Configure real-time sync with AWS
Early Access release
Real-time sync allows Advanced Server Access to subscribe to compute instance events generated by AWS. Normally, server discovery happens daily, but this feature allows Advanced Server Access to add or remove servers immediately after receiving a notification. Real-time sync works by enabling AWS EventBridge to send webhook events to an endpoint associated with a specific cloud account within a project.
Events are usually generated when a compute instance is launched or terminated. For launch events, Advanced Server Access automatically adds servers to the associated project. You must install the Advanced Server Access server agent on discovered servers before users can connect. For terminate events, Advanced Server Access automatically removes the server from the project inventory.
- It may take up to ten minutes before server changes are synchronized with Advanced Server Access.
- You must configure separate rules for each AWS region containing servers, unless you use Event bridge cross-region events to centralize events into a single region.
- Identify the project details.
- Go to the Advanced Server Access admin console.
- Go to the Projects page and select a project.
- Go to the Enrollment tab and select the AWS account.
- Under Instance Lifecycle Monitoring, click Create Client ID & Secret.
- From the Client Secret Created window, store the client ID & secret.
Note: You cannot retrieve this information after closing the window. If you lose this information, you must generate a new client ID & secret. - Click OK.
- Note the Webhook URL for later use.
- Create a connection.
- Go to the Amazon EventBridge console.
- Go to the API destinations page.
- Go to the Connections tab and click Create connection.
- From the Create connection window, enter a name and description.
- For Authorization type, select OAuth Client Credentials.
- Configure the credentials.
Field Action Authorization endpoint Enter https://app.scaleft.com/v1/oauth_token
.HTTP method Select Post. OAuth HTTP Parameters
- Under Parameter, select Body field.
- Under Key, enter
grant_type
. - Under Value, enter
client_credentials
.
Client ID Enter the Client ID you noted from the Advanced Server Access console. Client secret Enter the Client secret you noted from the Advanced Server Access console. - Click Create.
-
Create a target.
For more information, see the AWS documentation.- Go to the API destinations page and click Create API destination.
- From the Create API destination window, enter a name and description.
- For API destination endpoint, enter the Webhook URL you noted from the Advanced Server Access console.
- For HTTP method, select Post.
- Click Use an existing connection and select the connection you created previously.
- Click Create.
- Go to the API destinations page and click Create API destination.
- Create a rule.
For more information, see the AWS documentation.- Go to the Rules page and click Create rule.
- Enter a name for the rule.
- Under Define pattern, select Event pattern, and then select Custom pattern.
- Next to Event pattern, click Edit.
- Enter the following JSON pattern.
Pattern Description { "source": ["aws.ec2"], "detail-type": ["EC2 Instance State-change Notification"], "detail": { "state": ["pending", "terminated"] } }
Sends a notification when an EC2 instance changes to the pending
orterminated
states. - For Target, select the target API destination you created previously.
- Click Create.
After creating a rule, AWS sends a notification to Advanced Server Access when a matching event occurs. Advanced Server Access uses these notifications to update the server inventory within the associated project.