Performing real-time updates to tags for cloud resources

  • Release version: Xanadu
  • Updated September 17, 2024
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Performing Real-Time Updates to Tags for Cloud Resources

    This guide outlines how to set up real-time updates to tags for cloud resources using cloud events processing. It enables the tagging policy to be applied automatically when tag changes occur in cloud environments, ensuring that the Configuration Management Database (CMDB) is consistently updated.

    Show full answer Show less

    Prerequisites

    • The cloud events table [sncmpcloudevents] must be empty of processed records.
    • Configuration Items (CIs) affected by tag changes need to be identified through CAPI or Discovery and Service Mapping patterns.
    • At least one tag policy must be configured.
    • The Run on cloud events checkbox must be selected in the tag policy created.

    Key Features

    • Cloud event processing setup varies by cloud provider, requiring configurations for AWS, Azure, or Google Cloud.
    • Real-time processing of tag change events allows for immediate tag audits on affected CIs.
    • The Tag Change Log [snitomtagchangelog] stores records of changes for 90 days, detailing what tags were added or updated.

    Optimizing Performance

    To maintain system performance amidst high event inflow or numerous tag policies, consider adjusting the following properties:

    • [snitomtag.azurewindowsize] - Configurable time window (in minutes).
    • [snitomtag.maxauditlagratio] - Defines the lag between ongoing tag audits and new triggers.
    • [snitomtag.policybatchsize] - Sets the batch size for running tag audits.
    • [snitomtag.eventbatchsize] - Determines the size of batches processed for events.

    You can set up cloud events processing and map a tag policy to update tags for cloud resources in real time.

    Prerequisites

    • Cloud events table [sn_cmp_cloud_events] table does not have any records in the processed state.
    • CIs impacted by tag change events are identified by either CAPI or Discovery and Service Mapping patterns.
    • Configured at least one tag policy.
    • Select the Run on cloud events check box in the tag policy you create.

    Instructions depend on the cloud provider

    See the following setup instructions for cloud event processing:

    Process cloud events related to changes in tags and execute tag audits on the events in real time.

    Unlike regular tag audits, where the audit is performed on all CIs in the CMDB that the tag policy applies to, tag events are processed per CI. Based on the prerequisites, tag event processing occurs on events that are identified with a tag change. The impacted CI is identified and, if the associated policy is applicable to the CI, the tag policy is run on the identified CI.

    If the Run on cloud events check box is selected during policy creation, the policy is selected to run an audit on tag change events. If the check box is cleared, the audit is not run on the CI even if there are tag change cloud events.

    View the change type that applies to the tag (the change that triggered the audit) in the Tag Change Log [sn_itom_tag_change_log] table. The records in the table are stored for 90 days by default. The change log records appear whether a remediation run or an event triggered the change on the CI. You can also view tags that were added or updated as part of the change.

    Optimizing performance

    High event inflow or a large number of tag policies can decrease performance. You can modify the following system properties to ensure acceptable performance:
    • [sn_itom_tag.azure_window_size] - This system property is configurable (in minutes).
    • [sn_itom_tag.max_audit_lag_ratio] - Specify the lag between tag audits that are already running, before the audit triggers on the records ready for audit.
    • [sn_itom_tag.policy_batch_size] - Batch size on which the tag audit is run.
    • [sn_itom_tag.event_batch_size] - Event batch size to be processed.