R12.1 Project-2025Sep08

Configuring NetBrain System

After you have set up the monitored accounts and gateway accounts, follow these steps to add the accounts to monitor:

  1. In the Domain Management page, navigate to Discovery > API Server Manager.

  2. In the API Server Manager configuration page, click Add API Server to add an API Server entry into the table for each account to be monitored.
  3. Configure the parameters in the Add External API Server window as follows:

  1. API Source Type: Select Amazon AWS.
  2. Access Method: Select Role-based Access.
  3. Endpoints (Account ID): Enter the AWS account ID to be monitored.
  4. External Id: Enter the External Id previously selected for the trust relationship in the AWS Monitored account.
  5. Role Name: Enter the role name previously selected in the AWS Monitored account. 
  6. In the Advanced section, click +Add and add the following keys of user account created in the gateway account:
  • Master Access Key:  This is the public key used to access the gateway account.
  • Master Secret Access Key:  This is the secret key used to access the gateway account. 
To maintain security best practices, it's recommended to rotate the access key and secret key for the gateway account regularly. If you manage multiple monitor accounts, you can streamline this process using the Master Access Key Rotation plugin. This plugin allows you to update the access and secret keys across all monitor accounts with a single action.

For detailed instructions, refer to the Automatically Updating Master Keys in Monitor Accounts.
 
  1. Click Test to verify the connection to the monitored accounts to ensure they are connected successfully. 
    If it fails, check whether the roles and policies are configured properly    .

Creating Public or Secret Keys for Gateway Accounts Automatically Updating Master Keys in Monitor Accounts