As a minimum, an Amazon AWS EC2-based Virtual Machine running Windows and SQL Server require the following configurations in place for a Foglight SQL Server and Infrastructure agents to be able to monitor the instance and machine.
A security group configured to use the Microsoft SQL Server port (e.g. TCP 1433), Remote Desktop Protocol (RDP TCP 3389).
For OS monitoring the Amazon-based Windows virtual machine should be configured to use WinRM port openings (i.e. 5985, 5986, 80, or 443) or WMI as per KB article 185163
. Additional firewall rules and endpoints may be required for the SSL WinRM connections or the use of WMI (see KB 85747