AWS License Manager - AWS Audit Manager

AWS License Manager

AWS Audit Manager provides an AWS License Manager framework to assist you with your audit preparation.

What is AWS License Manager?

With AWS License Manager, you can manage your software licenses from various software vendors (such as Microsoft, SAP, Oracle, or IBM) centrally across AWS and your on-premises environments. Having all your software licenses in one location allows for better control and visibility and potentially helps you to limit licensing overages and reduce the risk of non-compliance and misreporting issues.

The AWS License Manager framework is integrated with License Manager to aggregate license usage information based on customer defined licensing rules.

Use AWS Audit Manager to support your audit preparation

AWS Audit Manager provides a prebuilt framework that structures and automate assessments for license usage. This framework includes a prebuilt collection of controls with descriptions and testing procedures. These controls are grouped according to customer defined licensing rules.

You can use the AWS License Manager framework in AWS Audit Manager to prepare for audits. The controls in this framework aren't intended to verify whether your systems are compliant with licensing rules, and they can't guarantee that you will pass a licensing usage assessment. AWS Audit Manager doesn't automatically check procedural controls that require manual evidence collection.

For this framework, Audit Manager uses a custom activity called GetLicenseManagerSummary to collect evidence. The GetLicenseManagerSummary activity calls the following three License Manager APIs:

The data that’s returned is then converted into evidence and attached to the relevant controls in your assessment.

For example: Let's say that you use two licensed products (SQL Service 2017 and Oracle Database Enterprise Edition). First, the GetLicenseManagerSummary activity calls the ListLicenseConfigurations API, which provides details of license configurations in your account. Next, it adds additional contextual data for each license configuration by calling ListUsageForLicenseConfiguration and ListAssociationsForLicenseConfiguration. Finally, it converts the license configuration data into evidence and attaches it to the respective controls in the framework (4.5 - Customer managed license for SQL Server 2017 and 3.0.4 - Customer managed license for Oracle Database Enterprise Edition). If you’re using a licensed product that isn’t covered by any of the controls in the framework, that license configuration data is attached as evidence to the following control: 5.0 - Customer managed license for other licenses.

You can find the AWS License Manager framework under the Standard frameworks tab of the Framework library in Audit Manager.

For instructions on how to create an assessment using this framework, see Creating an assessment. For instructions on how to customize this framework to support your specific requirements, see Customizing an existing framework and Customizing an existing control.