CloudWatch Alarms – CloudWatch and CloudWatch Metrics – SCS-C02 Study Guide

CloudWatch Alarms

With the metrics that CloudWatch provides, the service also allows you to monitor metrics and events that can automatically initiate actions (such as sending out an SNS notification) when certain conditions are met, in near real time. CloudWatch alarms can be used for a multitude of purposes, including detecting unusual behavior or performance issues with your AWS resources.

A metric alarm monitors a specific metric of CloudWatch. It has a threshold set for monitoring when initially created. These thresholds define the values of when the alarm will be triggered and are based on the metrics that you specify, such as CPU utilization, network traffic, or available disk space. Additionally, initial monitoring periods allow for a grace period after the alarm is created, during which nothing is triggered.

When you create a metric alarm, you select a CloudWatch metric, set a threshold value for the metric, and specify the actions to be taken when the threshold is breached. These actions can include sending a notification, initiating an automatic scaling process, or executing a specific AWS Lambda function. You can also use CloudWatch alarms to perform autoscaling actions such as adding more EC2 instances or removing extra EC2 instances from autoscaling groups. Alarm actions also enable you to perform Systems Manager actions such as running command documents.

For example, if you are monitoring the CPU utilization of an EC2 instance, you can create a metric alarm to trigger when the CPU utilization exceeds a certain percentage. This can help you identify potential performance issues or bottlenecks in your application.

Knowing a few facts about CloudWatch alarms can help you when taking the AWS Security Specialty exam. You probably will not be tested on these concepts directly in a question. However, the knowledge of these facts may be indirectly incorporated into a question on the exam. The following are a few key facts to remember about AWS CloudWatch alarms:

  • Alarm names can only comprise ASCII characters.
  • You can create up to 5,000 alarms per Region per account.
  • You can add alarms to CloudWatch dashboards.
  • You can test alarms by using the SetAlarmState setting (to either engage or disengage the alarm).
  • The CloudWatch service saves alarm history for 14 days.

Next, you will go through the process of creating a CloudWatch alarm.

Creating a CloudWatch Alarm

If you completed the previous exercise, you already have an EC2 instance that is being monitored by the CloudWatch service. In the upcoming steps, you will use this instance to create the CloudWatch alarm:

  1. Open up your terminal to execute the following commands using the AWS CLI.
  2. First, create a topic with SNS, as follows:

aws sns create-topic –name alarm-test

If the topic has been created successfully, you should see a return on your screen as shown here:

————————————————————–

| CreateTopic |

+———-+————————————————-+

| TopicArn| arn:aws:sns:us-east-2:123456789012:alarm-test |

+———-+————————————————-+

  • After creating your topic, you need to subscribe to the topic using your email address. This way, when the alarm is triggered, you will be notified. Subscribe using the following command:

aws sns subscribe \

–topic-arn {ARN} \

–protocol email \

–notification-endpoint securitycert@packtpub.com

This should now give you feedback letting you know that the subscription is pending until you confirm it.

  • Now go to your email account and find the email the SNS service sent. There will be a link in the email that says Confirm Subscription. Click on it.

The prerequisites have been met for creating and subscribing to the topic.

  • Now, return to the AWS Management Console and proceed to the EC2 service. Once on the EC2 main dashboard, click the Instances link on the left-hand menu or in the main window. This will bring up the list of instances currently running in your selected Region. Find the instance you created in the previous exercise named CloudWatch and copy the InstanceID value.
  • In a new tab, navigate to the CloudWatch service in AWS. On the left-hand menu, find the Alarms heading and click to expand to see the submenu items. When the submenu has expanded, click on the All alarms option to be taken to the Alarms screen.

Figure 8.15: Alarms section under CloudWatch menu

  • Now that you are on the Alarms page, click the orange button labeled Create Alarm to create a new alarm. This will bring up the prompts for the alarm creation.
  • Click on the Select metric button. This will bring up a dialog to choose the metric. Click on EC2 to be brought into the EC2 metric.

Figure 8.16: Metrics selection screen

  • Once in the EC2 metric, paste the InstanceID value you copied in step 5 in the search box. This will bring up a link to the Per-Instance metrics for this instance. Click on this link.
  • Scroll down and click on the box next to the metric named CPUUtilization. Once this is selected, press the Select metric button.

Figure 8.17: Metrics selection screen

You should now be on the Specify metric and conditions page. You will be shown a graph of the latest percentage of the CPU utilization being used for the instance.

  1. Scroll down the page until you reach the heading labeled Conditions. Keep the threshold as Static. Keep the alarm condition as Greater. Set the value to 0.05. Once you have set these values, click the Next button.

Figure 8.18: Conditions selection screen for CloudWatch alarms

  1. On the Configure actions page, you can now add the SNS topic that you created at the beginning of this exercise. In the Notification box, keep the default settings of In alarm and then click on the search box under the Send a notification heading to reveal your SNS topics in the current Region. Once you have selected your SNS topic, scroll to the bottom of the page and click on the Next button.
  2. The next page will be named Add name and description. Name your alarm something that is meaningful, such as Chapter8-test. Click on the Next button at the bottom of the page once you have entered the page.
  3. Finally, you will be brought to the Preview and create page. Review the information as you scroll down the page. If all of the information seems correct, press the Create alarm button at the bottom of the page.

You just created an alarm based on the metrics being monitored by CloudWatch. The next section will detail how those metrics can be displayed graphically using CloudWatch dashboards.