New Relic AWS Integration Setup and Best Practices

To set up New Relic AWS integration, you'll need to install the New Relic AWS plugin in your AWS account. This plugin allows you to monitor and analyze your AWS services directly from the New Relic platform.

New Relic supports over 150 AWS services, including EC2, S3, and RDS. You can easily integrate these services with New Relic to gain a unified view of your application's performance.

To get started, make sure you have the necessary permissions to access your AWS account and New Relic account. You'll also need to create an IAM role that allows New Relic to access your AWS resources. This role should have the necessary permissions to read metrics and logs from your AWS services.

New Relic recommends creating a separate IAM role for each AWS service you want to integrate with New Relic. This helps to maintain a clean and organized permissions structure.

To set up New Relic for AWS, you need to specify an Amazon account during the setup steps. This grants New Relic access to all EC2 instances in that account.

By default, the Amazon EC2 AmazonEC2ReadOnlyAccess permission grants New Relic access to all EC2 instances in the specified account. This means you don't need to take any additional steps to access instances in that account.

If you have multiple AWS accounts, you'll need to connect each account separately, following the same setup steps for each account. This ensures New Relic has the necessary permissions to access your EC2 instances.

API Polling Setup is a crucial step in integrating your AWS account with New Relic. To connect additional API Polling integrations to New Relic, follow the procedures outlined in the New Relic UI and your AWS account.

It may take a few minutes for new resources to be detected and synthesized as entities. This is normal, and you can check the Cloud integrations system limits for more information.

To avoid issues, unlink any existing integration if you previously set up an ARN with a restrictive AmazonEC2ReadOnlyAccess policy, and create a new ARN with a broader policy.

If you don't see any tags within a few minutes of setup, delete the integration and try the setup procedures again.

Here are the HTTP endpoint URLs for Data Firehose, depending on your New Relic region:

You'll need to create a Data Firehose to send data from CloudWatch metrics to New Relic. This will allow you to acquire, transform, and deliver data streams within seconds to data lakes, data warehouses, and analytics services.

To set up New Relic, you'll need an active account. You can create one using the New Relic One pricing plan, but make sure to choose a Standard, Pro, or Enterprise plan for access to administrator features and support.

If you don't already have a New Relic account, you can sign up for a free one in the AWS Marketplace. After setting up your New Relic account, log in to get started.

To create an IAM role for Data Firehose, we need to follow a specific process. We will create one of the 3 IAM roles required for Data Firehose to write data and perform operations on the S3 bucket we created in the previous step.

This role is a crucial component in our setup, so let's get started. We'll create this role to enable Data Firehose to write data and perform operations on the S3 bucket.

The IAM role will allow Data Firehose to access the S3 bucket and perform necessary operations. We'll use this role to grant the necessary permissions for Data Firehose to function correctly.

Here's a brief overview of the IAM role we'll create:

By creating this IAM role, we'll be able to use Data Firehose to send data from CloudWatch metrics to New Relic. This will enable us to acquire, transform, and deliver data streams within seconds to our data lakes, data warehouses, and analytics services.

To create a custom role in New Relic, you'll need to navigate to the user menu by hovering over your username and selecting 'Administration' in the context menu. This will take you to the account settings.

You can find a guide on how to create custom roles in the New Relic documentation. Specifically, the account-user-mgmt-tutorial section has a detailed walkthrough.

Only 'View' permissions on 'Alerts' are needed for this integration, so you can limit access to just that. This is a good practice to follow to maintain security and compliance.

To apply the custom role, follow these steps:

New Relic AWS allows for seamless integration with other AWS services, making it easy to monitor and optimize your entire cloud infrastructure. With New Relic, you can collect data from AWS services like EC2, RDS, and S3, and get a unified view of your application's performance.

This integration enables you to set up alerts and notifications when issues arise, so you can respond quickly and minimize downtime. New Relic's integration with AWS also allows for automation of tasks, such as scaling and deployment, based on performance data.

By leveraging New Relic's security features, you can protect your AWS resources from unauthorized access and ensure compliance with regulatory requirements.

Connecting multiple AWS accounts is a straightforward process that allows you to associate multiple accounts with New Relic.

By default, the Amazon EC2 AmazonEC2ReadOnlyAccess permission grants New Relic access to all EC2 instances in the individual Amazon account you specify during the setup steps.

You'll need to follow the steps to connect an AWS account for each AWS account you want to associate with New Relic.

New Relic will have access to all EC2 instances in each associated account, thanks to the AmazonEC2ReadOnlyAccess permission.

This permission allows New Relic to monitor your EC2 instances across multiple accounts, giving you a comprehensive view of your infrastructure.

Disconnecting your integrations is a crucial step in maintaining control over your data and ensuring the security of your AWS account.

You can disable one or more integrations at any time, but it's worth noting that you can still keep your AWS account connected to New Relic even if you disable integrations.

New Relic recommends not disabling EC2 or EBS monitoring, as these integrations add important metadata to your EC2 instances and EBS volumes in New Relic.

To completely remove your services from New Relic infrastructure Integrations, you'll need to unlink your AWS account.