Granting Site24x7 ReadOnly Access to AWS resources and services

How to provide ReadOnly access to your AWS resources via the AWS IAM console?

Grant access to your AWS account

Site24x7 makes programmatic API calls to your AWS resources to collect performance metrics and metadata. For this to occur, you (AWS account holder) need to grant access and connect your AWS account with Site24x7. An AWS account holder can grant access to Site24x7 through any of the below methods:
  1. Role ARN for cross-account access
  2. CloudFormation IAM role-based access
  3. AWS Control Tower lifecycle events-based access
  4. AWS IAM Identity Center-based access
  5. Delegated Admin-based access

Connect your AWS account with Site24x7 

Once done, Site24x7 will use the Role ARN to start monitoring.

Policies and permissions 

Site24x7 provides two options for IAM role permissions:
  1. AWS Managed ReadOnlyAccess Policy: The IAM role will be created with the ReadOnlyAccess policy, which is managed by AWS for all services.
  2. Site24x7 Custom Policy: The IAM role will be created with the inline policy formulated with read-only permissions required for Site24x7-supported services.
You can also create your own policy with specific permissions to monitor specific AWS resources. To learn more, please read our product documentation.