Prometheus Instance for Multi-Account Aggregation

Prerequisites

• You have enabled trusted access to AOM on the Organizations console. For details, see Enabling or Disabling a Trusted Service.
• Cloud service metrics have been connected for multiple accounts in an organization.

Creating a Prometheus Instance for Multi-Account Aggregation

1. Log in to the AOM 2.0 console.
2. In the navigation pane on the left, choose Prometheus Monitoring > Instances. On the displayed page, click Add Prometheus Instance.
3. Set the instance name, enterprise project, and instance type.

   Table 1 Parameters for creating a Prometheus instance

   Parameter	Description
   Instance Name	Prometheus instance name. Enter a maximum of 100 characters and do not start or end with an underscore (_) or hyphen (-). Only letters, digits, underscores, and hyphens are allowed.
   Enterprise Project	Enterprise project. If you have selected All for Enterprise Project on the global settings page, select one from the drop-down list here. If you have already selected an enterprise project on the global settings page, this option will be dimmed and cannot be changed.
   Instance Type	Type of the Prometheus instance. Select Prometheus for Multi-Account Aggregation.

4. Click OK.

Connecting Accounts

You can connect accounts only after logging in as an organization administrator or a delegated administrator. For details about how to set a delegated administrator, see Specifying, Viewing, or Removing a Delegated Administrator.

• If a delegated administrator cannot connect accounts, grant the following permissions by referring to Assigning Permissions to an IAM User:
  • organizations:trustedServices:list
  • organizations:organizations:get
  • organizations:delegatedAdministrators:list
  • organizations:accounts:list
  • organizations:delegatedServices:list
• AOM only supports connection to member accounts under an organizational unit (OU). When the relationship between the OU and member accounts changes, AOM will not automatically synchronize that information.

To connect accounts, do as follows:

1. Log in to the AOM 2.0 console. In the navigation pane, choose Prometheus Monitoring > Instances.
2. On the Prometheus instance list page, click a Prometheus instance for multi-account aggregation.
3. On the Account Access page, manage member accounts, connect cloud services, configure data storage, and add supported metrics.
   • Managing member accounts: AOM supports account management. It allows you to incorporate cloud accounts into your organization for centralized management. There are three types of members in an organization: administrator, delegated administrator, and common user. Common users do not have the permission to monitor multi-account metrics on AOM.
     • To monitor the metrics of a member account, click the Member Account text box and enter an account keyword in the displayed search box. Related member accounts are automatically displayed. Then select your desired ones.
     • To stop monitoring the metrics of a member account, delete the account from the Member Account text box on the Account Access page.
   • Connecting cloud services: Select one or more cloud services from the drop-down list.
   • Data storage: Member accounts retain metric data after they are connected to a Prometheus instance for aggregation. By default, this function is disabled.
   • Adding metrics supported by cloud services: Click Add Metric to add metrics for connected cloud services.
   Figure 1 Account access page