AWS S3 Service Status Test

Amazon Simple Storage Service is storage for the Internet. Amazon S3 has a simple web services interface that you can use to store and retrieve any amount of data, at any time, from anywhere on the web.

To store your data in Amazon S3, you work with resources known as buckets and objects. A bucket is a container for objects. An object is a file and any metadata that describes that file.

To store an object in Amazon S3, you create a bucket and then upload the object to a bucket. When the object is in the bucket, you can open it, download it, and move it. When you no longer need an object or a bucket, you can clean up these resources.

If users are unable to access an S3 bucket, or if they complain of slowness/failures when uploading /downloading files from a bucket, overall user experience with Amazon's storage services will suffer. To assure users of an above-par experience with S3 at all times, administrators should be able to rapidly identify 'problematic' buckets. This is where the AWS S3 Service Status test helps! This test tracks uploads/downloads to each S3 bucket that is configured for monitoring. In the process, the test promptly captures and reports the following:

  • Are any buckets unavailable over the web? If so, which ones?

  • Is any bucket responding slowly to web requests? Which ones are these?

  • Did uploads to / downloads from any bucket fail?

  • Was any unusual slowness observed when uploading files to / downloading files from any particular bucket?

This way, administrators can monitor the health of the S3 service, and accurately identify the bucket that is degrading the quality of that service.

Target of the test: Amazon Cloud

Agent deploying the test : A remote agent

Outputs of the test : One set of results for each bucket in each AWS region

First-level descriptor: AWS Region

Second-level descriptor: Bucket name

Configurable parameters for the test
Parameter Description

Test Period

How often should the test be executed.

Host

The host for which the test is to be configured.

Access Type

eG Enterprise monitors the AWS cloud using AWS API. By default, the eG agent accesses the AWS API using a valid AWS account ID, which is assigned a special role that is specifically created for monitoring purposes. Accordingly, the Access Type parameter is set to Role by default. Furthermore, to enable the eG agent to use this default access approach, you will have to configure the eG tests with a valid AWS Account ID to Monitor and the special AWS Role Name you created for monitoring purposes.

Some AWS cloud environments however, may not support the role-based approach. Instead, they may allow cloud API requests only if such requests are signed by a valid Access Key and Secret Key. When monitoring such a cloud environment therefore, you should change the Access Type to Secret. Then, you should configure the eG tests with a valid AWS Access Key and AWS Secret Key.

Note that the Secret option may not be ideal when monitoring high-security cloud environments. This is because, such environments may issue a security mandate, which would require administrators to change the Access Key and Secret Key, often. Because of the dynamicity of the key-based approach, Amazon recommends the Role-based approach for accessing the AWS API.

AWS Account ID to Monitor

This parameter appears only when the Access Type parameter is set to Role. Specify the AWS Account ID that the eG agent should use for connecting and making requests to the AWS API. To determine your AWS Account ID, follow the steps below:

  • Login to the AWS management console. with your credentials.

  • Click on your IAM user/role on the top right corner of the AWS Console. You will see a drop-down menu containing the Account ID (see Figure 1).

    Identifying AWS Account ID

    Figure 1 : Identifying the AWS Account ID

AWS Role Name

This parameter appears when the Access Type parameter is set to Role. Specify the name of the role that you have specifically created on the AWS cloud for monitoring purposes. The eG agent uses this role and the configured Account ID to connect to the AWS Cloud and pull the required metrics. To know how to create such a role, refer to Creating a New Role.

AWS Access Key, AWS Secret Key, Confirm AWS Access Key, Confirm AWS Secret Key

These parameters appear only when the Access Type parameter is set to Secret.To monitor an Amazon instance, the eG agent has to be configured with the access key and secret key of a user with a valid AWS account. For this purpose, we recommend that you create a special user on the AWS cloud, obtain the access and secret keys of this user, and configure this test with these keys. The procedure for this has been detailed in the Obtaining an Access key and Secret key topic. Make sure you reconfirm the access and secret keys you provide here by retyping it in the corresponding Confirm text boxes.

Proxy Host and Proxy Port

In some environments, all communication with the AWS cloud and its regions could be routed through a proxy server. In such environments, you should make sure that the eG agent connects to the cloud via the proxy server and collects metrics. To enable metrics collection via a proxy, specify the IP address of the proxy server and the port at which the server listens against the Proxy Host and Proxy Port parameters. By default, these parameters are set to none , indicating that the eG agent is not configured to communicate via a proxy, by default.

Proxy User Name, Proxy Password, and Confirm Password

If the proxy server requires authentication, then, specify a valid proxy user name and password in the Proxy User Name and Proxy Password parameters, respectively. Then, confirm the password by retyping it in the Confirm Password text box. By default, these parameters are set to none, indicating that the proxy sever does not require authentication by default.

Proxy Domain and Proxy Workstation

If a Windows NTLM proxy is to be configured for use, then additionally, you will have to configure the Windows domain name and the Windows workstation name required for the same against the proxy domain and proxy workstation parameters. If the environment does not support a Windows NTLM proxy, set these parameters to none.

Exclude Region

Here, you can provide a comma-separated list of region names or patterns of region names that you do not want to monitor. For instance, to exclude regions with names that contain 'east' and 'west' from monitoring, your specification should be: *east*,*west*

Buckets

Provide a comma-separated list of buckets that you want this test to monitor.

Measurements made by the test
Measurement Description Measurement Unit Interpretation

S3 availability

Indicates whether/not this bucket is accessible over the web.

Percent

The value 0 indicates that the bucket is unavailable. The value 100 on the other hand indicates that the bucket is available and accessible over the web.

S3 response time

Indicates the average time taken by this bucket to respond to web requests.

Milliseconds

A high value is a cause for concern, as it indicates that the bucket is responding slowly to requests.

S3 upload status

Indicates whether/not uploads to this bucket succeeded.

 

The values that this measure reports and their corresponding numeric values are detailed in the table below:

Measure Value Numeric Value
Failure 0
Success 1

Note:

This measure reports the Measure Values in the table above to indicate the success/failure of uploads to a bucket. In the graph of this measure however, the same is represented using numeric equivalents only.

S3 upload time

Indicates the time taken to upload files to this bucket.

Milliseconds

A high value indicates a bottleneck when uploading files to the bucket. Compare the value of this measure across buckets to identify the bucket to which uploads failed.

S3 download status

Indicates whether/not downloads from this bucket succeeded.

 

The values that this measure reports and their corresponding numeric values are detailed in the table below:

Measure Value Numeric Value
Failure 0
Success 1

Note:

This measure reports the Measure Values in the table above to indicate the success/failure of downloads from a bucket. In the graph of this measure however, the same is represented using numeric equivalents only.

S3 download time

Indicates the time taken to download files from this bucket.

Milliseconds

A high value indicates a bottleneck when downloading files from the bucket. Compare the value of this measure across buckets to identify the bucket from which downloads failed.