Managing AWS EC2 Connections
FlexNet Manager Suite 2019 R1 (On-Premises Edition)
Connections to Amazon Web Services Elastic Compute Cloud require four elements:
- Within AWS, you must create a policy that allows access to your EC2 service
- Similarly, you must create a policy allowing access to an Identity and Access Management (IAM) entity
- Still within AWS, you must create the IAM user account with minimum privileges that makes the connection to AWS APIs and imports the available data
- Finally, on the inventory beacon that is to make the connection to AWS, you must specify the connection (which is automatically scheduled for you).
All four parts of the process are included below. You may conveniently complete all
parts of the process using a web browser on your chosen inventory beacon.
Tip: If you have some reason to connect to AWS from more that one inventory beacon, you may re-use the same policies, and do not need to create
these multiple times. It would also be possible to reuse the same account name
on a different inventory beacon, but since recommended practice is to
schedule frequent connections (for example, to collect data on terminated
instances, which has a very limited life on AWS), it may be advisable to create
separate user accounts for each accessing inventory beacon, and avoid
possible collisions.
Important: While you are planning to
collect data from AWS EC2, also plan to configure start-up scripts in your base
image to modify preferences for FlexNet inventory agent when your VMs are
instantiated. These changed preferences ensure that each instance reports a
distinct computer name (or perhaps domain name). If this is not done, instances
take a common device name from the base image, and typically report from the
same domain name. With matching names, the resulting records are assumed to come
from a single device, and are merged into a single device record in FlexNet Manager Suite. For more information, see Common: Ensuring Distinct Inventory in the Gathering FlexNet Inventory PDF, available through the title page of online help.
Prerequisites
To complete this process, your chosen inventory beacon must meet the following
requirements, some of which should have been fulfilled when the FlexNet Beacon software was installed:
- PowerShell 3.0 or later is running on Windows Server 2008 R2 SP1 or later, or Windows 7 SP1 or later; with the PowerShell execution policy set to RemoteSigned.
- The FlexNet Beacon software installed on the inventory beacon must be release 13.1.1 (shipped with FlexNet Manager Suite 2018 R2) or later.
- A web browser is installed and enabled on the inventory beacon.
- You must log onto the inventory beacon, and run FlexNet Beacon, using an account with administrator privileges.
- You must have downloaded AWS Tools for Windows PowerShell from https://aws.amazon.com/powershell/, and installed them on the
inventory beacon. The minimum required version of these tools is
3.3.283.0. To check the version installed on your inventory beacon,
run AWS Tools for Windows PowerShell, and execute the
Get-AWSPowerShellVersion
cmdlet.Note: The permissible values for Instance region are currently hard-coded in the AWS Tools for Windows PowerShell. This means that if AWS provision additional regions, and you want to have instances in one of the new regions, you will need to update AWS Tools for Windows PowerShell at that time.
To configure an initial data connection to your AWS EC2 service: