Pre-requisites for Monitoring the AWS Cloud

The following pre-requisites are to be satisfied while you start monitoring the AWS Cloud models:

  • Since the AWS  Cloud can be monitored only in an agentless manner, at least one remote agent should be configured in the environment;
  • The system hosting the remote agent should be configured with Internet connectivity;
  • You should buy the capability to launch and monitor instances on the cloud;
  • eG Enterprise monitors the AWS cloud using AWS API. To access the API, the eG agent can use either of the following approaches.

    • Role-based approach: This is the default approach.In this case, the eG agent accesses the AWS API as a valid AWS account with the required monitoring permissions, and pulls the metrics of interest. To use this approach, the eG agent has to be configured with the following:

      1. A valid AWS Account ID; to identify your AWS Account ID, do the following:

        • Login to the AWS management console. with your credentials.

        • Click on your IAM user/role on the top right corner of the AWS Console. You will see a drop-down menu containing the Account ID (see Figure 1).

          Figure 1 : Identifying the AWS Account ID

      2. A special AWS role created exclusively for monitoring purposes; to know how to create this role, refer to the Creating a New Roletopic .

      The eG tests should be configured with the Account ID and the special role. This eG agent then uses this Account ID and role to make API requests and collect the relevant metrics.

    • Secret Key-based approach: Some AWS cloud environments may allow cloud API requests only if such requests are signed by a valid Access Key and Secret Key. Before attempting to monitor such a cloud environment therefore, you should do the following:

      1. Obtain an AWS Access Key and Secret Key; to know how, refer to the Obtaining an Access key and Secret key topic .

      2. Configure the eG tests with the AWS Access Key and AWS Secret Key so obtained.

  • Some tests require the AWS CloudWatch service to be enabled. This is a paid web service that enables you to monitor, manage, and publish various metrics, as well as configure alarm actions based on data from metrics. For enabling this service, you need to pay CloudWatch fees. Refer to the AWS web site for the fee details.

  • The eG agent periodically executes the AWS Lambda test to monitor each Lambda function and report on their errors/responsiveness. This test will run and report metrics only if Amazon CloudWatch Lambda Insights is enabled in the Lambda console. Amazon CloudWatch Lambda Insights collects and aggregates Lambda function runtime performance metrics and logs for your serverless applications. To know how to enable this feature, look up theEnabling Amazon CloudWatch Lambda Insightstopic

  • The eG agent runs the AWS S3 (Simple Storage Service) Request Statistics test at configured intervals to track requests to each S3 bucket and measure the responsiveness of that bucket. However, this test will report metrics for an S3 bucket only if you enable Resource Metrics collection for that bucket in AWS. To know how to achieve this, refer to the Enabling Resource Metrics for S3 Bucket topic .

  • At a specified frequency, the eG agent executes the AWS Billing by Service test on the cloud. This test alerts you if the estimated cost of using a service is about to exceed your budget, and thus enables you to initiate measures for avoiding cost overruns. To pull such billing metrics per service, the test uses Amazon CloudWatch. If billing alerts/metrics are not published to Amazon CloudWatch, then this test will not run. This is why, before attempting to run this test, you should make sure that CloudWatch is configured to receive billing alerts. The steps to be followed for achieving this are detailed in Enabling CloudWatch to Receive Billing Alerts.


Currently, the Role-based approach to accessing and monitoring AWS is not available to the AWS Region component. If you have managed a component of type AWS Region, then the eG agent can access the AWS API and pull metrics for that component using the Secret Key-based approach only. In other words, you will have to obtain an access key and a secret key, and then configure the eG tests for the AWS Region component with those keys, in order to monitor that component. To know how to obtain the keys, refer to the Obtaining an Access key and Secret key topic

Likewise, the requirements pertaining to the AWS Lambda Test, AWS S3 (Simple Storage Service) Request Statistics test, and AWS Billing by Service test are applicable only to the AWS Cloud component, and not the AWS Region component.

The following requirements however are applicable to the AWS Region component as well: