CloudWatch

• Namespaces :

  • Metrics in different namespaces are isolated from each other

  • graphical representation of the key performance metrics for each EC2 instance

• Metrics

  • Default metric (EC2) time period is 5min, if detailed enabled then every 1min and has additional cost.

  • CloudWatch can track custom metrics such as memory, swap, and disk space utilization but it’s not available by default. You need to install CloudWatch agent in your EC2 instances

• Dimensions

• Resolution

• Statistics

• Percentiles

• Alarms

• CloudWatch Events

  • Respond to state changes in your AWS resources ( useful for triggering lambda func)

• HTTP 400 ThrottlingException for PutMetricData API calls in CloudWatch

  • Retry your call with exponential backoff and jitter.

  • Distribute your API calls evenly over time rather than making several API calls in a short time span

  • Combine as many metrics as possible into a single API call.

  • https://aws.amazon.com/premiumsupport/knowledge-center/cloudwatch-400-error-throttling/

CloudTrail

• Auditing, Used for logging , continuously monitor, and retain account activity related to actions across your AWS infrastructure , ex : API activity related to creating, modifying or deleting AWS resources

• Event history of your AWS account activity (console, or cli or SDK) , Who , what, when ?

• Multi Region Trail : One trail for all AWS regions

• Single Region Trail: only events from one region

AWS X-Ray

• Tracing application activity for performance of applications and operational statistics

• Analyze user requests as they travel through your Amazon API Gateway APIs to the underlying services

• To collect logs from EC2, install the X-Ray daemon by using a user data script.

• Useful for governance, compliance, operational auditing, and risk auditing

• Segments : The data, like the hostname, alias , IP, start and end times, subsegments , status

• Subsegments: more granular details of segments.

• Filter expressions: find traces related to specific paths or users.

• Annotations: key-value pair, searchable , Indexed, and used along with Filter expressions

• Metadata : key value pair, NOT indexed, NOT searchable, used for record data you want to store in the trace but don't need to use for searching traces

• Listens for traffic on UDP port 2000

• Errors : Client errors (400 series errors)

• Faults : Server faults (500 series errors)

• Throttle : Throttling errors (429 Too Many Requests)

• https://docs.aws.amazon.com/xray/latest/devguide/xray-concepts.html

• AWS IAM is used to grant X-Ray permissions to users and compute resources in your account

  • AWSXrayReadOnlyAccess : Access to X-Ray Console, view service maps and segments

  • AWSXRayDaemonWriteAccess : upload traces, and some read permissions to support the use of sampling rules

  • AWSXrayFullAccess: Encryption key settings and sampling rules

• DOES NOT track memory, swap, and disk space use CloudWatch for such custom metrics

AWS Config

• Auditing, Inventory of AWS resources

• Resource history and change tracking – how resource was configured,

• Governance