Account Audit

The Aviatrix Controller periodically checks the accounts it manages to make sure they are intact:

  1. The Controller instance’s IAM role aviatrix-role-ec2 is attached to the instance.
  2. The Controller instance’s IAM role aviatrix-role-app exists.
  3. An access account IAM role aviatrix-role-ec2 exists.
  4. An access account IAM role aviatrix-role-app exists.
  5. An access account IAM role aviatrix-role-ec2 has associated policies.
  6. An access account IAM role aviatrix-role-app has associated policies.
  7. An access account has trust relationship to the primary account (the Controller’s AWS account).

If any of the above condition fails, the Controller sends out alert email and logs the event. In addition, the controller will also send alert email on behalf of any of the above condition failures reported by a gateway upon the first detection and subsequently every 24 hours until the problem is rectified.

Note the event requires immediate attention; otherwise, it can lead to catastrophic operation outage. Go through the above conditions to repair the configuration.

If you need help, email to support@aviatrix.com.