With the metrics that CloudWatch provides, the service also allows you to monitor metrics and events that can automatically initiate actions (such as sending out an SNS notification) when certain conditions are met, in near real time. CloudWatch alarms can be used for a multitude of purposes, including detecting unusual behavior or performance issues with your AWS resources.
A metric alarm monitors a specific metric of CloudWatch. It has a threshold set for monitoring when initially created. These thresholds define the values of when the alarm will be triggered and are based on the metrics that you specify, such as CPU utilization, network traffic, or available disk space. Additionally, initial monitoring periods allow for a grace period after the alarm is created, during which nothing is triggered.
When you create a metric alarm, you select a CloudWatch metric, set a threshold value for the metric, and specify the actions to be taken when the threshold is breached. These actions can include sending a notification, initiating an automatic scaling process, or executing a specific AWS Lambda function. You can also use CloudWatch alarms to perform autoscaling actions such as adding more EC2 instances or removing extra EC2 instances from autoscaling groups. Alarm actions also enable you to perform Systems Manager actions such as running command documents.
For example, if you are monitoring the CPU utilization of an EC2 instance, you can create a metric alarm to trigger when the CPU utilization exceeds a certain percentage. This can help you identify potential performance issues or bottlenecks in your application.
Knowing a few facts about CloudWatch alarms can help you when taking the AWS Security Specialty exam. You probably will not be tested on these concepts directly in a question. However, the knowledge of these facts may be indirectly incorporated into a question on the exam. The following are a few key facts to remember about AWS CloudWatch alarms:
Next, you will go through the process of creating a CloudWatch alarm.
If you completed the previous exercise, you already have an EC2 instance that is being monitored by the CloudWatch service. In the upcoming steps, you will use this instance to create the CloudWatch alarm:
aws sns create-topic –name alarm-test
If the topic has been created successfully, you should see a return on your screen as shown here:
————————————————————–
| CreateTopic |
+———-+————————————————-+
| TopicArn| arn:aws:sns:us-east-2:123456789012:alarm-test |
+———-+————————————————-+
aws sns subscribe \
–topic-arn {ARN} \
–protocol email \
–notification-endpoint securitycert@packtpub.com
This should now give you feedback letting you know that the subscription is pending until you confirm it.
The prerequisites have been met for creating and subscribing to the topic.
Figure 8.15: Alarms section under CloudWatch menu
Figure 8.16: Metrics selection screen
Figure 8.17: Metrics selection screen
You should now be on the Specify metric and conditions page. You will be shown a graph of the latest percentage of the CPU utilization being used for the instance.
Figure 8.18: Conditions selection screen for CloudWatch alarms
You just created an alarm based on the metrics being monitored by CloudWatch. The next section will detail how those metrics can be displayed graphically using CloudWatch dashboards.