Skip to main content
Skip table of contents

Synchronize Server Resources in AWS​

Overview

QueryPie supports integration with AWS for server registration and management. By synchronizing resources from AWS, you can register and manage servers in QueryPie, grant access permissions to users and groups, and set policies for the synchronized servers. Additionally, you can automatically add scale-out servers to server groups, applying predefined access permissions.

Registering AWS Integration in QueryPie

image-20241220-095625.png

Administrator > Servers > Connection Management > Cloud Providers > Create Provider

  1. Navigate to the Administrator > Servers > Connection Management > Cloud Providers menu.

  2. Click the + Create Provider button in the upper right corner.

  3. Name: Enter a name to distinguish the provider.

  4. Cloud Provider: Select Amazon Web Services.

  5. Region: Choose the region where the resources to be synchronized are located.

  6. Credential: Enter the credentials required for synchronization.

    1. Refer to the Setting Up Credential Types section below for more details.

  7. Search Filter: Use this option to fetch a list of resource types you want to synchronize.

    1. The search filter operates similarly to AWS search methods, allowing you to use values such as names and tags for filtering.

      1. Enter the Key value → Select the search condition → Enter the Value

    2. For more detailed usage instructions, refer to the User Guide for Linux Instances (AWS).

  8. Replication Frequency: Choose the synchronization method.

    • Manual: A method where synchronization is performed manually only when desired.

    • Scheduling: A method that synchronizes resources through periodic scheduling. Cron expressions are provided.

  9. Port: Allow you to specify the default ports of the servers to be synchronized when importing servers. This applies only during the initial synchronization.

  10. Click the Save button to store the Cloud Provider settings.

Q: I clicked the Save button, but I'm getting an error message saying "Already exists cloud provider."

A: If there is already a Cloud Provider registered with the same Region using Default Credentials, you cannot register another one due to duplication. To resolve this, please try registering with a different Region, and the save operation should proceed successfully.

Setting Up Credential Types

image-20240902-044927.png
  • Default Credentials: If the QueryPie server is installed in the same AWS account, you can assign the AmazonEC2ReadOnlyAccess policy to the EC2 instance where QueryPie is installed to synchronize resources within the same AWS account.

  • Cross Account Role: You can create an IAM role to synchronize resources from another AWS account. Follow the steps displayed on the screen to create the required permissions and assign the policy.

  • Profile Credential: You can create an IAM role to synchronize resources from another AWS account.

  • Access Key: By clicking the Synchronize button, a manual synchronization method is provided by default, where you input the AWS account's access key and secret key.

    • Starting from QueryPie 10.2.2, the "Save Credential for Synchronization" option has been added, allowing synchronization through a schedule even when using the access key as the credential type.

Save Credential for Synchronization Option

image-20241220-091144.png

Save Credential for Synchronization

  • This option, once enabled and saved, cannot be disabled from the synchronization settings detail page, so it should be selected carefully. The saved credential cannot be replaced. If a different credential is needed, a new synchronization setting must be created. If a credential change is required, it is recommended to create a new credential with the same permissions, create a new synchronization setting, and then delete the existing synchronization setting.

  • Synchronization settings saved without this option enabled can have the option activated by checking the checkbox on the detail page.

  • When this option is enabled, synchronization can be done manually, or a schedule can be set.

Synchronizing and Managing AWS Cloud Providers

image-20240902-044956.png

Administrator > Servers > Connection Management > Cloud Providers > List Details

  1. Navigate to the Administrator > Servers > Connection Management > Cloud Providers menu.

  2. Click on the registered Cloud Provider to open the details screen.

  3. Click the Dry run button in the upper right corner to preview the servers that will be synchronized from AWS. Note that the Dry run results are not saved.

  4. Click the Sychronize button in the upper right corner to sync resources from AWS.

  5. You can monitor synchronization progress in the Synchronization Log or view the history under Administrator > General > Systems > Jobs.

  6. Once a Cloud Provider is registered, certain provider details cannot be modified:

    1. Name: Changeable

    2. Cloud Provider: Not changeable

    3. Region: Not changeable

    4. Credential: Not changeable

      1. "Save Credential for Synchronization": The option can be changed from inactive to active, but it cannot be switched from active to inactive.

    5. Role ARN: Not changeable

    6. Search Filter : Changeable

    7. Replication Frequency : Changeable (except when the credential type is Access Key)

Synchronization settings saved without the "Save Credential for Synchronization" option enabled can have the option activated by checking the checkbox on the detail page. Just like when creating a new setting, once this option is activated, it cannot be deactivated again, so it should be selected carefully.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.