Least Privileged User
Navigate to the AWS console and create an IAM user with programmatic access. The user will need the following permissions. You can create a policy specifically for these permissions and apply the permissions to the user.
For more information, see: High Level AWS Source Configuration
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"opsworks:DescribeStacks",
"opsworks:GetHostnameSuggestion",
"cloudwatch:GetMetricData",
"opsworks:DescribePermissions",
"opsworks-cm:DescribeNodeAssociationStatus",
"cloudwatch:ListMetrics",
"opsworks:DescribeStackSummary",
"cloudwatch:DescribeAlarmHistory",
"opsworks:ListTags",
"opsworks:DescribeServiceErrors",
"cloudwatch:DescribeAlarmsForMetric",
"opsworks-cm:DescribeEvents",
"opsworks:DescribeLayers",
"opsworks-cm:DescribeServers",
"opsworks:DescribeMyUserProfile",
"opsworks:DescribeStackProvisioningParameters",
"opsworks:DescribeRaidArrays",
"opsworks-cm:DescribeBackups",
"opsworks:DescribeElasticIps",
"opsworks:DescribeUserProfiles",
"opsworks:DescribeDeployments",
"opsworks:DescribeVolumes",
"cloudwatch:GetMetricStatistics",
"opsworks:DescribeTimeBasedAutoScaling",
"opsworks:DescribeEcsClusters",
"opsworks:DescribeAgentVersions",
"opsworks:DescribeRdsDbInstances",
"opsworks-cm:DescribeAccountAttributes",
"opsworks:DescribeElasticLoadBalancers",
"opsworks:DescribeInstances",
"cloudwatch:DescribeAlarms",
"opsworks:DescribeCommands",
"opsworks:DescribeLoadBasedAutoScaling",
"opsworks:DescribeApps"
],
"Resource": "*"
}
]
}
Connection Parameters
| Name | Required? | Description |
|---|---|---|
| Region | ||
| Access Key ID | Required | |
| Secret Access Key | Required | |
| Additional Threads | The number of additional threads allowed to be utilized during collection. | |
| Request Timeout (seconds) | The number of seconds to allow for the API to return a response. | |
| Collect CloudWatch Metrics | ||
| CloudWatch Historic Mode | If enabled, retrieves a history of data points from CloudWatch. Otherwise, collects only the most recent data point for each metric. |
Metrics
App
| Name | Description |
|---|---|
| Date Created | When the app was created. |
| Description | A description of the app. |
| Domains | A list of vhost domain names seperated by commas. |
| ID | The Identifier for the App. |
| Name | The app's name. |
| Region | The AWS Region this object belongs to. |
| Short Name | The app's short name. |
| Source Password | The password used to retrieve the app from its source repository. |
| Source Revision | The application's version. |
| Source SSH Key | The ssh key used to retrieve the app from its source repository. |
| Source Type | The app's source repository type. |
| Source URL | The URL of the source. |
| Source Username | The username used to retrieve the app from its source repository. |
| SSL Enabled | Whether SSL is enabled on the app. |
| Stack ID | The app's stack ID. |
| Type | The app type. |
Command
| Name | Description |
|---|---|
| ACK Time | The date and time when the command was acknowledged. |
| Completed Time | Date when the command completed. |
| Created Time | Date and time when the command was run. |
| Deployment ID | The command deployment identifier. |
| Exit Code | The command's exit code. |
| ID | The command's identifier. |
| Instance ID | The ID of the instance where the command was executed. |
| Log URL | The URL of the command's log. |
| Region | The AWS Region this object belongs to. |
| Status | The command's status. |
| Type | The command's type. |
Configuration Management Server
| Name | Description |
|---|---|
| ARN | The Amazon Resource Name (ARN) of the Server. |
| Associate Public IP Address | If the Server has an associated public IP address. |
| Backup Retention Count | The number of automated backups to keep. |
| CloudFormation Stack ARN | The ARN of the CloudFormation stack that was used to create the Server. |
| Created Date | The timestamp of Server creation. |
| Disable Automated Backup | Shows if automated backups are disabled. |
| Endpoint | A DNS name that can be used to access the engine. |
| Engine | The engine type of the Server. |
| Engine Model | The engine model of the Server. |
| Engine Version | The engine version of the Server. |
| Instance Profile ARN | The instance profile ARN of the Server. |
| Instance Type | The instance type for the Server, as specified in the CloudFormation stack. This might not be the same instance type that is shown in the EC2 console. |
| Key Pair | The key pair associated with the Server. |
| Maintenance Status | The status of the most recent Server maintenance run. |
| Name | The name of the Server. |
| Preferred Backup Window | The preferred backup period specified for the Server. |
| Preferred Maintenance Window | The preferred maintenance period specified for the Server. |
| Region | The AWS Region this object belongs to. |
| Security Group IDs | The security group IDs for the Server, as specified in the CloudFormation stack. These might not be the same security groups that are shown in the EC2 console. |
| Service Role ARN | The service role ARN used to create the Server. |
| Status | The Server's status. |
| Status Reason | Depending on the Server status, this field has either a human-readable message (such as a create or backup error), or an escaped block of JSON (used for health check results). |
| Subnet IDs | The subnet IDs for the Server. |
Deployment
| Name | Description |
|---|---|
| Application ID | The ID of the app that is being deployed. |
| Command Name | The name of the operation. |
| Comment | A user-defined comment. |
| Completed Time | Date when the deployment completed. |
| Created Time | Date when the deployment was created. |
| Custom JSON | A user-defined custom JSON string. |
| Duration | The deployment duration. |
| IAM User ARN | The user's IAM ARN. |
| ID | The deployment's identifier. |
| Instance IDs | A list of target instance IDs, separated by commas. |
| Region | The AWS Region this object belongs to. |
| Stack ID | The stack identifier. |
| Status | The deployment status. |
EBS Volume
| Name | Description |
|---|---|
| Availability Zone | The EBS Volume Availability Zone. |
| Device | The device name for the EBS Volume. |
| EC2 Volume ID | The Amazon EC2 volume ID. |
| ID | The EBS Volume ID. |
| Instance ID | The instance ID. |
| I/O Rate (Operations per Second) | For PIOPS EBS Volumes, the I/O Rate per disk. |
| Mount Point | The EBS Volume mount point. |
| Name | The EBS Volume name. |
| RAID Array ID | RAID array ID for the EBS Volume. |
| Region | The AWS Region this object belongs to. |
| Size (Bytes) | The EBS Volume size. |
| Status | The EBS Volume state. |
| Type | The EBS Volume's type, Standard or PIOPS. |
Elastic Load Balancer
| Name | Description |
|---|---|
| Availability Zones | A list of Availability Zones. |
| DNS Name | The instance's public DNS name. |
| EC2 Instance IDs | A list of the EC2 instances that the Elastic Load Balancing instance is managing traffic for. |
| Layer ID | The ID of the layer that the instance is attached to. |
| Name | The name of the load balancer. |
| Region | The AWS Region this object belongs to. |
| Stack ID | The ID of the stack that the instance is associated with. |
| Subnet IDs | A list of subnet IDs, if the stack is running in a VPC. |
| VPC ID | The VPC ID. |
Instance
| Name | Description |
|---|---|
| Active Processes | The number of active processes. |
| Agent Version | The agent version. |
| AMI ID | A custom AMI ID to be used to create the Instance. |
| Architecture | The Instance architecture: i386 or x86_64. |
| ARN | The Instance's ARN. |
| Autoscaling Type | For load-based or time-based Instances, the type. |
| Availability Zone | The Instance Availability Zone. |
| CPU Idle (%) | The percentage of time that the CPU is idle. |
| CPU Nice (%) | The percentage of time that the CPU is handling processes with a positive nice value, which have a lower scheduling priority. |
| CPU Steal (%) | As AWS allocates hypervisor CPU resources among increasing numbers of instances, virtualization load rises, and can affect how often the hypervisor can perform requested work on an instance. cpu_steal measures the percentage of time that an instance is waiting for the hypervisor to allocate physical CPU resources. |
| CPU System (%) | The percentage of time that the CPU is handling system operations. |
| CPU User (%) | The percentage of time that the CPU is handling user operations. |
| CPU Wait I/O (%) | The percentage of time that the CPU is waiting for input/output operations. |
| Created Time | The time that the Instance was created. |
| EBS Optimized | Whether this is an Amazon EBS-optimized instance. |
| EC2 Instance ID | The ID of the associated Amazon EC2 instance. |
| ECS Cluster ARN | For container Instances, the Amazon ECS cluster's ARN. |
| ECS Container Instance ARN | For container Instances, the instance's ARN. |
| Elastic IP Address | The Instance Elastic IP address. |
| Host Name | The Instance host name. |
| ID | The identifier of the instance. |
| Infrastructure Class | For registered Instances, the infrastructure class: ec2 or on-premises. |
| Install Updates On Boot | Whether to install operating system and package updates when the Instance boots. |
| Last Service Error ID | The ID of the last service error. |
| Layer IDs | The Instance layer IDs. |
| Load Average for 15 Minutes | The load averaged over a 15-minute window. |
| Load Average for 1 Minute | The load averaged over a one-minute window. |
| Load Average for 5 Minutes | The load averaged over a five-minute window. |
| Memory Buffers (Bytes) | The amount of buffered memory. |
| Memory Cached (Bytes) | The amount of cached memory. |
| Memory Free (Bytes) | The amount of free memory. |
| Memory Swap (Bytes) | The amount of swap space. |
| Memory Total (Bytes) | The total amount of memory. |
| Memory Used (Bytes) | The amount of memory in use. |
| O/S | The Instance's operating system. |
| Platform | The Instance's platform. |
| Private DNS | The instance's private DNS name. |
| Private IP Address | The Instance's private IP address. |
| Profile ARN | The ARN of the Instance's IAM profile. |
| Public DNS | The Instance public DNS name. |
| Public IP Address | The Instance public IP address. |
| Region | The AWS Region this object belongs to. |
| Registered By | For registered Instances, who performed the registration. |
| Reported Agent Version | The Instance's reported AWS OpsWorks Stacks agent version. |
| Reported O/S | For registered Instances, the reported operating system. |
| Root Device Type | The Instance's root device type. |
| Root Device Volume ID | The root device volume ID. |
| Security Group IDs | The Instance security group IDs. |
| SSH Host DSA Key Fingerprint | The SSH key's Deep Security Agent (DSA) fingerprint. |
| SSH Host RSA Key Fingerprint | The SSH key's RSA fingerprint. |
| SSH Key Name | The Instance's Amazon EC2 key-pair name. |
| Stack ID | The stack ID. |
| Status | The Instance status. |
| Subnet ID | The Instance's subnet ID; applicable only if the stack is running in a VPC. |
| Tenancy | The Instance's tenancy option, such as dedicated or host. |
| Type | The Instance type, such as t2.micro. |
| Virtualization Type | The Instance's virutalization type: paravirtual or hvm. |
Layer
| Name | Description |
|---|---|
| Active Processes | The number of active processes. |
| CPU Idle (%) | The percentage of time that the CPU is idle. |
| CPU Nice (%) | The percentage of time that the CPU is handling processes with a positive nice value, which have a lower scheduling priority. |
| CPU Steal (%) | As AWS allocates hypervisor CPU resources among increasing numbers of instances, virtualization load rises, and can affect how often the hypervisor can perform requested work on an instance. cpu_steal measures the percentage of time that an instance is waiting for the hypervisor to allocate physical CPU resources. |
| CPU System (%) | The percentage of time that the CPU is handling system operations. |
| CPU User (%) | The percentage of time that the CPU is handling user operations. |
| CPU Wait I/O (%) | The percentage of time that the CPU is waiting for input/output operations. |
| ID | The identifier of the layer. |
| Load Average for 15 Minutes | The load averaged over a 15-minute window. |
| Load Average for 1 Minute | The load averaged over a one-minute window. |
| Load Average for 5 Minutes | The load averaged over a five-minute window. |
| Memory Buffers (Bytes) | The amount of buffered memory. |
| Memory Cached (Bytes) | The amount of cached memory. |
| Memory Free (Bytes) | The amount of free memory. |
| Memory Swap (Bytes) | The amount of swap space. |
| Memory Total (Bytes) | The total amount of memory. |
| Memory Used (Bytes) | The amount of memory in use. |
| Region | The AWS Region this object belongs to. |
RDS Instance
| Name | Description |
|---|---|
| Address | The RDS Instance's address. |
| ARN | The RDS Instance's ARN. |
| Database Engine | The RDS Instance's database engine. |
| Database Master User | The RDS Instance's master user name. |
| ID | The RDS DB Instance identifier. |
| Missing On RDS | If AWS OpsWorks Stacks is unable to discover the Amazon RDS Instance. |
| Region | The AWS Region this object belongs to. |
| Stack ID | The ID of the stack with which the RDS Instance is registered. |
Stack
| Name | Description |
|---|---|
| Active Processes | The number of active processes. |
| Agent Version | The agent version. |
| ARN | The Stack's ARN. |
| Berkshelf Version | The Berkshelf version for the Chef configuration. |
| Chef Version | The Chef version. |
| CPU Idle (%) | The percentage of time that the CPU is idle. |
| CPU Nice (%) | The percentage of time that the CPU is handling processes with a positive nice value, which have a lower scheduling priority. |
| CPU Steal (%) | As AWS allocates hypervisor CPU resources among increasing numbers of instances, virtualization load rises, and can affect how often the hypervisor can perform requested work on an instance. cpu_steal measures the percentage of time that an instance is waiting for the hypervisor to allocate physical CPU resources. |
| CPU System (%) | The percentage of time that the CPU is handling system operations. |
| CPU User (%) | The percentage of time that the CPU is handling user operations. |
| CPU Wait I/O (%) | The percentage of time that the CPU is waiting for input/output operations. |
| Created Date | The date when the Stack was created. |
| Custom Cookbooks Source Revision | The version of the application. |
| Custom Cookbooks Source Type | The repository type. |
| Custom Cookbooks Source URL | The source URL. |
| Custom Cookbooks Source User | For Amazon S3 bundles, the IAM access key ID. For HTTP bundles, Git repositories, and Subversion repositories, the user name. |
| Custom JSON | A JSON object that contains user-defined attributes to be added to the Stack configuration attributes. |
| Default Availability Zone | The Stack's default Availability Zone. |
| Default Instance Profile ARN | The ARN of an IAM profile that is the default profile for all of the Stack's EC2 instances. |
| Default O/S | The Stack's default operating system. |
| Default Root Device Type | The Stack's default root device type. |
| Default Subnet ID | The default subnet ID; applicable only if the Stack is running in a VPC. |
| Host Name Theme | The Stack host name theme, with spaces replaced by underscores. |
| ID | The identifier of the stack. |
| Load Average for 15 Minutes | The load averaged over a 15-minute window. |
| Load Average for 1 Minute | The load averaged over a one-minute window. |
| Load Average for 5 Minutes | The load averaged over a five-minute window. |
| Manage Berkshelf | Whether to enabled Berkshelf for the Chef configuration. |
| Memory Buffers (Bytes) | The amount of buffered memory. |
| Memory Cached (Bytes) | The amount of cached memory. |
| Memory Free (Bytes) | The amount of free memory. |
| Memory Swap (Bytes) | The amount of swap space. |
| Memory Total (Bytes) | The total amount of memory. |
| Memory Used (Bytes) | The amount of memory in use. |
| Name | The Stack's name. |
| Region | The AWS Region this object belongs to. |
| Service Role ARN | The Stack's AWS Identity and Access Management (IAM) role. |
| SSH Key Name | A default Amazon EC2 key pair for the Stack's instances. |
| Use Custom Cookbooks | Whether the Stack uses custom cookbooks. |
| Use OpsWorks Security Groups | Whether the Stack automatically associates the AWS OpsWorks Stacks built-in security groups with the Stack's layers. |
| VPC ID | The VPC ID; applicable only if the Stack is running in a VPC. |
Updated 8 months ago