Cloud Center Management Guide on the Elven Platform
In Elven Platform’s Cloud Center, your Cloud acts as the bridge between your infrastructure and cloud providers like AWS, Azure, or even custom Clouds. Here, connecting, managing, and monitoring your environments becomes simple and intuitive. Designed with a focus on practicality, the Cloud Center offers a seamless experience so you can centralize everything in one place, gaining control and visibility over your resources. Our goal is for you to focus your time on what truly matters: creating amazing experiences for your users, while we take care of the rest.
Accessing the Cloud Center
Navigate to the main menu and click on Monitoring.
In the submenu, select the Clouds item.
Working with the Cloud Center
In the Cloud Center of the Monitoring module on the Elven Platform, we provide a Cloud Listing designed to offer a clear and organized view of all configured Clouds. Here, you’ll find all the essential details, such as the configuration name and the associated provider (AWS, Azure, or even custom options), allowing for quick and accurate identification.
To make the experience even more efficient, you can use the search field to easily locate specific Clouds, or navigate through the configuration pages using the pagination feature.
Everything has been designed to simplify Cloud management. With just a few clicks, you can edit an existing configuration using the pencil icon, or remove unnecessary Clouds with the trash icon. Need to add a new Cloud? The ‘New’ button is ready for you, redirecting you to the creation form page.
All of this was built to give you maximum control and convenience, making your infrastructure management straightforward and efficient.
The New Cloud Configuration in the Monitoring module of the Elven Platform makes the process of connecting to a cloud provider fast and intuitive. You can create a new custom configuration, defining all the necessary details to integrate providers like AWS or Azure.
Configuring a New AWS Cloud
To create a Cloud for AWS on the Elven Platform, you need to fill in some essential information. First, under Cloud Provider, select the AWS option. Then, choose a Name, which will be the name of your Cloud within the platform. This name is important for organizing your configurations and simplifying management.
Next, you’ll need your AWS credentials: Access Key ID and Secret Access Key. These credentials belong to a Programmatic User, who must have specific permissions to integrate with the Elven Platform. For this, we use a special policy called 1p-agent, which grants controlled access to resources like EC2, Lambda, monitoring, and configuration management.
Once everything is filled out, simply click the Save button. From that moment, your Cloud will be ready to use within the platform, allowing you to monitor and manage your AWS resources efficiently and securely.
1p-agent Policy
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"ec2:RunInstances",
"ec2:CreateVolume"
],
"Resource": [
"arn:aws:ec2:*:*:instance/*",
"arn:aws:ec2:*:*:volume/*"
],
"Condition": {
"StringEquals": {
"aws:RequestTag/Owner": "1p-agent"
},
"ForAllValues:StringEquals": {
"aws:TagKeys": [
"Owner",
"Name",
"Environment"
]
}
}
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": [
"ec2:RevokeSecurityGroupIngress",
"ec2:RebootInstances",
"ec2:AuthorizeSecurityGroupEgress",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:UpdateSecurityGroupRuleDescriptionsEgress",
"ec2:TerminateInstances",
"ec2:StartInstances",
"ec2:RevokeSecurityGroupEgress",
"ec2:DeleteSecurityGroup",
"ec2:StopInstances",
"ec2:UpdateSecurityGroupRuleDescriptionsIngress"
],
"Resource": [
"arn:aws:ec2:*:*:instance/*",
"arn:aws:ec2:*:*:security-group/*"
],
"Condition": {
"StringEquals": {
"ec2:ResourceTag/Owner": "1p-agent"
}
}
},
{
"Sid": "VisualEditor2",
"Effect": "Allow",
"Action": "ec2:RunInstances",
"Resource": [
"arn:aws:ec2:*:*:subnet/*",
"arn:aws:ec2:*:*:key-pair/*",
"arn:aws:ec2:*::snapshot/*",
"arn:aws:ec2:*:*:security-group/*",
"arn:aws:ec2:*:*:network-interface/*",
"arn:aws:ec2:*::image/*"
]
},
{
"Sid": "VisualEditor3",
"Effect": "Allow",
"Action": [
"lambda:ListVersionsByFunction",
"lambda:GetLayerVersion",
"logs:*",
"lambda:GetAccountSettings",
"lambda:GetFunctionConfiguration",
"lambda:GetLayerVersionPolicy",
"lambda:ListProvisionedConcurrencyConfigs",
"rds:Describe*",
"lambda:GetProvisionedConcurrencyConfig",
"lambda:ListTags",
"ec2:CreateSecurityGroup",
"lambda:ListLayerVersions",
"lambda:ListLayers",
"lambda:ListCodeSigningConfigs",
"lambda:GetAlias",
"lambda:ListFunctions",
"s3:*",
"lambda:GetEventSourceMapping",
"lambda:GetFunction",
"ec2:CreateTags",
"lambda:ListAliases",
"lambda:GetFunctionUrlConfig",
"lambda:ListFunctionUrlConfigs",
"elasticache:Describe*",
"lambda:GetFunctionCodeSigningConfig",
"lambda:ListFunctionEventInvokeConfigs",
"ec2:Describe*",
"lambda:ListFunctionsByCodeSigningConfig",
"cloudwatch:*",
"lambda:GetFunctionConcurrency",
"lambda:GetFunctionEventInvokeConfig",
"lambda:ListEventSourceMappings",
"lambda:GetCodeSigningConfig",
"lambda:GetPolicy"
],
"Resource": "*"
},
{
"Sid": "VisualEditor4",
"Effect": "Allow",
"Action": [
"iam:get*",
"iam:list*"
],
"Resource": "arn:aws:iam::*:user/${aws:username}"
},
{
"Sid": "VisualEditor5",
"Effect": "Allow",
"Action": "ssm:*",
"Resource": [
"arn:aws:s3:::*",
"arn:aws:ssm:*:*:opsmetadata/*",
"arn:aws:ec2:*:*:instance/*",
"arn:aws:ssm:*:*:parameter/*"
]
}
]
}Configuring a New Azure Cloud
To create an Azure Cloud on the Elven Platform, you’ll need to fill in some essential information. First, under Cloud Provider, select the Azure option. Then, choose a Name, which will be the name of your Cloud within the platform. This name is fundamental for organizing your configurations and simplifying the management of your resources.
Next, you’ll need to provide your Azure credentials: CLIENT_ID, TENANT_ID, SUBSCRIPTION_ID, and CLIENT_SECRET. These credentials are linked to the Service Principal created in Azure, with specific permissions to integrate with the Elven Platform. They ensure secure access to your Azure Cloud resources, allowing you to monitor and manage services such as virtual machines, databases, and other resources.
Once all the information is filled out, simply click the Save button. From that moment, your Azure Cloud will be configured and ready to use within the platform, providing effective and secure management of your Azure resources.
Configuring a New Custom Cloud
To create a Custom Cloud on the Elven Platform, you’ll need to fill in some essential information. First, under Cloud Provider, select the Custom option. Then, choose a Name, which will be the name of your Cloud within the platform. This name is fundamental for organizing your configurations and simplifying the management of your resources.
Glossary of Technical Terms
Cloud Center: The cloud infrastructure management hub on the Elven Platform. It’s where you can connect, manage, and monitor your cloud environments, such as AWS, Azure, or custom Clouds, centralizing all resources in a single location.
Clouds: Term used to describe cloud provider configurations on the Elven Platform. Here, you can view, edit, remove, or add new Clouds to manage your infrastructure.
Cloud Provider: The cloud provider to which the configuration connects, such as AWS, Azure, or custom Clouds. The provider defines the resources and services available to your infrastructure.
Name: Field where you define the Cloud configuration name, helping to identify and organize the different Clouds integrated into the platform.
Access Key ID and Secret Access Key: Authentication credentials required to establish a connection with the cloud provider, ensuring security and proper resource access.
Cloud Infrastructure Management: The process of connecting, configuring, and monitoring cloud resources within the Elven Platform, aiming for simplified and efficient IT infrastructure management.
Client ID: A unique identifier for an application registered in Azure Active Directory (Azure AD). It is used to authenticate the application and allow it to access Azure resources on behalf of a user or Service Principal. This identifier is essential for secure communication between the platform and Azure.
Tenant ID: A unique identifier for the Azure Active Directory (Azure AD) tenant associated with your Azure subscription. It defines the scope where identities (users and applications) are located. The Tenant ID is required to associate the application with the correct directory and ensure secure access to resources within the tenant’s scope.
Subscription ID: A unique identifier for an Azure subscription. It links the application to the resources and services available within that subscription. Each Azure subscription is isolated, allowing you to manage resources independently across different accounts or environments. The Subscription ID is essential for directing application actions to the correct subscription.
Client Secret: A secret key associated with the application registered in Azure Active Directory. It functions like a password to authenticate the Service Principal and ensure the application has permission to access defined resources. The Client Secret must be kept secure, as it is essential for secure communication between the platform and Azure.
Service Principal: A security identity used by applications, services, or automations to access resources within Azure. It allows the application to authenticate and obtain specific permissions without requiring a real user.
Last updated
Was this helpful?