Amorphic Application Management is a platform that provides capabilities for managing and monitoring applications. The specific capabilities are:
Overview
Logs Retention Period
With Cloudwatch log feature, Admins can set retention
period(in days) for the generated logs. If the retention period is specified as X days, it means that all logs older than
X days from the time of it's creation will be deleted eventually. In this manner, Admins can try to reduce the cost of storage for these logs. To learn more, read AWS Cloudwatch logs
This feature can only be used by Admins.
Currently, retention policy is being applied on almost all logs generated through Amorphic services except a few like
DMS Tasks, ETL Glue Jobs, etc.
By default no retention policy is set. Minimum retention period(days) allowed is 1 Day.
The given below API is used to set/retrieve retention period for logs:-
- /logs-retention-period
- GET -- Returns retention period for the logs. If
N/Ais returned, that means logs will be retained forever. - PUT -- Set the new retention period of logs to
Xdays as provided by user. Please note that it takes around 24 hours for the retention period to get updated.
- GET -- Returns retention period for the logs. If
API Process (Request and Payload Details)
-
To retrieve retention period of logs
/logs-retention-period & GET method
Body/QueryParameter (NOT Required)
-
To set/update retention period of logs
/logs-retention-period?period=days & PUT method
QueryParameter (Required):
periodBody (NOT Required)
Please replace variables enclosed in {} with the corresponding values (Ex: days should be replaced with a valid number).
Allowed values for retention period are - ['Never Expire', '1 day', '3 days', '5 days', '1 week', '2 weeks', '1 month', '2 months', '3 months', '4 months', '5 months', '6 months','12 months', '13 months', '18 months', '2 years', '3 years', '5 years', '6 years', '7 years', '8 years', '9 years', '10 years']
N/A is equivalent to 0 days. That means logs will be stored forever.
Whitelisted Domains
A Whitelisted Domains feature is provided to control access to specific resources or applications. This feature allows the admin or users to edit a list of domains that are approved or authorized for access to a system or network. So, only users from specific domains are allowed to register for the application, while blocking access from all other domains.
For example, user might specify that only employees at your company (with email addresses ending in "@yourcompany.com") can access the application, and block access from all other domains. This ensures that only authorized users can access the application and protect your data.
Whitelisted Proxy Domains
Admin can view and update the whitelisted Proxy Domains from the Amorphic interface, restricting network access exclusively to specified domains. This feature empowers users with precise control over domain access.
The following domains are whitelisted by default for AWS service communication:
- .amazoncognito
- .aws.amazon.com
- .amazonaws.com
Additional domains that may need to be whitelisted based on your usage:
| Domain | Purpose | When Required |
|---|---|---|
| GitLab, GitHub, Bitbucket | Code repository access | When using code repositories in internet-disabled notebook datalabs |
| api.aws | Cost management | Automatically added if cost management is enabled |
| API custom domain | FIPS compliance | Automatically added if FIPS is enabled |
| .flexview.ai | Health Imaging | To view medical images in Health Imaging |
| .api.openai.com | AI/IDP applications | When using OpenAI models in applications |
| pypi.org, files.pythonhosted.org | Python package installation | When installing additional Python packages in IDP Process Flow custom scripts |
Modifying the whitelisted proxy domains will cause the app to be unavailable for sometime(upto 1 minute). Please refresh the page after 1 minute to get the list of updated proxy domains.
Whitelisted IPs
Admins can view and update the whitelisted IPv4 and IPv6 addresses from the Amorphic interface, granting network access only to specific IP addresses. This feature provides the ability to control access.
S3 Object Versioning Management
With S3 Object Versioning Management feature, Admins can enable automated deletion of S3 objects(non-current version) based on usage, providing cost-effective storage management.
By default, all non-current/previous versions of objects stored in S3 buckets will be retained indefinitely, which means RetainForever is set to yes.
By setting the RetainForever flag as no, administrators can specify a retention period (in days) for previous object versions in all S3 buckets created by the Amorphic application. This allows administrators to control the lifecycle of these versions and enforce the specified retention period across all buckets.
If a retention period of X days is specified, any non-current/previous object versions that are older than X days from the time they became non-current will eventually be deleted.
The minimum and maximum allowed retention periods are 1 and 3650 days, respectively.
To enhance the troubleshooting process for the S3 Object Versioning Management feature, an email notification can be configured to send a detailed report to all `subscribed(email alerts)`` administrators.
This report will provide comprehensive information about each S3 bucket, enabling admins to quickly identify and address any issues or anomalies.
The email notification should include the following details in a tabular format:
Resource Type: The type of AWS resource for which the report is generated.
Resource Name: The name of the S3 bucket for which the report is generated.
Message: Success/Error message with appropriate retention period details for troubleshooting. In case of any error for any bucket, admin needs to retry updating the retention period.
To learn more, read AWS S3 Delete Object Versions
Please note that this feature only applies when "Bucket Versioning" is enabled within the application, and it can only be utilized by administrators.
Notebook Instances
Admins can now make changes to the list of permitted Notebook Instance Types. With every fresh deployment, the Amorphic set of default instances are filled up automatically. This can be modified by admins to better suit their production environment.
Application Tags
Application tags feature enables Admins to view and update custom tags that are applied across Amorphic-created AWS resources. These tags will be used to group and identify the AWS resources created by the application, which can be helpful for generating monitoring and billing information.
Please note that application tags should be unique(Case Insensitive).
Application Log Level (API Only Feature) (Beta)
This functionality enables admins to control the logs emitted by the backend Amorphic lambda functions. It is defaulted to INFO and can be set to any of DEBUG, INFO, WARNING, ERROR or CRITICAL.
This is a system-wide change, and there may be a slight delay for the updated log levels to reflect in the application logs, typically a few minutes.
API:
PUT /system-configs?config=log-level
{
"LogLevel": "DEBUG | INFO | WARNING | ERROR | CRITICAL"
}
For version 3.0, this feature is currently in preview mode. It will be fully implemented in all application lambdas in the upcoming releases.
User Agreements
User Agreements in Amorphic helps user create up-to-date agreements with the latest terms and conditions for their application.
How to Create User Agreement?
- Click on
User Agreementstab underManage - > Administration -> Application Management - Click on
+ Create User Agreement - Fill in required fields shown in the table below
| Attribute | Description |
|---|---|
| User Agreement Name | Name of the user agreement |
| Description | Description of the user agreement |
| Terms Of Use | Terms of service of the user agreement, should be provided in markdown (md) format. Click here for basic syntax of markdown format. |
After creating a successful user agreement, users must accept the Terms and Conditions again on the next login activity in order to continue using the Amorphic application. If no user agreement is created, the default user agreement will load upon application login and users must accept the Terms and Conditions.
A user agreement is displayed at app login, which must be accepted to use Amorphic.
Mail Servers
Mail servers in Amorphic play a crucial role in delivering application notification messages to users. Amorphic Notifications offers the facility to select a delivery service for sending out application notifications. Mail Servers is one such option, allowing organizations to use their own SMTP mail servers for delivering messages in a more compliant manner.
The Amorphic Mail Server section offers the following features:
- Listing all existing mail server configurations in the system.
- Viewing an existing mail server configuration.
- Enabling or disabling an existing mail server configuration.
- Updating an existing mail server configuration.
- Deleting an existing mail server configuration.
How to create a mail server?
To create an SMTP mail server configuration in Amorphic:
- Click on
Mail Serverstab underManage - > Administration -> Application Management - Click on
+ Create Mail Server - Fill in the fields shown in the table below:
| Type | Description |
|---|---|
| Mail Server Name | Server Name, which uniquely identifies the registered Server. |
| Description | A brief description about the mail server. |
| Port | Port number on which the SMTP server is hosted. |
| Username | User name of the SMTP Server for authentication |
| Password | Password of the SMTP server for authentication |
| Enable Server | Toggle 'Yes' or 'No' depending on the organization policy to use the current mail configuration to send notifications |
| Account Email | The 'From' email address used while sending notifications. |
Custom Email Subscriptions
Using the Custom Notifications feature, users can access the list of custom emails utilized within Amorphic. These emails are linked to multiple amorphic resources to receive alerts regarding various actions taken at resource level. The user will have the capability to observe all the resources to which the custom email is connected. Additionally, the user has the option to remove the custom email from the system.
