Monitoring memory usage in AWS CloudWatch for Windows instance

amazon-web-services amazon-ec2 monitoring amazon-cloudwatch
prudhvi picture prudhvi · Dec 26, 2016 · Viewed 18.2k times · Source

By default, memory usage isn’t monitored by CloudWatch. So I tried to add it to my Windows instance in AWS using these instructions.

This is what I did:

  1. I created a user named custom-metrics-user. Then I stored the access and secret key.

  2. I created and attached an Inline Policy to the user. it looks like this: 

    { 
  "Version": "2012-10-17", 
  "Statement": [ 
    { 
      "Effect": "Allow", 
      "Action": ["cloudwatch:PutMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "ec2:DescribeTags"], 
      "Resource": "*" 
    } 
  ] 
}

  3. I launched a Windows Instance [2012 R2 Base AMI]. After accessing the instance through RDP, I found that the AWS.EC2.Windows.CloudWatch.json file is already present.

  4. I changed that .json file accordingly. After changing it, it looks like this: 

    {
    "EngineConfiguration": {
        "PollInterval": "00:00:15",
        "Components": [
            {
                "Id": "ApplicationEventLog",
                "FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
                "Parameters": {
                    "LogName": "Application",
                    "Levels": "1"
                }
            },
            {
                "Id": "SystemEventLog",
                "FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
                "Parameters": {
                    "LogName": "System",
                    "Levels": "7"
                }
            },
            {
                "Id": "SecurityEventLog",
                "FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
                "Parameters": {
                "LogName": "Security",
                "Levels": "7"
                }
            },
            {
                "Id": "ETW",
                "FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
                "Parameters": {
                    "LogName": "Microsoft-Windows-WinINet/Analytic",
                    "Levels": "7"
                }
            },
            {
                "Id": "IISLog",
                "FullName": "AWS.EC2.Windows.CloudWatch.IisLog.IisLogInputComponent,AWS.EC2.Windows.CloudWatch",
                "Parameters": {
                    "LogDirectoryPath": "C:\\inetpub\\logs\\LogFiles\\W3SVC1"
                }
            },
            {
                "Id": "CustomLogs",
                "FullName": "AWS.EC2.Windows.CloudWatch.CustomLog.CustomLogInputComponent,AWS.EC2.Windows.CloudWatch",
                "Parameters": {
                    "LogDirectoryPath": "C:\\CustomLogs\\",
                    "TimestampFormat": "MM/dd/yyyy HH:mm:ss",
                    "Encoding": "UTF-8",
                    "Filter": "",
                    "CultureName": "en-US",
                    "TimeZoneKind": "Local"
                }
            },
            {
                "Id": "PerformanceCounter",
                "FullName": "AWS.EC2.Windows.CloudWatch.PerformanceCounterComponent.PerformanceCounterInputComponent,AWS.EC2.Windows.CloudWatch",
                "Parameters": {
                    "CategoryName": "Memory",
                    "CounterName": "Available MBytes",
                    "InstanceName": "",
                    "MetricName": "Memory",
                    "Unit": "Megabytes",
                    "DimensionName": "InstanceId",
                    "DimensionValue": "{instance_id}"
                }
            },
            {
                "Id": "CloudWatchLogs",
                "FullName": "AWS.EC2.Windows.CloudWatch.CloudWatchLogsOutput,AWS.EC2.Windows.CloudWatch",
                "Parameters": {
                    "AccessKey": "",
                    "SecretKey": "",
                    "Region": "us-east-1",
                    "LogGroup": "Default-Log-Group",
                    "LogStream": "{instance_id}"
                }
            },
            {
                "Id": "CloudWatch",
                "FullName": "AWS.EC2.Windows.CloudWatch.CloudWatch.CloudWatchOutputComponent,AWS.EC2.Windows.CloudWatch",
                "Parameters": 
                {
                    "AccessKey": "AKIAIK2U6EU675354BQ",
                    "SecretKey": "nPyk9ntdwW0y5oaw8353fsdfTi0e5/imx5Q09vz",
                    "Region": "us-east-1",
                    "NameSpace": "System/Windows"
                }
            }
        ],
        "Flows": {
            "Flows": 
            [
                "PerformanceCounter,CloudWatch"
            ]
        }
    } 
}

  5. I enabled CloudWatch Logs integration under EC2ConfigSettings.

  6. I restarted the EC2Config Service.

I got no errors but the Memory metric isn't being shown in the Cloud Watch console. The blog says to wait for 10-15 minutes for the metric to appear, but it has already been an hour since I have done it. What’s going wrong?

Answer

Mahdi picture Mahdi · Dec 27, 2016

First, you need to add an IAM role to your instance:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "AllowAccessToSSM",
            "Effect": "Allow",
            "Action": [
                "cloudwatch:PutMetricData",
                "logs:CreateLogGroup",
                "logs:CreateLogStream",
                "logs:DescribeLogGroups",
                "logs:DescribeLogStreams",
                "logs:PutLogEvents"
            ],
            "Resource": [
                "*"
            ]
        }
    ]
}

Note that you cannot add a role to an existing instance. So do it before launching. Then you need to configure the EC2Config file (normally) accessible via the following path:

C:\Program Files\Amazon\Ec2ConfigService\Settings.AWS.EC2.Windows.CloudWatch.json

You should add the following block to the JSON file:

...

{
    "Id": "PerformanceCounter",
    "FullName": "AWS.EC2.Windows.CloudWatch.PerformanceCounterComponent.PerformanceCounterInputComponent,AWS.EC2.Windows.CloudWatch",
    "Parameters": {
        "CategoryName": "Memory",
        "CounterName": "Available MBytes",
        "InstanceName": "",
        "MetricName": "Memory",
        "Unit": "Megabytes",
        "DimensionName": "InstanceId",
        "DimensionValue": "{instance_id}"
    }
}

...

{
    "Id": "CloudWatch",
    "FullName": "AWS.EC2.Windows.CloudWatch.CloudWatch.CloudWatchOutputComponent,AWS.EC2.Windows.CloudWatch",
    "Parameters": 
    {
        "AccessKey": "",
        "SecretKey": "",
        "Region": "eu-west-1",
        "NameSpace": "PerformanceMonitor"
    }
}

Do not forget to restart the EC2Config service on your server after changing the config file. You should be able to get the memory metrics after a couple of minutes in your CloudWatch console. The level of CloudWatch monitoring on your instance should also be set to detailed:

enter image description here

Update:

According to the documentation, you can now attach or modify an IAM role to your existing instance.

Related questions

Permission denied (publickey) when SSH Access to Amazon EC2 instance

I want to use my Amazon ec2 instance but faced the following error: Permission denied (publickey). I have created my key pair and downloaded .pem file. Given: chmod 600 pem file. Then, this command ssh -i /home/kashif/serverkey.pem ubuntu@…

Read More
Trying to SSH into an Amazon Ec2 instance - permission error

This is probably a stupidly simple question to some :) I've created a new linux instance on Amazon EC2, and as part of that downloaded the .pem file to allow me to SSH in. When I tried to ssh with: ssh …

Read More
Change key pair for ec2 instance

How do I change the key pair for my ec2 instance in AWS management console? I can stop the instance, I can create new key pair, but I don't see any link to modify the instance's key pair.

Read More