AWS IAM monitoring integration

Access to this feature depends on your subscription level. Requires Infrastructure Pro.

New Relic Infrastructure's integrations include an AWS Identity and Access Management (IAM) integration for reporting your IAM data to New Relic products. This document explains the integration's features, how to activate it, and what data can be reported.

Features

Amazon's Identity and Access Management (IAM) enables you to securely control access to AWS services and resources for your users. Using IAM, you can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources.

New Relic's IAM monitoring integration lets you capture the state of policies, users, groups, and roles at specific points in time. IAM data is also available for analysis in New Relic Insights.

Activate integration

To enable this integration:

  1. Make sure you have installed the Infrastructure agent before you activate AWS integrations from your Infrastructure account.
  2. Follow standard procedures to Connect AWS services to Infrastructure.

Configuration and polling

You can change the polling frequency and filter data using configuration options.

Default polling information for the AWS IAM integration:

  • New Relic polling interval: 5 minutes

Find and use data

To find this integration's data in Infrastructure, go to infrastructure.newrelic.com > Integrations > Amazon Web Services and select one of the IAM integration links.

In New Relic Insights, data is attached to the IamAccountSummarySample event type.

Metric data

The IAM integration doesn't capture any performance metrics in the traditional sense of the word. But the integration does monitor the state of IAM service policies, users, groups, and roles at specific points in time, and uses that to create these count-based metrics:

  • Certificates per account
  • Groups per account
  • MFA devices per account
  • Roles per account
  • Users per account

Inventory data

The IAM integration reports this inventory data:

Name Description
group

High level information about the Group and detailed information on the group attributes.

policy

Information about the managed policy.

role

Information about the IAM role.

server-certificate

Information about the server certificate.

user

Information about the user and user details.

virtual-mfa

Information about the virtual MFA device.

For more help

Recommendations for learning more: