reference deployment

New Relic AWS Control Tower Integration on AWS

Deploy an AWS Control Tower–managed multiaccount environment

This Partner Solution helps you automate New Relic’s Amazon Web Services (AWS) integration in an AWS Control Tower–managed multiaccount environment (landing zone). When you deploy this Partner Solution to your AWS Control Tower–management account, new accounts in your landing zone are automatically integrated with New Relic.

This Partner Solution is for developers, DevOps, cloud administrators, and system integrators who want to streamline the integration of New Relic with AWS Control Tower.

This Partner Solution was developed by New Relic in collaboration with AWS. New Relic is an AWS Partner.

  •  What you'll build
  • Use this Partner Solution to automatically set up the following New Relic environment on AWS.

    • An account administrator enrolls new or existing AWS accounts in AWS Control Tower, which generates a lifecycle event.
    • The lifecycle event invokes the New Relic StackSet Lambda function via an Amazon EventBridge rule.
    • The New Relic StackSet Lambda function invokes the New Relic register Lambda function via Amazon Simple Notification Service (Amazon SNS) and provides input for the New Relic StackSet.
    • A dead letter queue collects messages that the New Relic register Lambda function fails to process.
    • A NerdGraph API key secret is retrieved from AWS Secrets Manager (not shown). The New Relic register Lambda function calls the New Relic NerdGraph mutation endpoint to link your AWS account with your New Relic account.
    • An onboarding Lambda function invokes the stack SNS topic and provides input to the New Relic StackSet Lambda function. 
    • The New Relic StackSet creates a New Relic AWS Identity and Access Management (IAM) cross-account role.
  •  How to deploy
  • To build your New Relic environment on AWS, follow the instructions in the deployment guide. The deployment process takes about 5 minutes and includes these steps:

    1. Sign in to your AWS account. If you don't have an AWS account, sign up at
    2. Launch the Partner Solution. Choose the Region from the top toolbar before creating the stack.
    3. Test the deployment.

    Amazon may share user-deployment information with the AWS Partner that collaborated with AWS on this solution.  

  •  Cost and licenses
  • You are responsible for the cost of the AWS services and any third-party licenses used while running this Partner Solution reference deployment. There is no additional cost for using this Partner Solution.

    The AWS CloudFormation templates for Partner Solutions include configuration parameters that you can customize. Some of the settings, such as the instance type, affect the cost of deployment. For cost estimates, see the pricing pages for each AWS service you use. Prices are subject to change.

    Tip: After you deploy the Partner Solution, create AWS Cost and Usage Reports to track costs associated with the Partner Solution. These reports deliver billing metrics to an Amazon Simple Storage Service (Amazon S3) bucket in your account. They provide cost estimates based on usage throughout each month and aggregate the data at the end of the month. For more information, see What are AWS Cost and Usage Reports?

    This Partner Solution requires a New Relic license key. You can create an account using the New Relic One pricing plan. Ensure that you choose a Standard, Pro, or Enterprise plan for access to administrator features and support. Alternatively, you can sign up for a free New Relic account in AWS Marketplace.