Configuring Multi-Account Aggregation for Unified Monitoring

This type of instance is recommended when you need to monitor the cloud service metrics of multiple accounts in an organization.

You have enabled trusted access to AOM on the Organizations console. For details, see Enabling or Disabling a Trusted Service.
Cloud service metrics have been connected for multiple accounts in an organization.

Only the organization administrator or delegated administrator can create Prometheus instances for multi-account aggregation and connect accounts. For details about how to set a delegated administrator, see Specifying, Viewing, or Removing a Delegated Administrator.
If a delegated administrator cannot connect accounts, assign the following permissions to the delegated administrator by referring to Assigning Permissions to an IAM User:
- organizations:trustedServices:list
- organizations:organizations:get
- organizations:delegatedAdministrators:list
- organizations:roots:list
- organizations:delegatedServices:list
AOM only supports connection to member accounts under an organizational unit (OU). When the relationship between the OU and member accounts changes, AOM will not automatically synchronize that information.
You will be billed based on reported custom metrics, metric storage duration, and data dump volume. Metrics from member accounts are aggregated and stored in a multi-account aggregation instance. The reported custom metrics and metric storage duration are counted and paid by the master account. The metric aggregation and storage functions of multi-account aggregation instances are in the open beta test (OBT) and are free of charge.

Log in to the AOM 2.0 console.
In the navigation pane on the left, choose Prometheus Monitoring > Instances. On the displayed page, click Add Prometheus Instance.

Set an instance name, enterprise project, and instance type.

**Table 1** Parameters for creating a Prometheus instance
Parameter	Description
Instance Name	Prometheus instance name. Enter a maximum of 100 characters and do not start or end with an underscore (_) or hyphen (-). Only letters, digits, underscores, and hyphens are allowed.
Enterprise Project	Enterprise project. If Enterprise Project is set to All on the global settings page, select an enterprise project from the drop-down list here. If you have already selected an enterprise project on the global settings page, this option will be grayed and cannot be changed. To select the newly created enterprise project during the creation of a Prometheus instance, wait for about 10 minutes after the enterprise project is created.
Instance Type	Type of the Prometheus instance. Select Prometheus for Multi-Account Aggregation.

Log in to the AOM 2.0 console.
On the Prometheus instance list page, click a Prometheus instance for multi-account aggregation.
On the Account Access page, manage member accounts, connect cloud services, configure data storage, and add supported metrics.
- Managing member accounts: AOM supports account management. It allows you to incorporate cloud accounts into your organization for centralized management. There are three types of members in an organization: administrator, delegated administrator, and common user. Common users do not have the permission to monitor multi-account metrics on AOM.
  - To monitor the metrics of a member account, click the Member Account text box and enter an account keyword in the displayed search box. Related member accounts are automatically displayed. Then select your desired ones.
  - To stop monitoring the metrics of a member account, delete the account from the Member Account text box on the Account Access page.
- Connecting cloud services: Select one or more cloud services from the drop-down list.
- Data storage: Member accounts retain metric data after they are connected to a Prometheus instance for aggregation. By default, this function is disabled.
- Adding metrics supported by cloud services: Click Add Metric to add metrics for connected cloud services.
Figure 1 Account access page