R12.3-2026Apr21

Configuring NetBrain System

After you have set up the monitored accounts and gateway accounts, follow these steps to add the accounts to monitor:
  1. On the Domain Management page, navigate to Operations > Discover Settings > API Server Manager.
  2. In the API Server Manager configuration page, click Add API Server to add an API Server entry into the table for each account to be monitored.
  3. Configure the parameters in the Edit External API Server window as follows:
    1. API Source Type: Select Amazon AWS.
    2. Access Method: Select Role-based Access.
    3. Endpoints (Account ID): Enter the AWS account ID to be monitored.
    4. External Id: Enter the External Id previously selected for the trust relationship in the AWS account to be monitored.
    5. Role Name: Enter the role name previously selected in the AWS Monitor account.
  4. In the Advanced section, click +Add and add the following keys of user account created in the gateway account:
    1. Master Access Key: This is the public key used to access the gateway account.
    2. Master Secret Access Key: This is the secret key used to access the gateway account.

      As part of security best practices, the access key and secret key for the gateway account should be rotated at regular intervals. If you manage multiple monitor accounts, you can use the Master Access Key Rotation plugin to update the new access and secret keys across all monitor accounts with a single click.
  5. Click Test in the Add External API Server window to verify the connection to the monitored accounts to ensure they are connected successfully.
  6. Click Test in the Edit External API Server window to verify that NetBrain IE has access to the AWS account resources. If it fails, check if the roles and policies are configured properly.




Creating Public or Secret Keys for Gateway Accounts Automatically Updating Master Keys in Monitor Accounts