AWS IAM monitoring integration

New Relic infrastructure integrations include an AWS Identity and Access Management (IAM) integration for reporting your IAM data to New Relic. This document explains the integration's features, how to activate it, and what data can be reported.

Features

Amazon's Identity and Access Management (IAM) enables you to securely control access to AWS services and resources for your users. Using IAM, you can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources.

New Relic's IAM monitoring integration lets you capture the state of policies, users, groups, and roles at specific points in time. IAM data is also available for analysis in New Relic One.

Activate integration

To enable this integration follow standard procedures to Connect AWS services to New Relic.

Configuration and polling

You can change the polling frequency and filter data using configuration options.

Default polling information for the AWS IAM integration:

• New Relic polling interval: 5 minutes

Find and use data

To find this integration's data, go to one.newrelic.com > Infrastructure > AWS and select one of the IAM integration links.

You can query and explore your data using the IamAccountSummarySample event type.

Metric data

The IAM integration doesn't capture any performance metrics in the traditional sense of the word. But the integration does monitor the state of IAM service policies, users, groups, and roles at specific points in time, and uses that to create these count-based metrics:

• Certificates per account
• Groups per account
• MFA devices per account
• Roles per account
• Users per account

Inventory data

The IAM integration reports this inventory data: