Skip to content

AWS Certificate Manager

The Metrics displayed by AWS Certificate Manager include the number of days before the certificate expires. ACM will stop publishing this Metric after the certificate expires.'

Configuration

Install Func

It is recommended to enable TrueWatch Integration - Extensions - DataFlux Func (Automata): All prerequisites are automatically installed, please proceed with script installation.

For self-deployment of Func, refer to Self-deploy Func

Install Script

Note: Please prepare the required Amazon AK in advance (for simplicity, you can directly grant global read-only permission ReadOnlyAccess)

Managed Version Activation Script

  1. Log in to the TrueWatch console
  2. Click on the 【Integration】 menu, select 【Cloud Account Management】
  3. Click on 【Add Cloud Account】, select 【AWS】, and fill in the required information on the interface. If the cloud account information has been configured before, ignore this step
  4. Click on 【Test】, and after a successful test, click on 【Save】. If the test fails, please check if the relevant configuration information is correct and test again
  5. Click on the 【Cloud Account Management】 list to see the added cloud account, click on the corresponding cloud account to enter the details page
  6. Click on the 【Integration】 button on the cloud account details page, find AWS Certificate Manager under the Not Installed list, and click on the 【Install】 button to pop up the installation interface and install.

Manual Activation Script

  1. Log in to the Func console, click on 【Script Market】, enter the TrueWatch script market, and search for integration_aws_certificatemanager

  2. After clicking on 【Install】, enter the corresponding parameters: AWS AK ID, AK Secret, and account name.

  3. Click on 【Deploy Startup Script】, the system will automatically create the Startup script set and automatically configure the corresponding startup script.

  4. After enabling, you can see the corresponding automatic trigger configuration in 「Manage / Automatic Trigger Configuration」. Click on 【Execute】 to execute immediately without waiting for the scheduled time. After a while, you can view the execution task records and corresponding logs.

Verification

  1. Confirm in 「Manage / Automatic Trigger Configuration」 whether the corresponding task has the corresponding automatic trigger configuration, and you can also check the corresponding task records and logs for any anomalies
  2. In TrueWatch, check if asset information exists in 「Infrastructure / Custom」
  3. In TrueWatch, check if there is corresponding monitoring data in 「Metrics」

Metrics

After configuring Amazon CloudWatch, the default Measurement is as follows. More Metrics can be collected through configuration:

Amazon CloudWatch AWS Certificate Manager Metrics Details

Metric Name Description Unit Dimensions
DaysToExpiry The number of days before the certificate expires. ACM will stop publishing this Metric after the certificate expires. Integer CertificateArn value: The ARN of the certificate.