# Find AMS account settings Find account settings Account settings that are used to create AMS RFCs, set schedules, and determine who receives notifications. Some settings are created during onboarding and require a service request to change. You should make a note of these account details because you will use them when communicating with AMS: + **Credentials**: If you need to retrieve your AMS user name or password, contact your local IT administrator--AMS uses your corporate Active Directory. + **Cloud Service Delivery Manager (CSDM)**: This person is your liaison with AMS and is available to answer service questions. You are given this person's contact information at onboarding and should keep it available to all in your organization who interact with AMS. You can expect to receive monthly reports on your AMS service from this person. + **Console access**: You access the AMS console at a URL set up specifically for your account. You can get the URL from your CSDM. + **AMS CLI**: You can obtain the AMS CLI through the AMS console **Developer's resources** page, or the distributables package that you get from your CSDM. After you have the distributables package, follow the steps outlined in [Installing or upgrading the AMS CLI](https://docs.aws.amazon.com/managedservices/latest/userguide/understand-sent-api.html#install-sent-cli). + **Maintenance window**: Your maintenance window determines when patching happens for your EC2 instances. The AWS Managed Services Maintenance Window (or Maintenance Window) performs maintenance activities for AWS Managed Services (AMS) and recurs the second Thursday of every month from 3 PM to 4 PM Pacific Time. AMS may change the maintenance window with 48 hours notice. You may have chosen a different window at onboarding--keep a record of your chosen maintenance window. + **Monitoring**: AMS provides a set of CloudWatch metrics by default, but you can also request additional metrics. If you do, keep record of those. + **Logs**: By default, your logs are stored at ams-a-*ACCOUNT\$1ID*-log-management-*REGION* where *REGION* is the region where the log was generated. + **Mitigation**: At onboarding, AMS records the mitigation action of your choice in case a malware attack against your resources is identified. For example, contact certain people. Keep this information available to all in your organization who interact with AMS. + **Region**: You can look at the VPC details page in the AMS console. You can also run this command after you have installed the AMS SKMS CLI (this command uses a SAML profile, remove if your authentication method is different): ``` aws --profile saml amsskms get-vpc --vpc-id VPC_ID ``` **Important** The AMS API/CLI (amscm and amsskms) endpoints are in the AWS N. Virginia Region, `us-east-1`. Depending on how your authentication is set, and what AWS Region your account and resources are in, you may need to add `--region us-east-1` when issuing commands. You may also need to add `--profile saml`, if that is your authentication method. # Find FQDNs in AMS Find FQDNs AWS Managed Services (AMS) access change types (CTs) require the fully qualified domain name, or FQDN, of your AMS-trusted domain, in the form of `C844273800838.amazonaws.com`. To discover your AWS FQDN, do one of the following: + AWS Console: Look in the AWS Directory Service console in the **Directory name** column. + CLI: Use these commands while logged into your domain: Windows (returns user and FQDN): ``` whoami /upn ``` or (DC\$1DC\$1DC=FQDN) ``` whoami /fqdn ``` Linux: ``` hostname --fqdn ``` **Note** The AMS API/CLI (amscm and amsskms) endpoints are in the AWS N. Virginia Region, `us-east-1`. Depending on how your authentication is set, and what AWS Region your account and resources are in, you may need to add `--region us-east-1` when issuing commands. You may also need to add `--profile saml`, if that is your authentication method. # Find availability zones (AZs) in AMS Find availability zones (AZs) **Availability Zone**: All accounts have at least two availability zones. To accurately find your availability zone names, you must first know the associated subnet ID. + AMS Console: In the navigation pane click **VPCs**, and then click the relevant VPC, if necessary. On the VPCs details page, select the relevant subnet in the table of subnets to open the subnet details page with the name of the associated availability zone. + AMS SKMS API/CLI: ``` aws amsskms list-subnet-summaries --output table ``` ``` aws amsskms get-subnet --subnet-id SUBNET_ID ``` **Note** The AMS API/CLI (amscm and amsskms) endpoints are in the AWS N. Virginia Region, `us-east-1`. Depending on how your authentication is set, and what AWS Region your account and resources are in, you may need to add `--region us-east-1` when issuing commands. You may also need to add `--profile saml`, if that is your authentication method. # Find SNS topics in AMS Find SNS topics Your SNS topics determine who is notified under various circumstances. AMS provides SNS topics for AMI notifications (see [AMS AMI notifications with SNS](https://docs.aws.amazon.com/managedservices/latest/userguide/ams-ami-notifications.html)), CloudWatch alarms and EC2 resources (see [Receiving alerts generated by AMS](https://docs.aws.amazon.com/managedservices/latest/userguide/sent-alert-views.html)) and more. To discover your existing SNS topics: + AWS Console: Use the SNS console to view all topics, applications, and subscriptions, and a graph of messages. Also create, delete, subscribe to, and publish to topics. + API/CLI (when logged into your AMS account, requires the AWS CLI): List your SNS topics: ``` aws sns list-topics ``` List your SNS subscriptions: ``` aws sns list-subscriptions ``` **Note** The AMS API/CLI (amscm and amsskms) endpoints are in the AWS N. Virginia Region, `us-east-1`. Depending on how your authentication is set, and what AWS Region your account and resources are in, you may need to add `--region us-east-1` when issuing commands. You may also need to add `--profile saml`, if that is your authentication method. # Find backup settings in AMS Find backup settings Backups and snapshots are managed by AMS through the native [AWS Backup](https://aws.amazon.com/backup/) service. The configuration is managed through AWS Backup plans. You can have multiple AWS Backup plans that associate tagged resources with backup schedules and retention policies. To find your AMS account AWS Backup settings, use the [https://console.aws.amazon.com/backup](https://console.aws.amazon.com/backup) console, or the *AWS CLI Command Reference* for [backup](https://docs.aws.amazon.com/cli/latest/reference/backup/index.html) commands. For more information about AMS and AWS Backup, see [Continuity Management](https://docs.aws.amazon.com/managedservices/latest/userguide/continuity-mgmt.html).