There are security issues that must be considered when installing the Management Pack for AWS.

vRealize Operations Manager administrators can install a variety of management packs. VMware creates some management packs, while others are written by third party developers. Although adapters execute independently, they execute within a common runtime environment in the vRealize Operations Manager collector host. Java language security protects adapters from interference with other adapters, but all execute within the common JRE process trust zone. You should only load and use management packs that you have obtained from a publisher you trust. You should verify the management pack's code integrity before loading into vRealize Operations Manager.

You can verify the integrity of a management pack by generating an md5 or sha1 hash for the management pack's binary, and comparing it to the sha1 or md5 hash file accompanying the management pack binary.

Although adapters execute independently, they can make configuration changes to the collector host or Java runtime environment that can affect the security of other adapters. For example, at installation time an adapter can modify the list of trusted certificates. During execution, an adapter can change the TLS/SSL certificate validation scheme, and thereby change how other adapters validate certificates. The vRealize Operations Manager system and collector hosts do not isolate adapters beyond the natural isolation provided by Java execution. The system trusts all adapters equally.

Adapters are responsible for their own data security. When collecting data or making configuration changes to data sources, each adapter provides its own mechanisms and guarantees regarding the confidentiality, integrity, and authenticity of collected data.

The Management Pack for AWS relies on the AWS SDK for Java. The protocol used is https. There is currently no way to disable this and use http. The latest Javadoc for the AWS SDK can be found here: