metrics Search, select Category as db_azure_database. You can check the related tags and fields.