The AWS Serverless Application automatically provisions all of the resources required to export JumpCloud Directory Insights Data into an AWS S3 bucket.
After you've installed and deployed the application, it:
- Creates a role to access and operate the pieces required to export data to AWS.
- Creates an S3 bucket to store your data in.
- Places your JumpCloud API Keys in AWS Secrets Manager.
- Creates the lambda function that ties everything together.
After everything is created, the application waits until your specified time increment passes and then gathers the JumpCloud Directory Insights data from the specified time period, puts it in a zipped JSON file, and sends it to the S3 bucket for storage. The application goes through this process until the CloudFormation template is deleted or the CloudWatch Event that triggers the Lambda function is disabled.
If an entire increment goes by without any Directory Insights data, we place a data point in a CloudWatch Metric in the JumpCloudDirectoryInsights Namespace. This namespace isn't created if you don't experience increments without events.
Installing the Application
You can install the Directory Insights Serverless Application from the AWS Serverless Application Repository. You can also manually install the application from GitHub. You'll need to provide the following when you install the Directory Insights Serverless Application:
- Application Name: Many of the AWS resources this application generates for you base their name off the application name you provide.
- Increment Amount and Increment Type: These parameters specify the cadence at which Directory Insights data is exported.
- JumpCloud API Key: Your API Key is safely stored in the AWS Secrets Manager.
Alternatively, You can create the Directory Insights Serverless Application for Google Cloud Platform (GCP) Service. Instructions can be found from GitHub.