Red Hat SummitConfiguring cloud integrations for Red Hat services
How to link your Red Hat account to a public cloud
Abstract
Chapter 1. Cloud integrations on the Hybrid Cloud Console
You can integrate some public clouds and third-party applications with the Hybrid Cloud Console. For information about integrating third-party applications to receive event notifications, see Integrating the Red Hat Hybrid Cloud Console with third-party applications.
A cloud integration on the Red Hat Hybrid Cloud Console is an association with a public cloud service, application, or provider that supplies data to a Hybrid Cloud Console service. Services on the Hybrid Cloud Console use the integrations service to connect with public cloud providers and other services or tools to collect information for the service.
You can integrate the following public clouds with the Hybrid Cloud Console:
- Amazon Web Services (AWS)
- Microsoft Azure
- Google Cloud
You can also connect your Red Hat OpenShift Container Platform environment to the Hybrid Cloud Console as a cloud integration to use with the cost management service on the console.
You can add and manage cloud and Red Hat integrations from the Integrations page, located in the Hybrid Cloud Console Settings menu.
The Integrations service uses a wizard to help you connect cloud and Red Hat integrations to the Hybrid Cloud Console. For cloud integrations, you can associate the provider with Red Hat services, including cost management and the Red Hat Enterprise Linux (RHEL) management bundle. For Red Hat integrations, you can add Red Hat OpenShift Container Platform. Associating a service is optional for cloud integrations, but is required for Red Hat integrations.
For detailed information about adding cloud or Red Hat integrations to the Red Hat Hybrid Cloud Console, see Configuring cloud integrations for Red Hat services.
Chapter 2. Configure User Access to manage integrations
To configure cloud and Red Hat integrations, you must be a member of a group with the Cloud administrator role. This group must be configured in User Access by an Organization Administrator. In the Red Hat Hybrid Cloud Console, an Organization Administrator performs the following high-level steps:
- Create a User Access group for cloud administrators.
- Add the Cloud administrator role to the group.
- Add members (users with account access) to the group.
Organization Administrator The Organization Administrator configures the User Access group for cloud administrators, then adds the Cloud administrator role and users to the group.
Cloud administrator The Cloud administrator configures how services interact with cloud and Red Hat integrations. The Cloud administrator can add, remove, and edit integrations available in the Hybrid Cloud Console.
2.1. Creating and configuring a Cloud Administrator group in the Hybrid Cloud Console
An Organization Administrator of a Red Hat account creates a group with the Cloud Administrator role and adds members to the group. The members of this group can manage cloud and Red Hat integrations on the Hybrid Cloud Console.
Prerequisites
You are logged in to the Hybrid Cloud Console as a user who has Organization Administrator permission.
NoteYou cannot log in to the Hybrid Cloud Console with your email address unless your email address is the same as your Red Hat login. For more information, see Finding your login.
- If you are not an Organization Administrator, you must be a member of a group that has the User Access administrator role assigned to it.
Procedure
- Click Settings > Identity & Access Management.
- Under Identity & Access Management, click User Access > Groups.
- Click Create group.
- Enter a group name, for example, Cloud Administrators, and a description, and then click Next.
- Find Cloud Administrator in the list of roles, select the checkbox next to it, and then click Next.
Add members to the group:
- Search for individual users or filter by username, email, or status.
- Select the checkbox for the users you want to add to the group, then click Next.
- Review the details and click Submit to finish creating the group.
Verification
- Verify that your new group is listed on the Groups page.
2.2. Editing or removing a User Access group
You can make changes to an existing User Access group in the Red Hat Hybrid Cloud Console and you can delete groups that are no longer needed.
Prerequisites
You are logged in to the Red Hat Hybrid Cloud Console and meet one of the following criteria:
- You are a user with Organization Administrator permissions.
You are a member of a group that has the User Access administrator role assigned to it.
NoteYou cannot log in to the Hybrid Cloud Console with your email address unless your email address is the same as your Red Hat login. For more information, see Finding your login.
Procedure
- Navigate to Red Hat Hybrid Cloud Console > Settings > Identity & Access Management > User Access > Groups.
- Click the options icon (⋮) on the far right of the group name row, and then click Edit or Delete.
- Make and save changes or delete the group.
Chapter 3. Adding cloud integrations to the Hybrid Cloud Console
You can connect Amazon Web Services (AWS), Google Cloud, or Microsoft Azure accounts as cloud integrations in the Red Hat Hybrid Cloud Console so that services hosted on the Hybrid Cloud Console can use data from public cloud providers.
3.1. Amazon Web Services (AWS) integrations with the Hybrid Cloud Console
You can connect your AWS account to the following services in the Red Hat Hybrid Cloud Console:
3.1.1. Cost management
Connect your AWS account to cost management to track your cloud costs. You can use the cost management service to perform financially related tasks, such as:
- Visualizing, understanding, and analyzing the use of resources and costs
- Forecasting your future consumption and comparing them with budgets
- Optimizing resources and consumption
- Identifying patterns of usage for further analysis
- Integrating with third-party tools that can benefit from cost and resourcing data
3.1.2. RHEL management bundle
Connect your AWS account to the RHEL management bundle in the Hybrid Cloud Console to use your Red Hat product subscriptions on AWS.
The RHEL management bundle grants access to additional capabilities which are useful to deploying Red Hat products on the public cloud, including:
- Red Hat gold images: You can use Red Hat cloud images in AWS and bring your own subscription instead of paying hourly.
Autoregistration: This allows cloud instances to automatically connect to console.redhat.com when provisioned so you can use Red Hat Lightspeed services.
ImportantTo use RHEL management, you must enable Simple Content Access. See the Red Hat Knowledge Article Simple Content Access for more information.
3.1.3. Adding an Amazon Web Services (AWS) account as a cloud integration
You can connect your AWS account to the Red Hat Hybrid Cloud Console as a cloud integration so that you can use your AWS data with Hybrid Cloud Console services. You can create your integration using the account authorization method and let Red Hat configure and manage your integration for you. If you choose this method, you must provide the access key ID and the secret access key for your AWS account. This is the recommended method. However, if you do not want to provide your AWS account credentials to Red Hat, you can configure your integration manually. After adding your AWS integration, you can view and manage your AWS and other integrations from the Integrations page in the Hybrid Cloud Console.
Prerequisites
You are logged in to the Red Hat Hybrid Cloud Console as an Organization Administrator or as a user with Cloud Administrator permissions.
NoteYou cannot log in to the Hybrid Cloud Console with your email address unless your email adress is the same as your Red Hat login. For more information, see Finding your login.
You have access to an AWS account that you want to use with the Hybrid Cloud Console that has the following Identity and Access Management (IAM) roles:
-
CreatePolicy -
CreateRole -
AttachRolePolicy -
GetPolicy -
GetRole
-
- To create your AWS integration using the account authorization configuration method (recommended), you have the access key ID and the secret access key for your AWS account.
Procedure
- Go to Settings > Integrations and select the Cloud tab.
- Click Add integration to open the Add a cloud integration wizard. If this is the first integration you are adding, skip this step.
- Select Amazon Web Services, and then click Next.
- Enter a descriptive name for the integration, for example, my_aws_integration, and then click Next.
Select a configuration mode:
Select Account authorization to allow Red Hat to configure and manage the integration for you after you provide your AWS credentials. This is the recommended configuration mode.
- Enter your AWS access key ID and secret access key and click Next. The Select applications page appears with Cost Management and RHEL management services selected.
Deselect any services that you do not want your integration to connect to, and then click Next.
NoteYou can choose to deselect all services in this step. You can connect additional Hybrid Cloud Console services after you finish creating the AWS integration.
Select Manual configuration and click Next to configure your integration manually if you do not want to enter your AWS account authorization credentials.
- Optional: Select a service to connect to your integration.
- Click Next.
Follow the instructions in the integration wizard.
NoteIf you selected Cost Management, see Integrating Amazon Web Services (AWS) data into cost management for detailed instructions.
- On the Review details page, review the details of the integration and then click Add. Your AWS integration is added to the Hybrid Cloud Console.
Verification
- Go to the Integrations page and select the Cloud tab.
- Confirm that your AWS integration is listed and the status is Ready.
3.2. Microsoft Azure integrations with the Hybrid Cloud Console
Connect your Microsoft Azure account with the Hybrid Cloud Console to receive the following benefits, depending on the services that you connect with:
- Gold images
- Auto-registration of provisioned systems
- Subscription reporting
- Red Hat Lightspeed
You can connect your Microsoft Azure account to the following services in the Red Hat Hybrid Cloud Console:
3.2.1. Cost management
Connect your Microsoft Azure account to cost management to track your cloud costs. You can use the cost management service to perform financially related tasks, such as:
- Visualizing, understanding, and analyzing the use of resources and costs
- Forecasting your future consumption and comparing them with budgets
- Optimizing resources and consumption
- Identifying patterns of usage for further analysis
- Integrating with third-party tools that can benefit from cost and resourcing data
3.2.2. RHEL management bundle
Connect your Microsoft Azure account to the RHEL management bundle in the Hybrid Cloud Console to use your existing Red Hat product subscriptions on Microsoft Azure.
The RHEL management bundle grants access to additional capabilities which are useful to deploying Red Hat products on the public cloud, including:
- Red Hat gold images: You can use Red Hat cloud images in Microsoft Azure and bring your own subscription instead of paying hourly.
Autoregistration: This allows cloud instances to automatically connect to console.redhat.com when provisioned so you can use Red Hat Lightspeed services.
ImportantTo use RHEL management, you must enable Simple Content Access. See the Red Hat Knowledge Article Simple Content Access for more information.
3.2.3. Azure Lighthouse
Azure Lighthouse is a Microsoft Azure service that provides secure access control and managed services for customers and partners. If you add the RHEL management bundle to your Microsoft Azure integration, the Hybrid Cloud Console cloud integrations wizard takes you to Azure Lighthouse to deploy a custom template to link your Red Hat and Microsoft Azure accounts.
In your Azure account, deploying the template sets up two Azure roles for RHEL Management:
-
Reader: This role allows the Hybrid Cloud Console to view all resources, but it cannot make any changes. See the Azure documentation for information about this role. -
Managed Services Registration assignment Delete: This role enables clean-up of the authorization when you remove the Hybrid Cloud Console integration. See the Azure documentation for information about this role.
For more information about the Azure Resource Manager template, see Deploy the Azure Resource Manager template in the Azure documentation.
3.2.4. Adding a Microsoft Azure account as a cloud integration
You can connect your Microsoft Azure account to the Red Hat Hybrid Cloud Console as a cloud integration so that you can use your Microsoft Azure data with Hybrid Cloud Console services. After adding your Azure integration, you can view and manage your Azure and other integrations from the Integrations page in the Hybrid Cloud Console.
To access gold images or Azure Hybrid Benefit, create an integration for any Azure tenant subscription ID within an Azure tenant. When a single Azure subscription ID is integrated, Red Hat automatically retrieves the Azure tenant ID and enables gold image access and Azure Hybrid Benefit for all current and future subscription IDs within this tenant.
Prerequisites
You are logged in to the Red Hat Hybrid Cloud Console as an Organization Administrator or as a user with Cloud Administrator permissions.
NoteYou cannot log in to the Hybrid Cloud Console with your email address unless your email address is the same as your Red Hat login. For more information, see Finding your login.
- You have access to a Microsoft Azure account that you want to use with the Hybrid Cloud Console.
Your Microsoft Azure user account has the minimum permissions required to use the Red Hat services that you want to add to your integration:
To use the RHEL management service with your Microsoft Azure integration, you must have a non-guest account in your tenant who has a role with the
Microsoft.Authorization/roleAssignments/writepermission, such asowner, for the Azure subscription you are using. See the following Microsoft Azure documentation for more information:
Procedure
- Go to Settings > Integrations.
- Select the Cloud tab.
- Click Add integration to open the Add a cloud integration wizard. If this is the first integration you are adding, skip this step.
- Select Microsoft Azure, and then click Next.
- Enter a descriptive name for the integration, for example, Azure_build, and then click Next.
- Optional: Select a service to connect with Microsoft Azure. You can choose to create the integration without selecting a service. You can connect Hybrid Cloud Console services after you create the Microsoft Azure integration.
- Follow the instructions in the integration wizard.
- If you selected Cost Management, see Integrating Microsoft Azure data into cost management for detailed instructions.
If you selected RHEL Management, complete the following steps on the Configure Azure Lighthouse page of the integration wizard:
- To access your Azure Lighthouse account, click Go to Lighthouse and sign in with your Microsoft Azure account credentials.
- On the Custom deployment page, click Next.
Review the information on the Custom deployment page and then click Create to run the deployment. This action creates two roles in your Azure account: Reader and Managed Services Registration assignment Delete Role.
NoteDo not change the values on the Custom Deployment screen. These values are set by Red Hat.
- After the deployment is complete, click Go to subscription.
On the Subscriptions page, copy the Subscription ID.
NoteAll subscription IDs are now included under the tenant ID. If you have already created an integration and enrolled for a subscription ID, the respective tenant IDs are also enrolled. You will not be charged twice.
- Return to the Red Hat Hybrid Cloud Console Configure Azure Lighthouse screen and click Next.
- Paste the subscription ID that you copied previously into the Subscription ID box and click Next.
- On the Review details page, review the details of the integration and then click Add. Your Microsoft Azure integration is added to the Hybrid Cloud Console.
Verification
- Go to the Integrations page, and select the Cloud tab.
- Confirm that your Azure integration is listed and the status is Ready.
3.3. Google Cloud integrations with the Hybrid Cloud Console
You can connect your Google Cloud account to the following services in the Red Hat Hybrid Cloud Console:
3.3.1. Cost management
Connect your Google Cloud account to cost management to track your cloud costs. You can use the cost management service to perform financially related tasks, such as:
- Visualizing, understanding, and analyzing the use of resources and costs
- Forecasting your future consumption and comparing them with budgets
- Optimizing resources and consumption
- Identifying patterns of usage for further analysis
- Integrating with third-party tools that can benefit from cost and resourcing data
3.3.2. RHEL management bundle
Connect your Google Cloud account to the RHEL management bundle in the Hybrid Cloud Console to use your Red Hat product subscriptions on Google Cloud.
The RHEL management bundle grants access to additional capabilities which are useful to deploying Red Hat products on the public cloud, including:
- Red Hat gold images: You can use Red Hat cloud images in Google Cloud and bring your own subscription instead of paying hourly.
Autoregistration: This allows cloud instances to automatically connect to console.redhat.com when provisioned so you can use Red Hat Lightspeed services.
ImportantTo use RHEL management, you must enable Simple Content Access. See the Red Hat Knowledge Article Simple Content Access for more information.
3.3.3. Adding a Google Cloud account as a cloud integration
You can connect your Google Cloud account to the Red Hat Hybrid Cloud Console as a cloud integration so that you can use your Google Cloud data with Hybrid Cloud Console services. After adding your Google Cloud integration, you can view and manage your Google Cloud and other integrations from the Integrations page in the Hybrid Cloud Console.
Prerequisites
You are logged in to the Red Hat Hybrid Cloud Console as an Organization Administrator or as a user with Cloud Administrator permissions.
NoteYou cannot log in to the Hybrid Cloud Console with your email address unless your email address is the same as your Red Hat login. For more information, see Finding your login.
- You have access to a Google Cloud account that you want to use with the Hybrid Cloud Console.
Procedure
- Go to Settings > Integrations and select the Cloud tab.
- Click Add integration to open the Add a cloud integration wizard. If this is the first integration you are adding, skip this step.
- Select Google Cloud, and then click Next.
- Enter a descriptive name for the integration, for example, my_gcp_integration, and then click Next.
- Optional: Select a service to connect with Google Cloud. You can choose to create the integration without selecting a service. You can connect Hybrid Cloud Console services after you create the Google Cloud integration.
- Click Next.
Follow the instructions in the integration wizard.
NoteIf you selected Cost Management, see Integrating Google Cloud data into cost management for detailed instructions.
- On the Review details page, review the details of the integration and then click Add. Your Google Cloud integration is added to the Hybrid Cloud Console.
Verification
- Go to the Integrations page, and select the Cloud tab.
- Confirm that your Google Cloud integration is listed and the status is Ready.
Chapter 4. Adding Red Hat integrations to the Hybrid Cloud Console
You can connect your Red Hat OpenShift Container Platform environment to the Red Hat Hybrid Cloud Console as a cloud integration, so that the cost management service on the Hybrid Cloud Console can use data from your environment to track your cloud costs.
You can use the cost management service to perform financially related tasks, such as:
- Visualizing, understanding, and analyzing the use of resources and costs
- Forecasting your future consumption and comparing them with budgets
- Optimizing resources and consumption
- Identifying patterns of usage for further analysis
- Integrating with third-party tools that can benefit from cost and resourcing data
For Red Hat OpenShift Container Platform 4.6 and later, install the costmanagement-metrics-operator from the OpenShift Container Platform web console. For more information, see Integrating OpenShift Container Platform data into cost management.
4.1. Adding an OpenShift Container Platform integration
You can connect your Red Hat OpenShift Container Platform environment to the Red Hat Hybrid Cloud Console as an integration so that you can use OpenShift Container Platform data with cost management. After adding the integration, you can view and manage your OpenShift Container Platform and other integrations from the Integrations page in the Hybrid Cloud Console.
Prerequisites
You are logged in to the Red Hat Hybrid Cloud Console as an Organization Administrator or as a user with Cloud Administrator permissions.
NoteYou cannot log in to the Hybrid Cloud Console with your email address unless your email address is the same as your Red Hat login. For more information, see Finding your login.
- You have access to an OpenShift Container Platform environment that you want to use with the Hybrid Cloud Console.
Procedure
- Go to Settings > Integrations.
- Select the Red Hat tab.
- Click Add integration to open the integrations wizard. If this is the first integration you are adding, skip this step.
- Select Red Hat OpenShift Container Platform, and then click Next.
- Enter a descriptive name for the integration, for example, my_ocp_integration, and then click Next.
- Select Cost Management as the application, and then click Next.
-
To install and configure the
costmanagement-metrics-operator, use the steps in the wizard, and then click Next. Refer to Integrating OpenShift Container Platform data into cost management for additional information. - Enter the Cluster Identifier, and then click Next.
- Review the integration details, and then click Add to finish adding the integration.
Verification
- Go to the Integrations page, and select the Red Hat tab.
- Confirm that your OpenShift Container Platform integration is listed and the status is Ready.
Chapter 5. Managing integrations in the Hybrid Cloud Console
From the Integrations page, you can edit integrations, pause or resume data collection, or remove existing integrations from the Hybrid Cloud Console.
Prerequisites
You are logged in to the Red Hat Hybrid Cloud Console as an Organization Administrator or as a user with Cloud Administrator permissions.
NoteYou cannot log in to the Hybrid Cloud Console with your email address unless your email address is the same as your Red Hat login. For more information, see Finding your login.
- You have a cloud or Red Hat integration in the Hybrid Cloud Console.
Procedure
- Go to Settings > Integrations.
- Find the integration you want to edit under the Cloud or Red Hat tab.
Click the options icon (⋮) next to the integration and select one of the following tasks:
- Pause: Temporarily disable data collection for connected Hybrid Cloud Console services. If the integration is currently paused, click Resume to continue collecting data for connected services.
- Remove: Permanently delete the integration and all collected data from the Hybrid Cloud Console.
- Edit: View integration details and make changes to the integration configuration in the Hybrid Cloud Console. You can rename the integration, check its availability, connect additional services, or edit the configuration or remove connected services.
Verification
- Go to the Integrations page and confirm that your desired changes have been made.
Chapter 6. Cloud integrations reference material
See the following resources for more information about using your integrations with services in the Red Hat Hybrid Cloud Console.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}