From 6a716504e498a87fc8a385359fc592de907fd28f Mon Sep 17 00:00:00 2001 From: Greg Blomquist Date: Wed, 3 Dec 2014 10:31:50 -0500 Subject: [PATCH 1/2] Adding documentation for AWS Config service --- README.md | 1 + providers/amazon_aws_config.md | 50 ++++++++++++++++++++++++++++++++++ 2 files changed, 51 insertions(+) create mode 100644 providers/amazon_aws_config.md diff --git a/README.md b/README.md index 48d2305a..dea1403a 100644 --- a/README.md +++ b/README.md @@ -11,6 +11,7 @@ * [Architecture](architecture.md) * [External Authentication (httpd)](external_auth.md) * [REST API](rest_api.md) +* [Working with Amazon AWS Config service](providers/amazon_aws_config.md) ## License diff --git a/providers/amazon_aws_config.md b/providers/amazon_aws_config.md new file mode 100644 index 00000000..9fc8c0c2 --- /dev/null +++ b/providers/amazon_aws_config.md @@ -0,0 +1,50 @@ +## Amazon AWS Config + +The [AWS Config](http://aws.amazon.com/config/) service provides configuration +information about all catalog items in your AWS environment, including +configuration changes. + +### Setting up the AWS Config service + +The instructions for enabling the AWS Config service are provided in [Amazon's +documentation](http://aws.amazon.com/config/details/#Getting_Started). An +overview of those instructions is provided here. + +1. Create an AWS SNS Topic called `AWSConfig_topic`. + * log into the AWS Console + * navigate to the SNS tab + * click the "Create and Add" button, and select "Create new topic" + * in the dialog, enter "AWSConfig_topic" as the topic name + * click "Create topic" to close the dialog +2. Create an AWS S3 bucket for AWS Config + * navigate to the S3 tag in the AWS Console + * click the "Actions" button, and select "Create Bucket..." + * in the dialog, enter a bucket name in the "Bucket Name" field + * select the region appropriate for your AWS account + * click "Create" to close the dialog +3. Enable the AWS Config service + * navigate to the Config tab + * click the gear icon next to the "Status" link + * under the "Amazon SNS Topic" heading, select "Choose a topic from your + account" and select the `AWSConfig_topic` + * under the "Amazon S3 Bucket" heading, select "Choose a bucket from my + account" and select the correct bucket name + * enter an optional subdirectory + * click "Allow" to allow the AWS Config service read resource configurations + +### How ManageIQ Uses AWS Config + +ManageIQ supports AWS Config by using the service as the source for events. +Configuration changes published by AWS Config are consumed by ManageIQ and +treated as events. These events are processed by the normal ManageIQ event +handler mechanisms. + +When the ManageIQ AWS Event Catcher starts for the first time, it will create a +new AWS SQS Queue that subscribes to the AWS SNS Topic used by the AWS Config +service. It is important to use the AWS SNS Topic name of `AWSConfig_topic` +when setting up the AWS Config service so that ManageIQ can find the topic when +creating the SQS Queue. + +The SQS Queue is used to receive AWS resource configuration diffs generated by +the AWS Config service. The ManageIQ AWS Event Catcher connects to the SQS +Queue and receives all of the AWS resource configuration diffs. From e88856ce3f9dad12e278685846609977881d0266 Mon Sep 17 00:00:00 2001 From: Greg Blomquist Date: Thu, 4 Dec 2014 08:53:58 -0500 Subject: [PATCH 2/2] Style and grammar changes --- providers/amazon_aws_config.md | 42 +++++++++++++++++----------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/providers/amazon_aws_config.md b/providers/amazon_aws_config.md index 9fc8c0c2..e248794d 100644 --- a/providers/amazon_aws_config.md +++ b/providers/amazon_aws_config.md @@ -8,29 +8,29 @@ configuration changes. The instructions for enabling the AWS Config service are provided in [Amazon's documentation](http://aws.amazon.com/config/details/#Getting_Started). An -overview of those instructions is provided here. +overview is provided here. 1. Create an AWS SNS Topic called `AWSConfig_topic`. - * log into the AWS Console - * navigate to the SNS tab - * click the "Create and Add" button, and select "Create new topic" - * in the dialog, enter "AWSConfig_topic" as the topic name - * click "Create topic" to close the dialog -2. Create an AWS S3 bucket for AWS Config - * navigate to the S3 tag in the AWS Console - * click the "Actions" button, and select "Create Bucket..." - * in the dialog, enter a bucket name in the "Bucket Name" field - * select the region appropriate for your AWS account - * click "Create" to close the dialog -3. Enable the AWS Config service - * navigate to the Config tab - * click the gear icon next to the "Status" link - * under the "Amazon SNS Topic" heading, select "Choose a topic from your - account" and select the `AWSConfig_topic` - * under the "Amazon S3 Bucket" heading, select "Choose a bucket from my - account" and select the correct bucket name - * enter an optional subdirectory - * click "Allow" to allow the AWS Config service read resource configurations + * Log in to the AWS Console. + * Navigate to the SNS tab. + * Click the "Create and Add" button, and select "Create new topic". + * In the dialog, enter "AWSConfig_topic" as the topic name. + * Click "Create topic" to close the dialog. +2. Create an AWS S3 bucket for AWS Config. + * Navigate to the S3 tag in the AWS Console. + * Click the "Actions" button, and select "Create Bucket...". + * In the dialog, enter a bucket name in the "Bucket Name" field. + * Select the region appropriate for your AWS account. + * Click "Create" to close the dialog. +3. Enable the AWS Config service. + * Navigate to the Config tab. + * Click the gear icon next to the "Status" link. + * Under the "Amazon SNS Topic" heading, select "Choose a topic from your. + account" and select the `AWSConfig_topic`. + * Under the "Amazon S3 Bucket" heading, select "Choose a bucket from my. + account" and select the correct bucket name. + * Enter an optional subdirectory. + * Click "Allow" to allow the AWS Config service read resource configurations. ### How ManageIQ Uses AWS Config