Important
Enable the AWS CloudWatch Metric Streams integration to monitor all CloudWatch metrics from your AWS services, including custom namespaces. Individual integrations are no longer our recommended option.
New Relic infrastructure integrations include an AWS Identity and Access Management (IAM) integration for reporting your IAM data to New Relic. This document explains the integration's features, how to activate it, and what data can be reported.
Features
Amazon's Identity and Access Management (IAM) enables you to securely control access to AWS services and resources for your users. Using IAM, you can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources.
New Relic's IAM monitoring integration lets you capture the state of policies, users, groups, and roles at specific points in time. IAM data is also available for analysis.
Activate integration
To enable this integration follow standard procedures to Connect AWS services to New Relic.
Configuration and polling
You can change the polling frequency and filter data using configuration options.
Default polling information for the AWS IAM integration:
- New Relic polling interval: 5 minutes
Find and use data
To find this integration's data, go to one.newrelic.com > All capabilities > Infrastructure > AWS and select one of the IAM integration links.
You can query and explore your data using the IamAccountSummarySample
event type.
Metric data
The IAM integration doesn't capture any performance metrics in the traditional sense of the word. But the integration does monitor the state of IAM service policies, users, groups, and roles at specific points in time, and uses that to create these count-based metrics:
- Certificates per account
- Groups per account
- MFA devices per account
- Roles per account
- Users per account