How to enable AWS CloudWatch Custom Metrics – RAM, Diskspcae ..etc.

It is very important to enable custom metrics to determine the utilization of the EC2 instance as we get only CPU utilization, network and disc I/O’s by default.

Let’s see how to enable the custom metrics. We use the CWAgent which is introduced in 2017 for the custom metrics.

Below are steps to be followed for enabling custom metrics.

  • Create appropriate role.
  • Ensure outbound internet is enabled if not NAT/Endpoints/proxy must be enabled.
  • SSM service is installed and running (SSM is installed by default in windows).
  1. Role Creation: Create a EC2 role with below privileges (policies) so that we can run any command from SSM and pull the logs to cloudwatch.

While creating role for EC2 ensure to choose EC2 and choose the Ec2 Role for Simple Systems Manager under Select your use case as shown in the below picture. 

Hint: Do not choose “EC2” option which appears under “Allows EC2 instances to call AWS services on your behalf.” Rather select EC2 from the list of services. 

Choose EC2 Role for Simple Systems Manager from the use case 

 Click on “Next” and leave the proposesrd permissions as they are. 

Name the role as “CloudWatch-Custom-Metric-Windows”: 

 Add the required policies as this was not possible in the previous step. Below mentioned policies must be added to the role. 

  1. AmazonSSMFullAccess  
  2. AmazonEC2RoleforSSM (should be there by default)
  3. AmazonEC2ReadOnlyAccess    
  4. CloudWatchAgentPermissions: Copy and paste the below policy permissions 

Below custom policy needs to be created and attached to the role.

 
"Version": "2012-10-17",  

"Statement": [  {
"Sid": "CloudWatchAgentAdminPolicy",  
"Effect": "Allow",  
"Action": [  
"logs:CreateLogStream",  
"cloudwatch:PutMetricData",  
"ec2:DescribeTags",  
"logs:DescribeLogStreams",  
"logs:CreateLogGroup",  
"logs:PutLogEvents",  
"ssm:GetParameter",  
"ssm:PutParameter" ],  
"Resource": "*"  
   } 
 ] 
}

Attache the created role to the Windows EC2 instance.

2. From the EC2 dashboard, Choose Run command under Systems manager services.

Click on Run a command and choose AWS-ConfigureAWSPackage  

Action: install

Name: AmazonCloudWatchAgent

3. Start the CWAgent and configure the Json from the Parameter Store
From the EC2 Dashboard run a command – select AmazonCloudWatch-ManageAgent.

Choose the windows server(s) that you have installed CloudWatch agent.
— Action : configure
— Mode: Ec2
— optional configuration store : ssm
— Optional configuration location: << provide the name of the parameter store >>
— Optional restrat : Yes

Leave a Reply

Your email address will not be published. Required fields are marked *