Cisco Cloud Observability Connections API (v2.0.0)
Latest
Getting Started with AWS Using Role Delegation
This page introduces you to Cisco Cloud Observability Connections API resources and provides instructions to make your first API request. You'll learn how to create and manage an AWS connection using role delegation. Examples will be shown using the command line with cURL commands.
Standard REST methods are supported on the Cisco Cloud Observability Connections API, which include POST, GET, PATCH, and DELETE operations through HTTPS. All payloads to and from the REST interface must be in JSON format.
Base URI
Every API request begins with this base URI:
Code Snippet
Copyhttps://{tenant_name}.observe.appdynamics.com/cloud/v2
1. Create a Connection
Request
To create a connection, provide the connection display name, description, and AWS account ID in the following request:
Code Snippet
Copycurl --location -g --request POST 'https://{tenant_name}.observe.appdynamics.com/cloud/v2/connections' \
--data-raw '{
"type":"aws",
"displayName":"<display_name>",
"description":"<description>",
"details":{
"accessType":"role_delegation",
"accountId":"<account_Id>"
}
}'
Save the appDynamicsAwsAccountId and externalId from the response. You'll need to provide those values to create an AWS IAM Role in the next step.
Example Response
Expand
json
Copy"id": "8d0181b3-058a-44b8-8bff-6383d2c52829",
"createdAt": "2023-07-10T14:14:50.509Z",
"updatedAt": "2023-07-10T14:14:50.509Z",
"displayName": "Aws role delegation",
"description": "Aws role delegation",
"type": "aws",
"state": "INCOMPLETE",
"stateMessage": "Please enter a role name to connect.",
"details": {
"accountId": "account_Id",
"externalId": "external_Id",
"accessType": "role_delegation",
"appDynamicsAwsAccountId": "aws_account_Id"
},
"configurationId": ""
2. Create an AWS IAM Service Policy and Role
Complete the following steps in the AWS IAM Management Console:
- Create an AWS IAM Service Policy
- Attach Permissions Policies Using JSON
- Create an AWS IAM Role. Save the role name from the AWS UI. You'll need to provide it to update the connection in step 4.
3. Create a Configuration
To create a configuration, you'll first need to obtain a list of the supported AWS hosting regions and services that you want to monitor.
3a. Get AWS Regions
Request
Obtain the list of supported AWS hosting regions using the following request:
Code Snippet
Copycurl --location --request GET 'https://{tenant_name}.observe.appdynamics.com/cloud/v2/regions?type=aws' \
--header 'Authorization: Bearer token-generated in auth step'
Example Response
Expand
json
Copy{
"items": [
{
"id": "us-gov-west-1",
"displayName": "AWS GovCloud (US)"
},
{
"id": "us-gov-east-1",
"displayName": "AWS GovCloud (US-East)"
},
{
"id": "us-east-1",
"displayName": "US East (N. Virginia)"
},
{
"id": "us-east-2",
"displayName": "US East (Ohio)"
},
{
"id": "us-west-1",
"displayName": "US West (N. California)"
},
{
"id": "us-west-2",
"displayName": "US West (Oregon)"
},
{
"id": "eu-west-1",
"displayName": "EU (Ireland)"
},
{
"id": "eu-west-2",
"displayName": "EU (London)"
},
{
"id": "eu-west-3",
"displayName": "EU (Paris)"
},
{
"id": "eu-central-1",
"displayName": "EU (Frankfurt)"
},
{
"id": "eu-north-1",
"displayName": "EU (Stockholm)"
},
{
"id": "eu-south-1",
"displayName": "EU (Milan)"
},
{
"id": "ap-east-1",
"displayName": "Asia Pacific (Hong Kong)"
},
{
"id": "ap-south-1",
"displayName": "Asia Pacific (Mumbai)"
},
{
"id": "ap-southeast-1",
"displayName": "Asia Pacific (Singapore)"
},
{
"id": "ap-southeast-2",
"displayName": "Asia Pacific (Sydney)"
},
{
"id": "ap-northeast-1",
"displayName": "Asia Pacific (Tokyo)"
},
{
"id": "ap-northeast-2",
"displayName": "Asia Pacific (Seoul)"
},
{
"id": "ap-northeast-3",
"displayName": "Asia Pacific (Osaka)"
},
{
"id": "sa-east-1",
"displayName": "South America (Sao Paulo)"
},
{
"id": "cn-north-1",
"displayName": "China (Beijing)"
},
{
"id": "cn-northwest-1",
"displayName": "China (Ningxia)"
},
{
"id": "ca-central-1",
"displayName": "Canada (Central)"
},
{
"id": "me-south-1",
"displayName": "Middle East (Bahrain)"
},
{
"id": "af-south-1",
"displayName": "Africa (Cape Town)"
},
{
"id": "us-iso-east-1",
"displayName": "US ISO East"
},
{
"id": "us-isob-east-1",
"displayName": "US ISOB East (Ohio)"
},
{
"id": "us-iso-west-1",
"displayName": "US ISO West"
}
]
}
3b. Get AWS Services
Request
Obtain the list of supported AWS services using the following request:
Code Snippet
Copycurl --location --request GET 'https://{tenant_name}.observe.appdynamics.com/cloud/v2/services?type=aws' \
--header 'Authorization: Bearer token-generated in auth step'
Example Response
Expand
json
Copy {
"items": [
{
"id": "ec2",
"displayName": "Elastic Cloud Compute",
"description": "Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers. Amazon EC2’s simple web service interface allows you to obtain and configure capacity with minimal friction. It provides you with complete control of your computing resources and lets you run on Amazon’s proven computing environment."
},
{
"id": "elb",
"displayName": "Elastic Load Balancing",
"description": "Elastic Load Balancing automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, IP addresses, Lambda functions, and virtual appliances. It can handle the varying load of your application traffic in a single Availability Zone or across multiple Availability Zones. Elastic Load Balancing offers four types of load balancers that all feature the high availability, automatic scaling, and robust security necessary to make your applications fault tolerant."
},
{
"id": "ebs",
"displayName": "Elastic Block Storage",
"description": "Amazon EBS provides a range of options for storage performance and cost. These options are divided into two major categories: SSD-backed storage for transactional workloads, such as databases and boot volumes (performance depends primarily on IOPS), and disk-backed storage for throughput intensive workloads, such as MapReduce and log processing (performance depends primarily on MB/s)."
},
{
"id": "rds",
"displayName": "Amazon Relational Database Service",
"description": "Amazon Relational Database Service (or Amazon RDS) is a distributed relational database service by Amazon Web Services (AWS). It is a web service running \"in the cloud\" designed to simplify the setup, operation, and scaling of a relational database for use in applications. Administration processes like patching the database software, backing up databases and enabling point-in-time recovery are managed automatically. Scaling storage and compute resources can be performed by a single API call to the AWS control plane on-demand. AWS does not offer an SSH connection to the underlying virtual machine as part of the managed service."
},
{
"id": "ecs",
"displayName": "Amazon Elastic Container Service",
"description": "Amazon ECS is a fully managed container orchestration service that helps you easily deploy, manage, and scale containerized applications. It deeply integrates with the rest of the AWS platform to provide a secure and easy-to-use solution for running container workloads in the cloud and now on your infrastructure with Amazon ECS Anywhere."
},
{
"id": "lambda",
"displayName": "AWS Lambda",
"description": "AWS Lambda is an event-driven, serverless computing platform provided by Amazon as a part of Amazon Web Services. It is a computing service that runs code in response to events and automatically manages the computing resources required by that code."
},
{
"id": "efs",
"displayName": "Amazon Elastic File System",
"description": "Amazon Elastic File System is a cloud storage service provided by Amazon Web Services designed to provide scalable, elastic, concurrent with some restrictions, and encrypted file storage for use with both AWS cloud services and on-premises resources."
},
{
"id": "api_gateway",
"displayName": "Amazon API Gateway",
"description": "Amazon API Gateway is an AWS service for creating, publishing, maintaining, monitoring, and securing REST, HTTP, and WebSocket APIs at any scale. API developers can create APIs that access AWS or other web services, as well as data stored in the AWS Cloud."
},
{
"id": "eks",
"displayName": "Amazon Elastic Kubernetes Service",
"description": "Amazon Elastic Kubernetes Service (Amazon EKS) is a managed Kubernetes service to run Kubernetes in the AWS cloud and on-premises data centers."
},
{
"id": "autoscaling",
"displayName": "AWS Autoscaling",
"description": "AWS Auto Scaling monitors your applications and automatically adjusts capacity to maintain steady, predictable performance at the lowest possible cost."
},
{
"id": "kinesis",
"displayName": "Amazon Kinesis Data Streams",
"description": "Amazon Kinesis Data Streams is a fully managed, serverless data streaming service that stores and ingests various streaming data in real time at any scale."
}
]
}
3c. Create a Configuration
Note: The default polling interval is 5 minutes. This interval is currently not configurable.
Create a configuration by providing the supported AWS hosting regions and services that you want to monitor in the following request. You can also specify if tags should be imported or if a tag filter should be used.
The response will return the configurationId, which you'll need to add to the connection in the next step.
Request
Code Snippet
Copycurl --location -g --request POST 'https://{tenant_name}.observe.appdynamics.com/cloud/v2/configurations' \
--header 'Content-Type: application/json' \
--data-raw '{
"displayName": "<configuration_display_name>",
"description": "<configuration_description>",
"type": "aws",
"details": {
"importTags": {
"enabled": <true_or_false>,
"excludedKeys": [
"<key>",
"<key>"
]
},
"tagFilter": "<(tags(env) = 'tag_name' || tags(env) = 'env_name'))>",
"regions": [
"<region>",
"<region>"
],
"polling": {
"interval": <interval_number>,
"unit": "<unit>"
},
"services": [
{
"name": "<service_name>",
"polling": {
"interval": <interval_number>,
"unit": "<unit>"
}
},
{
"name": "<service_name>",
"polling": {
"interval": <interval_number>,
"unit": "<unit>"
}
}
]
}
Example Request
Expand
Code Snippet
Copycurl --location -g --request POST 'https://{tenant_name}.observe.appdynamics.com/cloud/v2/configurations' \
--header 'Content-Type: application/json' \
--data-raw '{
"displayName": "Example AWS Configuration",
"description": "AWS Example Configuration",
"type": "aws",
"details": {
"importTags": {
"enabled": true,
"excludedKeys": [
"local",
"sandbox"
]
},
"tagFilter": "(tags(env) = 'prod' || tags(env) = 'production'))",
"regions": [
"us-east-1",
"us-west-1"
],
"polling": {
"interval": 5,
"unit": "minute"
},
"services": [
{
"name": "elb",
"polling": {
"interval": 5,
"unit": "minute"
}
},
{
"name": "ec2",
"polling": {
"interval": 5,
"unit": "minute"
}
}
]
}
Example Response
Expand
json
Copy{
"id": "2967d5c4-322b-4bc4-bca6-b0223e35200d",
"type": "aws",
"displayName": "TestAWS",
"description": "",
"details": {
"polling": {
"interval": 5,
"unit": "minute"
},
"services": [
{
"name": "ec2",
"polling": {
"interval": 5,
"unit": "minute"
},
"tagFilter": ""
}
],
"importTags": {
"enabled": true,
"excludedKeys": []
},
"regions": [],
"tagFilter": ""
},
"createdAt": "2023-07-28T20:50:18.749Z",
"updatedAt": "2023-07-28T20:50:18.749Z"
}
4. Update a Connection
To start data collection, you'll need to update the connection to add the configuration ID and AWS IAM role name.
You can also update the following editable and immutable fields during this step:
| Connection Type | Field | Editable? | Notes |
|---|---|---|---|
| AWS Role Delegation | Connection Name | YES | |
| Description | YES | ||
| Account ID | NO | ||
| Role Name | YES | AuthN | |
| External ID | NO | ||
| Type | NO | ||
| Access Type | NO |
Any combination of editable fields can be given in the PATCH connections request.
Request
Code Snippet
Copycurl --location -g --request PATCH 'https://{tenant_name}.observe.appdynamics.com/cloud/v2/connections/<connection_id>' \
--header 'Content-Type: application/json' \
--data-raw '{
"displayName": "<display_name>",
"description": "<description>",
"details": {
"roleName": "<role_name>"
},
"configurationId":"<configuration_id>",
"state":"ACTIVE"
}'
Example Response
Expand
json
Copy{
"id": "8d0181b3-058a-44b8-8bff-6383d2c52829",
"createdAt": "2023-07-10T14:14:50.509Z",
"updatedAt": "2023-07-10T14:18:18.938Z",
"displayName": "Aws role delegation",
"description": "Aws role delegation",
"type": "aws",
"state": "INACTIVE",
"stateMessage": "Successfully connected.",
"details": {
"accountId": "{account_Id}",
"externalId": "{external_Id}",
"roleName": "AppDynamicsMonitoringRole",
"accessType": "role_delegation",
"appDynamicsAwsAccountId": "{aws_account_Id}"
},
"configurationId": "configuration_id"
}
5. List Your Connections
Next, list your connections to obtain the connection ID of a connection that you want to delete.
Request
Code Snippet
Copycurl --location -g --request GET 'https://{tenant_name}.observe.appdynamics.com/cloud/v2/connections'
Example Response
Expand
json
Copy{
"items": [
{
"id": "d48bb6e1-fab1-4e04-8549-c7d7bb9bcadf",
"createdAt": "2023-07-28T20:01:48.358Z",
"updatedAt": "2023-07-28T20:01:48.358Z",
"displayName": "access-key-test",
"description": "Description for this AWS access key connection without assigned configurationId",
"type": "aws",
"state": "PENDING CONFIGURATION",
"stateMessage": "Finish configuring your connection.",
"details": {
"accessKeyId": "AKIARQIKGMDWD3F5CGBS",
"secretAccessKey": "*******************",
"accountId": "103637475564",
"accessType": "access_key"
},
"configurationId": ""
},
{
"id": "c0a73394-6c55-4089-9090-effe71f1741d",
"createdAt": "2023-08-01T04:18:28.457Z",
"updatedAt": "2023-08-01T04:18:42.395Z",
"displayName": "PaulTest",
"description": "",
"type": "aws",
"state": "ERROR",
"stateMessage": "AppDynamics is unable to collect data. Review error details to resolve, then resume the connection. [{\"service\":\"AWS/EC2\",\"statusMessage\":\"Incorrect Credentials\\n\"},{\"service\":\"AWS/EBS\",\"statusMessage\":\"Incorrect Credentials\\n\"},{\"service\":\"AWS/ELB\",\"statusMessage\":\"Incorrect Credentials\\n\"},{\"service\":\"AWS/RDS\",\"statusMessage\":\"Incorrect Credentials\\n\"}]",
"details": {
"accessKeyId": "AKIATMZHYYPGYVY7CPPQ",
"secretAccessKey": "*******************",
"accountId": "233622258637",
"accessType": "access_key"
},
"configurationId": "ab820ab1-f658-4e90-8f39-70a6cba80e5e"
}
]
}
6. Delete a Connection
Using the connection id field from the previous response, delete the connection using the following request.
Note: When you delete a connection, the corresponding configuration is also deleted if it is not used by any other connection.
Code Snippet
Copycurl --location -g --request DELETE 'https://{tenant_name}.observe.appdynamics.com/cloud/v2/connections/<connection_Id>' \
--header 'Content-Type: application/json'
7. Verify that Connection is Deleted
To verify that the connection is deleted, list your connections again:
Code Snippet
Copycurl --location -g --request GET 'https://{tenant_name}.observe.appdynamics.com/cloud/v2/connections'
If the connection does not appear in the list of connections, it has been successfully deleted.