Showing results for 
Show  only  | Search instead for 
Did you mean: 

Management zone based on AWS account ID

Frequent Guest

Thought this would be easy 😞

Currently combining 4 Dynatrace environments (1 for each of our AWS estatesDEV->UAT->STG->PRD), into 1 environment, then using MZ to split the data.

I created 4 MZ rules, and used the AWS account ID to split the data, but this is not reflected in Services / Traces etc.? I would of thought that logically a service running on ECS would just be connected without any hassle? But none of my services show when I select a MZ - so it seems I also need to tag these as well.

Can I tag at our activegateway? Or use the gateway id as a way to split data into MZ?

Frustrated, should be easy


DynaMight Guru
DynaMight Guru

Hello @Mat-Moo you can use entity selector to tags your services running on AWS, in my case





The true delight is in the finding out rather than in the knowing.

Thanks, it kinda makes sense, but I'm still not there. I'm using ECS Fargate on AWS, [API requests] if I get the ECS service entityId, I can see a link to the Host, and the host should give me the ability to check AWS accountID? Could I use the activegatewayId as the MZ definer? 

Be nice to have an easier way to explore relationships etc. except via api post request 🙂

If you are using Fargate, I wrote the following article. It would be easy to separate in host groups and later assign host and services to MZ. I'm doing that. AFAIK you can't use AG id.

The true delight is in the finding out rather than in the knowing.

We deploy the same container over all the AWS estates, do adding to the container doesn't make sense to me?

Your original reply makes sense, I'm just struggling with the syntax - If I understand this, I need to follow the tree, Service -> Host -> account id, I don't use lambda but I can see that the fromRelationships connects to a HOST, so I thought i could do something like


@Mat-Mooyou need to query the entities API to have all valid relationships but based on what you say:


 Hope it helps!!!

The true delight is in the finding out rather than in the knowing.

All starting to click, but so close but so far. When I use the above and do preview I get no matching entities. Looking at my API responses, runsonHost is good, but then runsOn(type(EC2_INSTANCE) - nothing I can see in the api responses. In fact the fromRelationships only contains a single item. which is a RELATIONAL_DATABASE_SERVICE.

The service is linked to a PROCESS_GROUP which has the AWS_CLUSTER name, I'm wondering if I can use that property metadata to link instead? but this is where my entity selector syntax lets me down - type(SERVICE)->fromRelationship(PROCESS_GROUP)->isAccessableBy(typeAWS_Credentials),awsAccountID("XXX"))

Thanks for help so far btw

Hi @Mat-Moo under {{baseUrl}}/entityTypes?pageSize=500 you can see the relations. But may be this approach is better.





The true delight is in the finding out rather than in the knowing.

I've just realised the ARN includes the AWS account id, so it could be as simple as type(SERVICE),fromRelationships.runsOn(type(PROCESS_GROUP),metadata("AWS_ECS_CLUSTER:*XXX*")) - but now I can't figure out the wildcard selection (Not sure it's possible) - or even metadata.startsWith("AWS_ECS_CLUSTER:xxxx"))

Unluckily it isn't possible to use Wildcards at that level.

The true delight is in the finding out rather than in the knowing.

BTW your last answer is almost perfect, but with 20+ clusternames, would be hard to maintain, hence the wildcard


Bit messy but works - I have some services that use non-relational DB's though so need to look at those now as well. In the meantime, looking at the one-agent see if I can inject a tag to make life easier

Featured Posts