Okta and AWS Secure and Simplify Access to Amazon Managed Grafana

Today, it’s often said that every company is a software company. And as enterprises grow, many are deploying containerized, microservices-based apps and adding new IoT and AI solutions, generating massive amounts of data. For many DevOps teams, troubleshooting multiple monitoring tools and various operational data stores has become overwhelming. As companies add these solutions, the exponential increase in data has become difficult to manage in real-time.

Data proliferation calls for new monitoring tools

To combat this increase, many companies using Amazon Web Services (AWS) cloud services are employing powerful tools like Grafana to see dynamic visualizations of this complex, correlated data. Amazon's Managed Grafana (AMG) streamlines the use of Grafana in AWS, providing admins real-time data visualizations across a wide array of Amazon services. DevOps teams can easily query logs, operational metrics, and traces from multiple data sources, and pull them into a unified dashboard view.

It’s a powerful tool that requires new security considerations. What’s being visualized is critical, sensitive enterprise data—and that requires an appropriate level of protection.

Secure, simple access to game-changing data visualizations

That’s why Okta and AWS partnered to secure access for AMG users via a native integration, available in the Okta Integration Network (OIN) catalog. With this integration, organizations can provide single sign-on (SSO) and Multi-Factor Authentication (MFA) access to AMG's dashboards and data, allowing teams to use one set of credentials to access everything: from AMG, to productivity apps, to AWS infrastructure. Companies can secure that access with strong MFA, such as biometrics and push notifications, and add risk signals and bot protection via Okta’s Behavioral/Risk engine.

Okta AWS AMG

Amazon Managed Grafana can dramatically simplify how administrators query and view logs, metrics, and traces from the disparate monitoring tools they use. This managed service allows DevOps teams to analyze their consolidated data in real-time. It correlates apps and ops telemetry across multiple AWS services, accounts, and regions—all into a unified AMG dashboard. Add the simplicity and security of Okta’s identity management, and your employees can safely sharpen their view and understanding of their operational data with zero added friction.

AMG handles the provisioning, setup, scaling, and maintenance of Grafana servers, while Okta provides the secure identity management that keeps authorized access safe and simple for your teams. And with Okta serving as the identity provider, even (authorized) users without access to the AWS Management Console can access Grafana’s visualizations. This allows them to query sources such as  Amazon CloudWatch, Amazon Managed Service for Prometheus, AWS IoT SiteWise, Amazon Elasticsearch Service, Amazon Timestream, AWS X-Ray, and many others, all without requiring any changes to access or login policies.

The power of open-source Grafana, the simplicity of AWS and Okta

The AMG service is based on the open-source Grafana data visualization platform. Built with a pluggable data source architecture that simplifies interfacing, Grafana can visually interpret many types of data, ranging from raspberry pi devices to Kubernetes clusters and a wide variety of cloud services, giving admins dynamic dashboard views. AMG provides AWS customers with an easier path to installing, running, and maintaining Grafana across various AWS services.

AMG makes Grafana adoption a breeze

Leveraging Grafana as a fully-managed and secure data visualization service, AMG is available in the AWS Marketplace. The AMG dashboard displays logs and traces from various AWS data sources including Amazon CloudWatch, Amazon Elasticsearch Service, AWS X-Ray, AWS IoT SiteWise, and Amazon Timestream. Besides AWS, AMG can also monitor data sources from any solution compatible with Grafana.

Using AMG, you can also create dashboards by querying data from Amazon Managed Service for Prometheus, a popular open-source monitoring and alerting toolkit that gathers and stores metrics as time series data, enabling you to easily monitor your container applications. And AMG also supports connections to popular monitoring tools including Datadog, Splunk, ServiceNow, and New Relic, simply by enabling Grafana Labs’ Grafana Enterprise from the AWS Console.

Secure Amazon Managed Grafana with Okta

Incorporating AMG and providing your teams with secure, simplified access to Grafana at Amazon is easy with the Okta AMG application. Okta customers that want to add AMG to their toolkits can get started easily, extending their existing security policies and user access controls to AMG. Permissions and groups set up in Okta carry over into AMG workspaces without having to add users to the AWS Management Console, so established authentication policies like two-factor authentication and password requirements can be automatically applied.

In fact, authorized employees can access AMG and create dashboards even if they don’t have access to the AWS Management Console. Doing so is easy:

  1. Log into a specific URL to access your existing corporate credentials through Okta.
  2. Simply request the data visualizations you need to stay productive.

Give your teams secure access to data visualization

The open-source Grafana project brings busy organizations much needed data visualization at scale. With Amazon Managed Grafana, AWS provides a managed service that makes it easy for organizations to quickly implement Grafana. Plus, Okta brings SSO simplicity, strong and scalable identity-based security, and fine-grained controls that keep access simple and secure, while making it easy for admins to manage AMG users and groups.

“Okta and Amazon Web Services continue to strategically partner and integrate our technologies for a seamless and secure user experience. We’ve worked closely, building a new integration with Amazon Managed Grafana, to offer our joint customers a secure access to data and dashboards in order to visualize, analyze, and correlate securely across multiple data sources”.

—Salima Kaissi, Okta Director of Technology Partnerships

Let’s get started