Settings in AWS License Manager
The Settings section of the AWS License Manager console displays settings for the current account. You must configure settings to enable certain functionality such as distribution of managed entitlements and self-managed licenses to your organization, as well as for performing cross-account resource discovery.
To edit License Manager settings
Open the License Manager console at https://console.aws.amazon.com/license-manager/
. -
In the left navigation pane, choose Settings.
-
Choose the tab containing the settings you wish to configure or modify. For example, choose Managed licenses to configure Account details.
-
Choose the relevant action for the setting you wish to configure or modify. For example, you might choose Edit or Turn on.
Managed licenses
The following settings are available for managed licenses.
Account details
You can review your account details to see information such as the account type, whether accounts in AWS Organizations are linked, the account's License Manager S3 bucket ARN, and the AWS Resource Access Manager share ARN. This section also enables you to link your AWS Organizations accounts.
To distribute managed entitlements or self-managed licenses within your organization, choose Link AWS Organizations accounts. The distributed grants for managed entitlements are auto-accepted by all of your member accounts. When you select this option, we add a service-linked role to the management and member accounts.
To enable this option, you must be signed in to your management account and all features must be enabled in AWS Organizations. For more information, see Enabling all features in your organization in the AWS Organizations User Guide.
This selection also creates an AWS Resource Access Manager resource share in your management account, which allows you to seamlessly share self-managed licenses. For more information, see the AWS Resource Access Manager User Guide.
To disable this option, call the UpdateServiceSettings API.
Cross-account resource discovery
You can turn on cross-account resource discovery in order to manage license usage across all of your accounts in AWS Organizations.
To enable cross-account resource discovery in your organization, choose Turn on for cross-account resource discovery. When you turn on the cross-account resource discovery, AWS Organizations will automatically be linked to perform resource discovery across all of your accounts.
License Manager uses Systems Manager inventory to discover software usage. Verify that you have configured Systems Manager inventory on all of your resources. Querying Systems Manager inventory requires the following:
-
Resource data sync to store inventory in an Amazon S3 bucket.
-
Amazon Athena to aggregate inventory data from your accounts in AWS Organizations.
-
AWS Glue to provide a fast query experience.
Simple Notification Service (SNS)
You can configure an Amazon SNS to receive notifications and alerts from License Manager.
To configure an Amazon SNS topic
-
Choose Edit next to Simple Notification Service (SNS).
-
Specify an SNS topic ARN in the following format:
arn:
<aws_partition>
:sns:<region>
:<account_id>
:aws-license-manager-service-* -
Choose Save changes.
Linux subscriptions
You can configure settings for Linux subscriptions to control how the discovery and aggregation of your subscriptions are performed. You can choose the Regions for which you want to discover Linux subscriptions for, and whether you want to aggregate subscription data across your accounts in AWS Organizations. For more information, see Linux subscriptions in License Manager.
User-based subscriptions
The following settings are available depending on which products you require for user-based subscriptions.
AWS Managed Microsoft AD
License Manager requires AWS Managed Microsoft AD to be configured before you can work with user-based subscriptions. For more information, see User-based subscriptions in License Manager.
Virtual private cloud
License Manager requires your VPC to be configured, in addition to your AWS Managed Microsoft AD, when you use user-based subscriptions with Microsoft Office. For more information, see User-based subscriptions in License Manager.
Delegated administrators
You can register a delegated administrator to perform administrative tasks for managed licenses and Linux subscriptions in License Manager. To simplify administration, we recommend using the License Manager console to register a single delegated administrator for each feature of License Manager. Using this approach, you will have a single delegated administrator in your organization for License Manager.
Using the AWS CLI or SDKs, you can register different member accounts in your organization as the delegated administrator for each supported feature of License Manager. This results in different member accounts in your organization being able to perform administrative tasks for managed licenses and Linux subscriptions.
To use the delegated administration features in the License Manager console, you must have the same member account registered as the delegated administrator for each feature of License Manager. If you registered more than one member account as the delegated administrator, you first have to deregister the existing member accounts, and then register the same account for each feature of License Manager.
Before you register a delegated administrator, you must enable trusted access with Organizations. For more information, see Inviting an AWS account to join your organization and Enable trusted access with AWS Organizations.
The following are the features for which you can register a delegated administrator:
Managed licenses
You can perform administrative tasks, such as sharing self-managed licenses with other member accounts, performing cross-account resource discovery, and distributing managed entitlements to other member accounts.
Linux subscriptions
You can perform administrative tasks, such as viewing and managing commercial Linux subscriptions you own and run across AWS Regions and your accounts in AWS Organizations. You can also create and manage Amazon CloudWatch alarms for your Linux subscriptions. The data must first be discovered and aggregated before it is visible in the License Manager console and any alarms can function if they are configured.
Once registered, the delegated administrator has visibility into EC2 instances owned by accounts in your organization.
You can register and deregister delegated administrators using the AWS License Manager console
Regions supported for delegated administrators
The following Regions support License Manager delegated administrators:
-
US East (Ohio)
-
US East (N. Virginia)
-
US West (N. California)
-
US West (Oregon)
-
Asia Pacific (Mumbai)
-
Asia Pacific (Seoul)
-
Asia Pacific (Singapore)
-
Asia Pacific (Sydney)
-
Asia Pacific (Tokyo)
-
Asia Pacific (Hong Kong)
-
Middle East (Bahrain)
-
Canada (Central)
-
Europe (Frankfurt)
-
Europe (Ireland)
-
Europe (London)
-
Europe (Paris)
-
Europe (Stockholm)
-
Europe (Milan)
-
Africa (Cape Town)
-
South America (São Paulo)
Register a delegated administrator
You can register a delegated administrator using the AWS CLI or AWS Management Console.
Deregister a delegated administrator
You can deregister a delegated administrator using the AWS CLI or AWS Management Console.