Start monitoring the AWS services powering your AWS GovCloud (US) and China Region deployments with Site24x7.
You've been asking for it, and today we're excited to announce Site24x7 is extending its monitoring coverage to resources in AWS GovCloud (US) and AWS China Region. With this new support, we're making it easier for you to pull data from Infrastructure and PaaS services deployed across all your regions into a single monitoring platform, allowing you to gain a truly global view of your AWS cloud environment.
What are AWS GovCloud (US) and AWS China Region?
AWS GovCloud (US) is an isolated AWS region that was designed to provide state of the art data center facilities to US government agencies, healthcare industries, educational institutions, and other US customers who wanted to leverage the power of a public cloud platform, but couldn't due to stringent regulatory and compliance requirements. With DoD Impact Level 5 Provisional Authorization, an ITAR compliant infrastructure, FedRAMP ATO, FIPS validation, and more, GovCloud is the perfect place to run sensitive workloads that contain Controlled Unclassified Information (CUI) or any other government data in the US.
Similarly, the AWS China Region came into existence to help Chinese companies build and run applications in the cloud while still complying with their legal and regulatory requirements. Instead of running the show themselves, AWS has collaborated with local Chinese partners in Beijing and Ningxia to deliver their cloud services.
Visualize resource usage and performance
Now, businesses moving their sensitive workloads to the AWS cloud can leverage Site24x7 to monitor resource usage and performance of compute, database, network, storage, and pub/sub services running in the GovCloud (US) and China regions by merely integrating their AWS account with Site24x7.
Important caveat
Performance metrics and metadata collected from CloudWatch and various AWS service-level APIs don't fall under the category of CUI or sensitive data. Hence they may not be subject to any data residency requirements. However, it is imperative for us to disclose the fact that Site24x7's monitoring platform doesn't run within the boundaries of the AWS GovCloud (US) or the China Region. In other words, our data centers in the US and EU will be hosting your monitoring data. If you have some reservations about Site24x7 collecting metrics from specific instances or resources, you can always opt them out during discovery using metadata or tags (key-value pairs). If you have any further questions, you can get in touch with us at [email protected]
How does the integration work?
As you may already know, the recommended way of granting third party access to your AWS resource is the IAM role, where you establish a trust relationship between the account that owns the resource and the account that contains the users that need to access the resource. Site24x7 went through a meticulous vetting process to obtain an AWS account both in the GovCloud (US) and China Region, to help you securely delegate access using roles instead of creating IAM user and sharing credentials.
To enable access, sign in to the IAM console of your GovCloud (US) or China Region account and follow these steps:
- Select Roles > Create role.
- Select Another AWS account as the trusted entity type.
- Enter Site24x7's GovCloud or China Region Account ID in the field provided and click on the Require external ID option.
- Type in the unique external ID, keep the Require MFA option unchecked, and click on Permissions. (Both Site24x7's AWS account ID and unique External ID can be found on the Add Amazon Monitor form in the Site24x7 console.)
- Next, assign the default AWS managed policy named ReadOnlyAccess.
- In the Review section, provide an appropriate name for the role (Site24x7_integration), description and click on Create.
- Now select Roles once more, search for the role you just created, click on it to view the RoleARN.
Once you've finished those steps, sign in to the Site24x7 console and follow these last few steps:
- Select AWS > Add Amazon Monitor.
- Choose the appropriate AWS account type (GovCloud (US) or China Region).
- Provide a label for the integration and paste the RoleARN in the field provided.
- At this point, you can also use the discovery options to customize the integration and dial down API requests.
Unlike other monitoring tools, which only provide visibility into standard regions, Site24x7 now offers a consistent view of all your infrastructure and managed services no matter where they are in the AWS cloud. So what are you waiting for? Start deploying resources with confidence. New to Site24x7? Sign up for a free, 30 day trial.