AWSConfigRemediation-EnableEnhancedMonitoringOnRDSInstance - AWS Systems Manager Automation Runbook Reference

AWSConfigRemediation-EnableEnhancedMonitoringOnRDSInstance

Description

The AWSConfigRemediation-EnableEnhancedMonitoringOnRDSInstance runbook enables Enhanced Monitoring on the Amazon RDS database instance you specify. For information on Enhanced Monitoring, see Enhanced Monitoring in the Amazon RDS User Guide .

Run this Automation (console)

Document type

Automation

Owner

Amazon

Platforms

Databases

Parameters

  • AutomationAssumeRole

    Type: String

    Description: (Required) The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows Systems Manager Automation to perform the actions on your behalf.

  • MonitoringInterval

    Type: Integer

    Valid values: 1 | 5 | 10 | 15 | 30 | 60

    Description: (Required) The interval in seconds when Enhanced Monitoring metrics are collected from the DB instance.

  • MonitoringRoleArn

    Type: String

    Description: (Required) The Amazon Resource Name (ARN) of the IAM role that allows Amazon RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs.

  • ResourceId

    Type: String

    Description: (Required) The resource identifier for the DB instance you want to enable Enhanced Monitoring on.

Required IAM permissions

The AutomationAssumeRole parameter requires the following actions to use the runbook successfully.

  • ssm:StartAutomationExecution

  • ssm:GetAutomationExecution

  • rds:DescribeDBInstances

  • rds:ModifyDBInstance

Document Steps

  • aws:executeAwsApi - Gathers the DB instance identifier from the DB instance resource identifier.

  • aws:assertAwsResourceProperty - Confirms the DB Instance is in an AVAILABLE state.

  • aws:executeAwsApi - Enables Enhanced Monitoring on your DB instance.

  • aws:executeScript - Confirms that Enhanced Monitoring is enabled on your DB instance.