Skip to content

AWS Certificate Manager

The displayed metrics for AWS Certificate Manager include the number of days before a certificate expires. ACM will stop publishing this metric after the certificate expires, etc.

Configuration

Install Func

It is recommended to enable Guance integration - extension - managed Func: all prerequisites are automatically installed. Please continue with the script installation.

If you deploy Func manually, refer to Deploy Func Manually

Installation Script

Note: Please prepare an Amazon AK that meets the requirements in advance (for simplicity, you can directly grant global read-only permissions ReadOnlyAccess)

Managed Edition Activation Script

  1. Log in to the Guance console.
  2. Click on the 【Integration】 menu and select 【Cloud Account Management】.
  3. Click 【Add Cloud Account】, choose 【AWS】, and fill in the required information on the interface. If the cloud account information has been configured previously, skip this step.
  4. Click 【Test】. After a successful test, click 【Save】. If the test fails, check whether the related configuration information is correct and retest.
  5. In the 【Cloud Account Management】 list, you can see the added cloud accounts. Click on the corresponding cloud account and go to the details page.
  6. Click the 【Integration】 button on the cloud account details page. In the Not Installed list, find AWS Certificate Manager, click the 【Install】 button, and install it via the installation interface.

Manual Activation Script

  1. Log in to the Func console, click 【Script Market】, enter the official script market, and search for guance_aws_certificatemanager.

  2. After clicking 【Install】, input the corresponding parameters: AWS AK ID, AK Secret, and account name.

  3. Click 【Deploy Startup Script】, and the system will automatically create a Startup script set and configure the corresponding startup script automatically.

  4. After enabling, you can see the corresponding automatic trigger configuration in 「Management / Automatic Trigger Configuration」. Click 【Execute】 to run it immediately without waiting for the scheduled time. Wait a moment, and you can view the execution task records and corresponding logs.

We have collected some configurations by default; for more details, see the Metrics section.

Verification

  1. In 「Management / Automatic Trigger Configuration」, confirm whether the corresponding tasks have the corresponding automatic trigger configurations, and at the same time, you can check the corresponding task records and logs to ensure there are no abnormalities.
  2. In Guance, under 「Infrastructure / Custom」, check if asset information exists.
  3. In Guance, under 「Metrics」, check if there is corresponding monitoring data.

Metrics

After configuring Amazon-CloudWatch, the default metric set is as follows. You can collect more metrics through configuration:

Amazon CloudWatch AWS Certificate Manager Metric Details

Metric Name Description Unit Dimensions
DaysToExpiry The number of days before the certificate expires. ACM will stop publishing this metric after the certificate expires. Integer CertificateArn value: the ARN of the certificate.

Feedback

Is this page helpful? ×