diff --git a/README.md b/README.md index 3dc2e7f..f7e235d 100644 --- a/README.md +++ b/README.md @@ -28,6 +28,7 @@ Table of Contents | [Security and IAM](#security-and-iam) | [πŸ“—](#security-and-iam-basics) | [πŸ“˜](#security-and-iam-tips) | [πŸ“™](#security-and-iam-gotchas-and-limitations) | | [S3](#s3) | [πŸ“—](#s3-basics) | [πŸ“˜](#s3-tips) | [πŸ“™](#s3-gotchas-and-limitations) | | [EC2](#ec2) | [πŸ“—](#ec2-basics) | [πŸ“˜](#ec2-tips) | [πŸ“™](#ec2-gotchas-and-limitations) | +| [CloudWatch](#cloudwatch) | [πŸ“—](#cloudwatch-basics) | [πŸ“˜](#cloudwatch-tips) | [πŸ“™](#cloudwatch-gotchas-and-limitations) | | [AMIs](#amis) | [πŸ“—](#ami-basics) | [πŸ“˜](#ami-tips) | [πŸ“™](#ami-gotchas-and-limitations) | | [Auto Scaling](#auto-scaling) | [πŸ“—](#auto-scaling-basics) | [πŸ“˜](#auto-scaling-tips) | [πŸ“™](#auto-scaling-gotchas-and-limitations) | | [EBS](#ebs) | [πŸ“—](#ebs-basics) | [πŸ“˜](#ebs-tips) | [πŸ“™](#ebs-gotchas-and-limitations) | @@ -191,7 +192,7 @@ General Information - [Route 53](#route-53): DNS and domain registration - [VPC](#vpcs-network-security-and-security-groups): Virtual networking, network security, and co-location; you automatically use - [CloudFront](#cloudfront): CDN for hosting content - - [CloudWatch](https://aws.amazon.com/cloudwatch/): Alerts, paging, monitoring + - [CloudWatch](#cloudwatch): Alerts, paging, monitoring - **Managed services:** Existing software solutions you could run on your own, but with managed deployment: - [RDS](#rds): Managed relational databases (managed MySQL, Postgres, and Amazon’s own Aurora database) - [EMR](#emr): Managed Hadoop @@ -776,6 +777,47 @@ EC2 - πŸ”ΈAn IAM role can be assigned to an EC2 instance [only at launch time](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html). You cannot assign to a running instance. - Instance user-data is (limited to 16 KB)[http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-add-user-data](This limit applies to the data in raw form, not base64-encoded form). If more data is needed, it can be downloaded from S3 by a user-data script. +CloudWatch +------------------- + +### CloudWatch Basics + +* πŸ“’ [Homepage](https://aws.amazon.com/cloudwatch/) βˆ™ [Documentation](https://aws.amazon.com/documentation/cloudwatch/) βˆ™ [FAQ](https://aws.amazon.com/cloudwatch/faqs/) βˆ™ [Pricing](https://aws.amazon.com/cloudwatch/pricing/) +* **CloudWatch** monitors resources and applications, captures logs, and sends events. +* CloudWatch monitoring is the standard mechanism for keeping tabs on AWS resources. A wide range of [**metrics and dimensions**](http://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CW_Support_For_AWS.html) are available via CloudWatch, allowing you to create time based graphs, **[alarms](http://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html)**, and **[dashboards](http://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Dashboards.html)**. + * Alarms are the most practical use of CloudWatch, allowing you to trigger notifications from any given metric. + * Alarms can trigger [SNS notifications](http://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/ConsoleAlarms.html), [Auto Scaling actions](http://docs.aws.amazon.com/autoscaling/latest/userguide/policy_creating.html), or [EC2 actions](http://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/UsingAlarmActions.html). + * Publish and share graphs of metrics by creating [customizable dashboard views](https://aws.amazon.com/blogs/aws/cloudwatch-dashboards-create-use-customized-metrics-views/). + * Monitor and report on EC2 [instance system check failure alarms](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-system-instance-status-check.html#creating_status_check_alarms). +* **Using CloudWatch Events:** + * Events create a mechanism to automate actions in various services on AWS. You can create [event rules](http://docs.aws.amazon.com/AmazonCloudWatch/latest/events/EventTypes.html) from instance states, AWS APIs, Auto Scaling, Run commands, deployments or time-based schedules (think Cron). + * [Triggered events](http://docs.aws.amazon.com/AmazonCloudWatch/latest/events/CWE_GettingStarted.html) can can invoke Lambda functions, send SNS/SQS/Kinesis messages, or perform instance actions (terminate, restart, stop, or snapshot volumes). + * Custom payloads can be sent to targets in JSON format, this is especially useful when triggering Lambdas. +* **Using CloudWatch Logs:** + * [CloudWatch Logs](http://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/WhatIsCloudWatchLogs.html) is a streaming log storage system. By storing logs within AWS you have access to unlimited paid storage, but you also have the option of streaming logs directly to ElasticSearch or custom Lambdas. + * A [log agent installed](http://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_GettingStarted.html) on your servers will process logs over time and send them to CloudWatch Logs. + * You can [export logged data to S3](http://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/S3Export.html) or stream results to other AWS services. +* **Detailed monitoring:** [Detailed monitoring](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch-new.html) for EC2 instances must be enabled to get granular metrics, and is [billed under CloudWatch](https://aws.amazon.com/cloudwatch/pricing/). + +### CloudWatch Alternatives and Lock-In + +* CloudWatch offers fairly basic functionality that doesn't create significant (additional) AWS lock-in. Most of the metrics provided by the service can be obtained through APIs that can be imported into other aggregation or visualization tools or services (many specifically provide CloudWatch data import services). +* πŸšͺ Alternatives to CloudWatch monitoring services include [NewRelic](http://newrelic.com/), [Datadog](http://datadog.com/), [Sumo Logic](http://sumologic.com/), [Zabbix](http://zabbix.com/), [Nagios](http://nagios.org/), [Ruxit](http://ruxit.com/), [Elastic Stack](https://www.elastic.co/v5), open source options such as [StatsD](https://github.com/etsy/statsd) or [collectd](https://collectd.org/) with [Graphite](https://graphiteapp.org/), and many others. +* πŸšͺ CloudWatch Log alternatives include [Splunk](http://splunk.com/), [Sumo Logic](http://sumologic.com/), [Loggly](http://loggly.com/), [Logstash](https://www.elastic.co/products/logstash), [Papertrail](https://papertrailapp.com/), [Elastic Stack](https://www.elastic.co/v5), and other centralized logging solutions. + +### CloudWatch Tips + +* Some very common use cases for CloudWatch are **[billing alarms](http://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/monitor_estimated_charges_with_cloudwatch.html)**, **instance** **or [load balancer up/down alarms](http://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-cloudwatch-metrics.html)**, and **disk usage alerts**. +* You can use [EC2Config](http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/UsingConfig_WinAMI.html#send_logs_to_cwl) to monitor watch memory and disk metrics on Windows platform instances. +* You can [publish your own metrics](http://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/publishingMetrics.html) using the AWS API. [Incurs additional cost](https://aws.amazon.com/cloudwatch/pricing/). +* You can stream directly from CloudWatch Logs to a Lambda or ElasticSearch cluster by creating [subscriptions](http://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Subscriptions.html) on Log Groups. +* Don't forget to take advantage of the [CloudWatch non-expiring free tier](https://aws.amazon.com/free/#Amazon_CloudWatch). + +### CloudWatch Gotchas and Limitations + +* πŸ”ΈYou can not use [more than one metric for an alarm](https://forums.aws.amazon.com/thread.jspa?threadID=94984). +* πŸ”ΈNotifications you receive from alarms will not have any contextual detail; they have only the specifics of the threshold, alarm state, and timing. + AMIs ----