1 - CloudWatch Connection Setup
The first step in using CloudWatch with Harness is to set up an AWS Cloud Provider in Harness.
A Harness Cloud Provider is a connection to AWS and its monitoring tools, such as CloudWatch. Once Harness is connected, you can use Harness 24/7 Service Guard and Deployment Verification with your CloudWatch data and analysis.
AWS Permissions Required
Harness requires the IAM user to be able to make API requests to AWS. The User Access Type required is Programmatic access. This enables an access key ID and secret access key for the AWS API, CLI, SDK, and other development tools. For more information, see Creating an IAM User in Your AWS Account from AWS.
Here is the CloudWatch policy used for this guide:
Add AWS Cloud Provider for CloudWatch
To perform verification with CloudWatch, you must create a Harness Cloud Provider that can read from CloudWatch using your access key ID and secret access key. This Cloud Provider should have the permissions listed above in AWS Permissions Required.
You might have already set up a Workflow using a Harness Delegate installed in your AWS VPC. (For AWS, the Shell Script Delegate and ECS Delegate are most commonly used.) In this case, to add CloudWatch verification, you must now add a Cloud Provider with the above credentials.
Here is a summary of the steps to set up an AWS Cloud Provider in Harness:
- Click Setup, and then click Cloud Providers.
- Click Add Cloud Provider. The Cloud Provider dialog appears.
- When you select Amazon Web Services in Type, the Cloud Provider dialog changes for the AWS settings.
- Choose a name for this provider. This is to differentiate AWS providers in Harness. It is not the actual AWS account name.
- Select Assume the IAM Role of the Delegate (recommended), or Enter AWS Access Keys manually.
- If you selected Assume the IAM Role of the Delegate, in Delegate Tag, enter the Tag of the Delegate that this Cloud Provider will use for all connections. For information about Tags, see Delegate Tags.
- If you selected Enter AWS Access Keys manually, enter your Access Key and your Secret Key. For more information, see Access Keys (Access Key ID and Secret Access Key) from AWS.
For more details, see Amazon Web Services (AWS) Cloud.