Least Privileged User

Navigate to the AWS console and create an IAM user with programmatic access. The user will need the following permissions. You can create a policy specifically for these permissions and apply the permissions to the user.

For more information, see: High Level AWS Source Configuration

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "VisualEditor0",
      "Effect": "Allow",
      "Action": [
        "opsworks:DescribeStacks",
        "opsworks:GetHostnameSuggestion",
        "cloudwatch:GetMetricData",
        "opsworks:DescribePermissions",
        "opsworks-cm:DescribeNodeAssociationStatus",
        "cloudwatch:ListMetrics",
        "opsworks:DescribeStackSummary",
        "cloudwatch:DescribeAlarmHistory",
        "opsworks:ListTags",
        "opsworks:DescribeServiceErrors",
        "cloudwatch:DescribeAlarmsForMetric",
        "opsworks-cm:DescribeEvents",
        "opsworks:DescribeLayers",
        "opsworks-cm:DescribeServers",
        "opsworks:DescribeMyUserProfile",
        "opsworks:DescribeStackProvisioningParameters",
        "opsworks:DescribeRaidArrays",
        "opsworks-cm:DescribeBackups",
        "opsworks:DescribeElasticIps",
        "opsworks:DescribeUserProfiles",
        "opsworks:DescribeDeployments",
        "opsworks:DescribeVolumes",
        "cloudwatch:GetMetricStatistics",
        "opsworks:DescribeTimeBasedAutoScaling",
        "opsworks:DescribeEcsClusters",
        "opsworks:DescribeAgentVersions",
        "opsworks:DescribeRdsDbInstances",
        "opsworks-cm:DescribeAccountAttributes",
        "opsworks:DescribeElasticLoadBalancers",
        "opsworks:DescribeInstances",
        "cloudwatch:DescribeAlarms",
        "opsworks:DescribeCommands",
        "opsworks:DescribeLoadBasedAutoScaling",
        "opsworks:DescribeApps"
      ],
      "Resource": "*"
    }
  ]
}

Connection Parameters

Name	Required?	Description
Region
Access Key ID	Required
Secret Access Key	Required
Additional Threads		The number of additional threads allowed to be utilized during collection.
Request Timeout (seconds)		The number of seconds to allow for the API to return a response.
Collect CloudWatch Metrics
CloudWatch Historic Mode		If enabled, retrieves a history of data points from CloudWatch. Otherwise, collects only the most recent data point for each metric.

Metrics

App

Name	Description
Date Created	When the app was created.
Description	A description of the app.
Domains	A list of vhost domain names seperated by commas.
ID	The Identifier for the App.
Name	The app's name.
Region	The AWS Region this object belongs to.
Short Name	The app's short name.
Source Password	The password used to retrieve the app from its source repository.
Source Revision	The application's version.
Source SSH Key	The ssh key used to retrieve the app from its source repository.
Source Type	The app's source repository type.
Source URL	The URL of the source.
Source Username	The username used to retrieve the app from its source repository.
SSL Enabled	Whether SSL is enabled on the app.
Stack ID	The app's stack ID.
Type	The app type.

Command

Name	Description
ACK Time	The date and time when the command was acknowledged.
Completed Time	Date when the command completed.
Created Time	Date and time when the command was run.
Deployment ID	The command deployment identifier.
Exit Code	The command's exit code.
ID	The command's identifier.
Instance ID	The ID of the instance where the command was executed.
Log URL	The URL of the command's log.
Region	The AWS Region this object belongs to.
Status	The command's status.
Type	The command's type.

Configuration Management Server

Name	Description
ARN	The Amazon Resource Name (ARN) of the Server.
Associate Public IP Address	If the Server has an associated public IP address.
Backup Retention Count	The number of automated backups to keep.
CloudFormation Stack ARN	The ARN of the CloudFormation stack that was used to create the Server.
Created Date	The timestamp of Server creation.
Disable Automated Backup	Shows if automated backups are disabled.
Endpoint	A DNS name that can be used to access the engine.
Engine	The engine type of the Server.
Engine Model	The engine model of the Server.
Engine Version	The engine version of the Server.
Instance Profile ARN	The instance profile ARN of the Server.
Instance Type	The instance type for the Server, as specified in the CloudFormation stack. This might not be the same instance type that is shown in the EC2 console.
Key Pair	The key pair associated with the Server.
Maintenance Status	The status of the most recent Server maintenance run.
Name	The name of the Server.
Preferred Backup Window	The preferred backup period specified for the Server.
Preferred Maintenance Window	The preferred maintenance period specified for the Server.
Region	The AWS Region this object belongs to.
Security Group IDs	The security group IDs for the Server, as specified in the CloudFormation stack. These might not be the same security groups that are shown in the EC2 console.
Service Role ARN	The service role ARN used to create the Server.
Status	The Server's status.
Status Reason	Depending on the Server status, this field has either a human-readable message (such as a create or backup error), or an escaped block of JSON (used for health check results).
Subnet IDs	The subnet IDs for the Server.

Deployment

Name	Description
Application ID	The ID of the app that is being deployed.
Command Name	The name of the operation.
Comment	A user-defined comment.
Completed Time	Date when the deployment completed.
Created Time	Date when the deployment was created.
Custom JSON	A user-defined custom JSON string.
Duration	The deployment duration.
IAM User ARN	The user's IAM ARN.
ID	The deployment's identifier.
Instance IDs	A list of target instance IDs, separated by commas.
Region	The AWS Region this object belongs to.
Stack ID	The stack identifier.
Status	The deployment status.

EBS Volume

Name	Description
Availability Zone	The EBS Volume Availability Zone.
Device	The device name for the EBS Volume.
EC2 Volume ID	The Amazon EC2 volume ID.
ID	The EBS Volume ID.
Instance ID	The instance ID.
I/O Rate (Operations per Second)	For PIOPS EBS Volumes, the I/O Rate per disk.
Mount Point	The EBS Volume mount point.
Name	The EBS Volume name.
RAID Array ID	RAID array ID for the EBS Volume.
Region	The AWS Region this object belongs to.
Size (Bytes)	The EBS Volume size.
Status	The EBS Volume state.
Type	The EBS Volume's type, Standard or PIOPS.

Elastic Load Balancer

Name	Description
Availability Zones	A list of Availability Zones.
DNS Name	The instance's public DNS name.
EC2 Instance IDs	A list of the EC2 instances that the Elastic Load Balancing instance is managing traffic for.
Layer ID	The ID of the layer that the instance is attached to.
Name	The name of the load balancer.
Region	The AWS Region this object belongs to.
Stack ID	The ID of the stack that the instance is associated with.
Subnet IDs	A list of subnet IDs, if the stack is running in a VPC.
VPC ID	The VPC ID.

Instance

Name	Description
Active Processes	The number of active processes.
Agent Version	The agent version.
AMI ID	A custom AMI ID to be used to create the Instance.
Architecture	The Instance architecture: i386 or x86_64.
ARN	The Instance's ARN.
Autoscaling Type	For load-based or time-based Instances, the type.
Availability Zone	The Instance Availability Zone.
CPU Idle (%)	The percentage of time that the CPU is idle.
CPU Nice (%)	The percentage of time that the CPU is handling processes with a positive nice value, which have a lower scheduling priority.
CPU Steal (%)	As AWS allocates hypervisor CPU resources among increasing numbers of instances, virtualization load rises, and can affect how often the hypervisor can perform requested work on an instance. cpu_steal measures the percentage of time that an instance is waiting for the hypervisor to allocate physical CPU resources.
CPU System (%)	The percentage of time that the CPU is handling system operations.
CPU User (%)	The percentage of time that the CPU is handling user operations.
CPU Wait I/O (%)	The percentage of time that the CPU is waiting for input/output operations.
Created Time	The time that the Instance was created.
EBS Optimized	Whether this is an Amazon EBS-optimized instance.
EC2 Instance ID	The ID of the associated Amazon EC2 instance.
ECS Cluster ARN	For container Instances, the Amazon ECS cluster's ARN.
ECS Container Instance ARN	For container Instances, the instance's ARN.
Elastic IP Address	The Instance Elastic IP address.
Host Name	The Instance host name.
ID	The identifier of the instance.
Infrastructure Class	For registered Instances, the infrastructure class: ec2 or on-premises.
Install Updates On Boot	Whether to install operating system and package updates when the Instance boots.
Last Service Error ID	The ID of the last service error.
Layer IDs	The Instance layer IDs.
Load Average for 15 Minutes	The load averaged over a 15-minute window.
Load Average for 1 Minute	The load averaged over a one-minute window.
Load Average for 5 Minutes	The load averaged over a five-minute window.
Memory Buffers (Bytes)	The amount of buffered memory.
Memory Cached (Bytes)	The amount of cached memory.
Memory Free (Bytes)	The amount of free memory.
Memory Swap (Bytes)	The amount of swap space.
Memory Total (Bytes)	The total amount of memory.
Memory Used (Bytes)	The amount of memory in use.
O/S	The Instance's operating system.
Platform	The Instance's platform.
Private DNS	The instance's private DNS name.
Private IP Address	The Instance's private IP address.
Profile ARN	The ARN of the Instance's IAM profile.
Public DNS	The Instance public DNS name.
Public IP Address	The Instance public IP address.
Region	The AWS Region this object belongs to.
Registered By	For registered Instances, who performed the registration.
Reported Agent Version	The Instance's reported AWS OpsWorks Stacks agent version.
Reported O/S	For registered Instances, the reported operating system.
Root Device Type	The Instance's root device type.
Root Device Volume ID	The root device volume ID.
Security Group IDs	The Instance security group IDs.
SSH Host DSA Key Fingerprint	The SSH key's Deep Security Agent (DSA) fingerprint.
SSH Host RSA Key Fingerprint	The SSH key's RSA fingerprint.
SSH Key Name	The Instance's Amazon EC2 key-pair name.
Stack ID	The stack ID.
Status	The Instance status.
Subnet ID	The Instance's subnet ID; applicable only if the stack is running in a VPC.
Tenancy	The Instance's tenancy option, such as dedicated or host.
Type	The Instance type, such as t2.micro.
Virtualization Type	The Instance's virutalization type: paravirtual or hvm.

Layer

Name	Description
Active Processes	The number of active processes.
CPU Idle (%)	The percentage of time that the CPU is idle.
CPU Nice (%)	The percentage of time that the CPU is handling processes with a positive nice value, which have a lower scheduling priority.
CPU Steal (%)	As AWS allocates hypervisor CPU resources among increasing numbers of instances, virtualization load rises, and can affect how often the hypervisor can perform requested work on an instance. cpu_steal measures the percentage of time that an instance is waiting for the hypervisor to allocate physical CPU resources.
CPU System (%)	The percentage of time that the CPU is handling system operations.
CPU User (%)	The percentage of time that the CPU is handling user operations.
CPU Wait I/O (%)	The percentage of time that the CPU is waiting for input/output operations.
ID	The identifier of the layer.
Load Average for 15 Minutes	The load averaged over a 15-minute window.
Load Average for 1 Minute	The load averaged over a one-minute window.
Load Average for 5 Minutes	The load averaged over a five-minute window.
Memory Buffers (Bytes)	The amount of buffered memory.
Memory Cached (Bytes)	The amount of cached memory.
Memory Free (Bytes)	The amount of free memory.
Memory Swap (Bytes)	The amount of swap space.
Memory Total (Bytes)	The total amount of memory.
Memory Used (Bytes)	The amount of memory in use.
Region	The AWS Region this object belongs to.

RDS Instance

Name	Description
Address	The RDS Instance's address.
ARN	The RDS Instance's ARN.
Database Engine	The RDS Instance's database engine.
Database Master User	The RDS Instance's master user name.
ID	The RDS DB Instance identifier.
Missing On RDS	If AWS OpsWorks Stacks is unable to discover the Amazon RDS Instance.
Region	The AWS Region this object belongs to.
Stack ID	The ID of the stack with which the RDS Instance is registered.

Stack

Name	Description
Active Processes	The number of active processes.
Agent Version	The agent version.
ARN	The Stack's ARN.
Berkshelf Version	The Berkshelf version for the Chef configuration.
Chef Version	The Chef version.
CPU Idle (%)	The percentage of time that the CPU is idle.
CPU Nice (%)	The percentage of time that the CPU is handling processes with a positive nice value, which have a lower scheduling priority.
CPU Steal (%)	As AWS allocates hypervisor CPU resources among increasing numbers of instances, virtualization load rises, and can affect how often the hypervisor can perform requested work on an instance. cpu_steal measures the percentage of time that an instance is waiting for the hypervisor to allocate physical CPU resources.
CPU System (%)	The percentage of time that the CPU is handling system operations.
CPU User (%)	The percentage of time that the CPU is handling user operations.
CPU Wait I/O (%)	The percentage of time that the CPU is waiting for input/output operations.
Created Date	The date when the Stack was created.
Custom Cookbooks Source Revision	The version of the application.
Custom Cookbooks Source Type	The repository type.
Custom Cookbooks Source URL	The source URL.
Custom Cookbooks Source User	For Amazon S3 bundles, the IAM access key ID. For HTTP bundles, Git repositories, and Subversion repositories, the user name.
Custom JSON	A JSON object that contains user-defined attributes to be added to the Stack configuration attributes.
Default Availability Zone	The Stack's default Availability Zone.
Default Instance Profile ARN	The ARN of an IAM profile that is the default profile for all of the Stack's EC2 instances.
Default O/S	The Stack's default operating system.
Default Root Device Type	The Stack's default root device type.
Default Subnet ID	The default subnet ID; applicable only if the Stack is running in a VPC.
Host Name Theme	The Stack host name theme, with spaces replaced by underscores.
ID	The identifier of the stack.
Load Average for 15 Minutes	The load averaged over a 15-minute window.
Load Average for 1 Minute	The load averaged over a one-minute window.
Load Average for 5 Minutes	The load averaged over a five-minute window.
Manage Berkshelf	Whether to enabled Berkshelf for the Chef configuration.
Memory Buffers (Bytes)	The amount of buffered memory.
Memory Cached (Bytes)	The amount of cached memory.
Memory Free (Bytes)	The amount of free memory.
Memory Swap (Bytes)	The amount of swap space.
Memory Total (Bytes)	The total amount of memory.
Memory Used (Bytes)	The amount of memory in use.
Name	The Stack's name.
Region	The AWS Region this object belongs to.
Service Role ARN	The Stack's AWS Identity and Access Management (IAM) role.
SSH Key Name	A default Amazon EC2 key pair for the Stack's instances.
Use Custom Cookbooks	Whether the Stack uses custom cookbooks.
Use OpsWorks Security Groups	Whether the Stack automatically associates the AWS OpsWorks Stacks built-in security groups with the Stack's layers.
VPC ID	The VPC ID; applicable only if the Stack is running in a VPC.