This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

AWS Account Integrations with Dynatrace SaaS: "missing permission" error

Go to solution
sivart_89
Mentor

‎04 Nov 2022 03:02 PM - last edited on ‎07 Nov 2022 09:53 AM by Community Team

For all of the AWS accounts I have added into Dynatrace to collect CloudWatch metrics I see the below even though the IAM policy we have does have that permission. We only have AWS accounts in us-east-1 and us-east-2 and deny any traffic trying to go elsewhere. Would this be why I am seeing this error?

 

travis_anderson_0-1667573758062.png

 

One of our customers has S3 buckets in his account but is not seeing anything in Dynatrace even though the policy has that permission and within Dynatrace his account is setup as the below. I'm wondering if we aren't seeing S3 metrics because we don't allow access to all regions. Does Dynatrace require open access to all regions to collect any S3 metrics?

travis_anderson_1-1667573945106.png

 

Labels:
Reply
1 REPLY 1

Go to solution
dawid_kaszubski
Dynatrace Participant
Dynatrace Participant

‎07 Nov 2022 03:02 PM

@sivart_89 wrote:

We only have AWS accounts in us-east-1 and us-east-2 and deny any traffic trying to go elsewhere. Would this be why I am seeing this error?

Most probably, yes. This warning is raised when the AWS Monitoring module gets an AccessDenied or Unauthorized response. 

@sivart_89 wrote:

 

One of our customers has S3 buckets in his account but is not seeing anything in Dynatrace even though the policy has that permission and within Dynatrace his account is setup as the below. I'm wondering if we aren't seeing S3 metrics because we don't allow access to all regions. Does Dynatrace require open access to all regions to collect any S3 metrics?

Currently, Dynatrace AWS monitoring supports only Amazon S3 request metrics. https://docs.aws.amazon.com/AmazonS3/latest/userguide/metrics-dimensions.html#s3-request-cloudwatch-...
By default, request metrics aren't reported. The customer needs to enable them in the AWS S3 console to have them reported.
Last paragraph in Dynatrace S3 monitoring documentation:
https://www.dynatrace.com/support/help/how-to-use-dynatrace/infrastructure-monitoring/cloud-platform...

Product Owner of Cloud Monitoring
Reply
Ask a question

Featured Posts