DATADOG MULE® INTEGRATION
Configuration | Connected Apps
The Connected Apps permissions
The Datadog Mule® Integration relies on specific permissions within the MuleSoft Anypoint Platform to collect metrics. To grant these permissions, a Connected App is used. Follow the instructions in the official MuleSoft documentation to create a Connected App.
https://docs.mulesoft.com/access-management/connected-apps-overview
The Connected App has to be of the type App acts on its own behalf (client credentials).
The Datadog Mule Integration requires the "View Organization" permission to collect metrics.
Here's a breakdown of the required permissions for different set of metrics:
Access Management:
- READ APPLICATIONS
API Events:
This permission is solely for reading data from API Manager. Datadog Mule® Integration does not modify any modifications.
- API GROUP ADMINISTRATOR
- VIEW APIS CONFIGURATION
- VIEW POLICIES
API Manager:
This permission is solely for reading data from API Manager. Datadog Mule® Integration does not modify any modifications.
- API GROUP ADMINISTRATOR
- VIEW CONTRACTS
- VIEW POLICIES
ARM Monitoring Query:
- READ APPLICATIONS
- READ SERVERS
ARM Mule Agent:
This API needs on premise mule server and configure in conf.yaml.
ARM Rest Services
- READ ALERTS
- READ APPLICATIONS
- READ SERVERS
CloudHub:
This is only required to read data from CloudHub. Datadog Mule® Integration does not modify any asset.
- CLOUDHUB ORGANIZATION ADMIN
- READ ALERTS
Exchange Experience API:
This is only required to read data from Exchange. Datadog Mule® Integration does not modify any asset.
- EXCHANGE ADMINISTRATOR
INSIGHT:
This is only required to read data from CloudHub. Datadog Mule® Integration does not modify any asset.
- CLOUDHUB ORGANIZATION ADMIN
Object Store:
- MANAGE APPLICATION DATA
- STORES METRICS VIEWER
- MANAGE STORES DATA
- VIEW STORE CLIENTS
Object Store V2 Stats:
This is only required to read data from Object Store V2 statistics. Datadog Mule® Integration does not modify any asset. If these metrics are not desired, make sure you comment out this entry in the configuration file in instances .
- AN ADMINISTRATOR USER
- MANAGE STORES DATA
- STORE METRICS VIEWER
- VIEW STORE CLIENTS
Runtime Fabric:
- MANAGE RUNTIME FABRICS
- READ APPLICATIONS
The integration does not modify in any manner the assets in Anypoint Platform, those permissions are for read-only.
Full example
Below is a complete configuration example (with fake credentials and ids):
init_config:
hosts:
anypoint: https://anypoint.mulesoft.com
object_store_v2: https://object-store-us-east-1.anypoint.mulesoft.com
object_store_v2_stats: https://object-store-stats.anypoint.mulesoft.com
# mule_server: <ON_PREMISE_MULE_SERVER>
oauth_provider: https://anypoint.mulesoft.com/accounts/api/v2/oauth2/token
basic_auth_provider: https://anypoint.mulesoft.com/accounts/login
client_id: 035715123cbc31a123456a43143213f3
client_secret: bAc2345678C34aFF1aB1A12f5A245678
env_id: a3cc1234-4a24-125b-1a45-1c1aa1a13cad
org_id: ac2345aa-cc13-1367-bca1-b1234a2aa4aa
customer_key: a6a6-b5568ae854e5
connection_wait_time: 2
connection_attempts_num: 3
instances:
- min_collection_interval: 86400
threads: 32
api_filter:
- access_management
- min_collection_interval: 10
threads: 32
api_filter:
- arm_monitoring_query
- min_collection_interval: 10
threads: 32
api_filter:
- arm_mule_agent
- min_collection_interval: 10
threads: 32
api_filter:
- arm_rest_services
- min_collection_interval: 10
threads: 32
api_filter:
- cloudhub
- min_collection_interval: 60
threads: 32
api_filter:
- api_manager
- min_collection_interval: 60
threads: 32
api_filter:
- api_events
- min_collection_interval: 86400
threads: 32
api_filter:
- exchange_experience
- min_collection_interval: 60
threads: 32
api_filter:
- insight
- min_collection_interval: 86400
threads: 32
api_filter:
- object_store
- min_collection_interval: 86400
threads: 32
api_filter:
- object_store_v2_stats