AWSConfigRemediation-EnableEnhancedMonitoringOnRDSInstance

Description

The AWSConfigRemediation-EnableEnhancedMonitoringOnRDSInstance runbook enables Enhanced Monitoring on the Amazon RDS database instance you specify. For information on Enhanced Monitoring, see Enhanced Monitoring in the Amazon RDS User Guide .

Run this Automation (console)

Document type

Automation

Owner

Amazon

Platforms

Databases

Parameters

• AutomationAssumeRole

  Type: String

  Description: (Required) The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows Systems Manager Automation to perform the actions on your behalf.

• MonitoringInterval

  Type: Integer

  Valid values: 1 | 5 | 10 | 15 | 30 | 60

  Description: (Required) The interval in seconds when Enhanced Monitoring metrics are collected from the DB instance.

• MonitoringRoleArn

  Type: String

  Description: (Required) The Amazon Resource Name (ARN) of the IAM role that allows Amazon RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs.

• ResourceId

  Type: String

  Description: (Required) The resource identifier for the DB instance you want to enable Enhanced Monitoring on.

Required IAM permissions

The AutomationAssumeRole parameter requires the following actions to use the runbook successfully.

• ssm:StartAutomationExecution

• ssm:GetAutomationExecution

• rds:DescribeDBInstances

• rds:ModifyDBInstance

Document Steps

• aws:executeAwsApi - Gathers the DB instance identifier from the DB instance resource identifier.

• aws:assertAwsResourceProperty - Confirms the DB Instance is in an AVAILABLE state.

• aws:executeAwsApi - Enables Enhanced Monitoring on your DB instance.

• aws:executeScript - Confirms that Enhanced Monitoring is enabled on your DB instance.