Automating the discovery of licensed software using AWS License Manager
Software license management often comes with the challenges of staying compliant, controlling overages, and managing vendor audits. Significant time and manual effort go into making sure that software license inventories are updated and ready for auditing. Bringing cloud infrastructure into the picture, with the ability to spin up virtual servers in minutes, means that managing licenses becomes even harder.
AWS License Manager is a one-stop solution for managing licenses across a variety of software vendors such as Microsoft, Oracle, IBM, SAP, and others. It helps customers to centrally track software license usage across their AWS and on-premises environments. At re:Invent 2019, we announced a new capability in License Manager that helps customers automatically discover new bring your own license (BYOL) software in their existing environments.
Previously, license administrators had to use a manual search-based mechanism to discover new licenses installed on their servers and instances. While this search-based mechanism provided customers the ability to centrally discover new licenses, customers asked AWS to reduce the manual effort for this. Now customers can specify the resources they’d like to track through their license rules. Based upon those rules, License Manager automatically discovers and accounts for licenses used in all of the matching environments. Administrators can also opt to receive notifications for any licensing rule violations.
In this blog post, we walk you through the process of setting up an automated discovery of licensed software using License Manager.
- Enable cross-account inventory discovery by linking your AWS Organizations accounts with the License Manager. For more information, see settings in AWS License Manager.
- Make sure that the AWS Systems Manager agent is installed and updated on all of the instances you want to track. Also make sure that instances are managed in Systems Manager Inventory. By running the latest version of Systems Manager agent, you ensure that you can collect metadata for all supported inventory types. For information about how to update Systems Manager agent by using State Manager, see automatically update Systems Manager agent.
- When you’ve installed the Systems Manager agent on your Amazon EC2 instances, or on any on-premises servers associated with your AWS account, these instances are called managed instances. A managed instance is any Amazon EC2 instance or server or virtual machine (VM) in your on-premises environment that has been configured for Systems Manager. If you want to track on-premises servers, make sure these are managed instances.
Option 1: Setting up automated discovery from within a license configuration
a. Create a license configuration
Now that we’ve got our desired EC2 instances and on-premises servers set up with the Systems Manager agent and discoverable in our inventory, let’s set up our license configurations.
The License Manager console provides range of features, including a list of license configurations. License configurations details include name, status, license type, licenses consumed, and account ID. Other information, such as the Amazon Resource Number (ARN) or whether the license count is enforced, can be added by clicking the gear icon.
In order to configure automated discovery of our licenses, we start with creating a license configuration. Here, we click on Create license configuration.
Make sure to review your license agreement terms carefully before creating a license configuration.
License configuration details
To create a license configuration, enter details, such as a name and optional description. You also have to specify how you want to track your license usage. This is important for BYOL licenses. You can find guidance for what option to use in your license agreement with your software vendor. There are a number of options, such as vCPUs, cores, sockets, or instances.
You can specify if your license configuration should track instances with AWS-provided licenses. AWS-provided licenses are acquired when you launch a new EC2 instance using any AWS provided Amazon Machine Images (AMI). For example, when launching an instance using the AWS Windows AMI, AWS provides the license for that instance. This can be optionally tracked in License Manager. We track them in this blog.
On to the fun part: setting up the automated discovery. Adding product information here, lets you set up the automatic tracking of Windows and SQL Server licenses on instances and servers from within the license configuration setup. Here we’ve selected SQL Server 2017. The other options are as follows:
Windows Server data center: 2008, 2008 R2, 2012, 2012 R2, 2016, 2019
Windows Server Standard: 2008, 2008 R2, 2012, 2012 R2, 2016, 2019
SQL Server: 2008, 2012, 2014, 2016, 2017
Oracle Database Options and packs on Amazon RDS: Active Data Guard, Label Security, Oracle Online Analytical Processing (OLAP), Diagnostic Pack for SQLT, Tuning Pack for SQLT
Oracle Database Editions on Amazon RDS: Standard Edition, Standard Edition One, Standard Edition Two, Enterprise Edition
Don’t worry if you are not able to find your product here. These are only shortcuts to help to get set up quickly. If you want License Manager to track a product that is not listed here, finish creating this license configuration without specifying a product, and then add the product information through Search inventory experience. We’ll walk through how to do that in the next section.
b. Check the consumed licenses in the license configurations
You can view the total licenses consumed for individual configurations under your list of license configurations.
c. Detailed license usage information in the License Manager dashboard
You can also view more detailed information of license usage through the built-in dashboard. Here you can see an overview of all of the license configurations you’ve created, license consumption, and enforcements.
If you click on any of the license configurations, you can get more specific information about your configurations. This information includes product details, associated AMIs, usage, tracked resources, and association errors.
Under tracked resources, you can find resources in your AWS account that match your product information. Tracked resources screen shows you the list of resources that are consuming licenses from your license configuration. The tracked resources list is useful to provide evidence of license usage at the time of licensing true-ups. You can see the details such as how many licenses are consumed, which AWS account the resource belongs to, and when you began tracking it.
License Manager helps you understand the status of your resources by identifying association errors between resources and license configurations. A couple of association error examples are:
1. Exceeding license usage means that a particular resource cannot be associated with a license configuration. For example, you’ve associated 10 out of 10 SQL Server licenses. But License Manager has discovered another SQL Server resource in your inventory, it creates an association error that says there is a resource that cannot be associated with that license configuration. This provides option for you to take appropriate action.
2. The resource with the association error does not match the license configuration rules. The resource has an allowed tenancy of shared, but the license configuration rule only manages licenses for resources with an allowed tenancy of Dedicated Host.
The list of errors helps you identify violations quickly and take appropriate steps to rectify the problem. These steps could include updating licensing count in the license configuration after getting more licenses, or stopping over usage of licenses. The association errors list also helps you easily identify any error caused due to wrong setup or permissions, so that you can correct them.
Option 2: Setting up automated discovery using the Search inventory
Creating license configurations provides a quick and efficient way to specify certain products for automated discovery. These products currently include Windows Server Standard, SQL Server, and Oracle Database on Amazon RDS. However, you can add any installed product to an existing license configuration using License Manager’s Search inventory.
a. Associate license configuration
For this section of the blog, we use a license configuration that is already created.
After you’ve successfully created your license configuration, click Search inventory in the left-hand menu. Search an installed product that you want to configure for an automated discovery. From the search results, select your desired EC2 instance or server and click the Associate license configuration button.
Associate license configuration
Click the drop-down menu and find the license configuration you’d like to associate the product information with. You see the product information for the instance or server underneath ‘Add product information.’ Click the radio button for the product.
Check the license usage on License Manager dashboard
You’ve successfully associated your desired product information with the license configuration. With that completed, License Manager tracks any managed instances or servers that you launch with that particular product information, as long as you have unused licenses available.
You can check your license usage through the License Manager dashboard.
There is no additional charge for AWS License Manager. You pay for AWS resources (for example, EC2 instances) whose licenses are managed in License Manager. Make sure to delete any resources that you do not plan to use in the future to avoid incurring costs.
Using the automated discovery capability of License Manager makes tracking and managing software licenses efficient. License administrators can now have peace of mind knowing that all new installs of their products are automatically tracked by AWS License Manager. They can also benefit from the alerts, if there are any violations detected. For more information on managing licenses using License Manager, refer to the service documentation.
About the Authors
Harshitha Putta is a Cloud Infrastructure Architect with AWS Professional Services in Seattle, WA. She is passionate about building innovative solutions using AWS services to help customers achieve their business objectives. She enjoys spending time with family and friends, playing board games and hiking.