Namespace Pulumi.Aws.CloudWatch
Classes
Dashboard
Provides a CloudWatch Dashboard resource.
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var main = new Aws.CloudWatch.Dashboard("main", new Aws.CloudWatch.DashboardArgs
{
DashboardBody = @" {
""widgets"": [
{
""type"":""metric"",
""x"":0,
""y"":0,
""width"":12,
""height"":6,
""properties"":{
""metrics"":[
[
""AWS/EC2"",
""CPUUtilization"",
""InstanceId"",
""i-012345""
]
],
""period"":300,
""stat"":""Average"",
""region"":""us-east-1"",
""title"":""EC2 Instance CPU""
}
},
{
""type"":""text"",
""x"":0,
""y"":7,
""width"":3,
""height"":3,
""properties"":{
""markdown"":""Hello world""
}
}
]
}
",
DashboardName = "my-dashboard",
});
}
}
DashboardArgs
DashboardState
EventPermission
Provides a resource to create a CloudWatch Events permission to support cross-account events in the current account default event bus.
Example Usage
Account Access
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var devAccountAccess = new Aws.CloudWatch.EventPermission("devAccountAccess", new Aws.CloudWatch.EventPermissionArgs
{
Principal = "123456789012",
StatementId = "DevAccountAccess",
});
}
}
Organization Access
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var organizationAccess = new Aws.CloudWatch.EventPermission("organizationAccess", new Aws.CloudWatch.EventPermissionArgs
{
Condition = new Aws.CloudWatch.Inputs.EventPermissionConditionArgs
{
Key = "aws:PrincipalOrgID",
Type = "StringEquals",
Value = aws_organizations_organization.Example.Id,
},
Principal = "*",
StatementId = "OrganizationAccess",
});
}
}
EventPermissionArgs
EventPermissionState
EventRule
Provides a CloudWatch Event Rule resource.
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var console = new Aws.CloudWatch.EventRule("console", new Aws.CloudWatch.EventRuleArgs
{
Description = "Capture each AWS Console Sign In",
EventPattern = @"{
""detail-type"": [
""AWS Console Sign In via CloudTrail""
]
}
",
});
var awsLogins = new Aws.Sns.Topic("awsLogins", new Aws.Sns.TopicArgs
{
});
var sns = new Aws.CloudWatch.EventTarget("sns", new Aws.CloudWatch.EventTargetArgs
{
Arn = awsLogins.Arn,
Rule = console.Name,
});
var snsTopicPolicy = awsLogins.Arn.Apply(arn => Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs
{
Statements =
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs
{
Actions =
{
"SNS:Publish",
},
Effect = "Allow",
Principals =
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs
{
Identifiers =
{
"events.amazonaws.com",
},
Type = "Service",
},
},
Resources =
{
arn,
},
},
},
}));
var @default = new Aws.Sns.TopicPolicy("default", new Aws.Sns.TopicPolicyArgs
{
Arn = awsLogins.Arn,
Policy = snsTopicPolicy.Apply(snsTopicPolicy => snsTopicPolicy.Json),
});
}
}
EventRuleArgs
EventRuleState
EventTarget
Provides a CloudWatch Event Target resource.
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var console = new Aws.CloudWatch.EventRule("console", new Aws.CloudWatch.EventRuleArgs
{
Description = "Capture all EC2 scaling events",
EventPattern = @"{
""source"": [
""aws.autoscaling""
],
""detail-type"": [
""EC2 Instance Launch Successful"",
""EC2 Instance Terminate Successful"",
""EC2 Instance Launch Unsuccessful"",
""EC2 Instance Terminate Unsuccessful""
]
}
",
});
var testStream = new Aws.Kinesis.Stream("testStream", new Aws.Kinesis.StreamArgs
{
ShardCount = 1,
});
var yada = new Aws.CloudWatch.EventTarget("yada", new Aws.CloudWatch.EventTargetArgs
{
Arn = testStream.Arn,
Rule = console.Name,
RunCommandTargets =
{
new Aws.CloudWatch.Inputs.EventTargetRunCommandTargetArgs
{
Key = "tag:Name",
Values =
{
"FooBar",
},
},
new Aws.CloudWatch.Inputs.EventTargetRunCommandTargetArgs
{
Key = "InstanceIds",
Values =
{
"i-162058cd308bffec2",
},
},
},
});
}
}
Example SSM Document Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var ssmLifecycleTrust = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs
{
Statements =
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs
{
Actions =
{
"sts:AssumeRole",
},
Principals =
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs
{
Identifiers =
{
"events.amazonaws.com",
},
Type = "Service",
},
},
},
},
}));
var stopInstance = new Aws.Ssm.Document("stopInstance", new Aws.Ssm.DocumentArgs
{
Content = @" {
""schemaVersion"": ""1.2"",
""description"": ""Stop an instance"",
""parameters"": {
},
""runtimeConfig"": {
""aws:runShellScript"": {
""properties"": [
{
""id"": ""0.aws:runShellScript"",
""runCommand"": [""halt""]
}
]
}
}
}
",
DocumentType = "Command",
});
var ssmLifecyclePolicyDocument = stopInstance.Arn.Apply(arn => Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs
{
Statements =
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs
{
Actions =
{
"ssm:SendCommand",
},
Condition =
{
{
{ "test", "StringEquals" },
{ "values",
{
"*",
} },
{ "variable", "ec2:ResourceTag/Terminate" },
},
},
Effect = "Allow",
Resources =
{
"arn:aws:ec2:eu-west-1:1234567890:instance/*",
},
},
new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs
{
Actions =
{
"ssm:SendCommand",
},
Effect = "Allow",
Resources =
{
arn,
},
},
},
}));
var ssmLifecycleRole = new Aws.Iam.Role("ssmLifecycleRole", new Aws.Iam.RoleArgs
{
AssumeRolePolicy = ssmLifecycleTrust.Apply(ssmLifecycleTrust => ssmLifecycleTrust.Json),
});
var ssmLifecyclePolicy = new Aws.Iam.Policy("ssmLifecyclePolicy", new Aws.Iam.PolicyArgs
{
Policy = ssmLifecyclePolicyDocument.Apply(ssmLifecyclePolicyDocument => ssmLifecyclePolicyDocument.Json),
});
var stopInstancesEventRule = new Aws.CloudWatch.EventRule("stopInstancesEventRule", new Aws.CloudWatch.EventRuleArgs
{
Description = "Stop instances nightly",
ScheduleExpression = "cron(0 0 * * ? *)",
});
var stopInstancesEventTarget = new Aws.CloudWatch.EventTarget("stopInstancesEventTarget", new Aws.CloudWatch.EventTargetArgs
{
Arn = stopInstance.Arn,
RoleArn = ssmLifecycleRole.Arn,
Rule = stopInstancesEventRule.Name,
RunCommandTargets =
{
new Aws.CloudWatch.Inputs.EventTargetRunCommandTargetArgs
{
Key = "tag:Terminate",
Values =
{
"midnight",
},
},
},
});
}
}
Example RunCommand Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var stopInstancesEventRule = new Aws.CloudWatch.EventRule("stopInstancesEventRule", new Aws.CloudWatch.EventRuleArgs
{
Description = "Stop instances nightly",
ScheduleExpression = "cron(0 0 * * ? *)",
});
var stopInstancesEventTarget = new Aws.CloudWatch.EventTarget("stopInstancesEventTarget", new Aws.CloudWatch.EventTargetArgs
{
Arn = $"arn:aws:ssm:{@var.Aws_region}::document/AWS-RunShellScript",
Input = "{\"commands\":[\"halt\"]}",
RoleArn = aws_iam_role.Ssm_lifecycle.Arn,
Rule = stopInstancesEventRule.Name,
RunCommandTargets =
{
new Aws.CloudWatch.Inputs.EventTargetRunCommandTargetArgs
{
Key = "tag:Terminate",
Values =
{
"midnight",
},
},
},
});
}
}
EventTargetArgs
EventTargetState
GetLogGroup
GetLogGroupArgs
GetLogGroupResult
LogDestination
Provides a CloudWatch Logs destination resource.
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var testDestination = new Aws.CloudWatch.LogDestination("testDestination", new Aws.CloudWatch.LogDestinationArgs
{
RoleArn = aws_iam_role.Iam_for_cloudwatch.Arn,
TargetArn = aws_kinesis_stream.Kinesis_for_cloudwatch.Arn,
});
}
}
LogDestinationArgs
LogDestinationPolicy
Provides a CloudWatch Logs destination policy resource.
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var testDestination = new Aws.CloudWatch.LogDestination("testDestination", new Aws.CloudWatch.LogDestinationArgs
{
RoleArn = aws_iam_role.Iam_for_cloudwatch.Arn,
TargetArn = aws_kinesis_stream.Kinesis_for_cloudwatch.Arn,
});
var testDestinationPolicyPolicyDocument = testDestination.Arn.Apply(arn => Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs
{
Statements =
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs
{
Actions =
{
"logs:PutSubscriptionFilter",
},
Effect = "Allow",
Principals =
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs
{
Identifiers =
{
"123456789012",
},
Type = "AWS",
},
},
Resources =
{
arn,
},
},
},
}));
var testDestinationPolicyLogDestinationPolicy = new Aws.CloudWatch.LogDestinationPolicy("testDestinationPolicyLogDestinationPolicy", new Aws.CloudWatch.LogDestinationPolicyArgs
{
AccessPolicy = testDestinationPolicyPolicyDocument.Apply(testDestinationPolicyPolicyDocument => testDestinationPolicyPolicyDocument.Json),
DestinationName = testDestination.Name,
});
}
}
LogDestinationPolicyArgs
LogDestinationPolicyState
LogDestinationState
LogGroup
Provides a CloudWatch Log Group resource.
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var yada = new Aws.CloudWatch.LogGroup("yada", new Aws.CloudWatch.LogGroupArgs
{
Tags =
{
{ "Application", "serviceA" },
{ "Environment", "production" },
},
});
}
}
LogGroupArgs
LogGroupState
LogMetricFilter
Provides a CloudWatch Log Metric Filter resource.
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var dada = new Aws.CloudWatch.LogGroup("dada", new Aws.CloudWatch.LogGroupArgs
{
});
var yada = new Aws.CloudWatch.LogMetricFilter("yada", new Aws.CloudWatch.LogMetricFilterArgs
{
LogGroupName = dada.Name,
MetricTransformation = new Aws.CloudWatch.Inputs.LogMetricFilterMetricTransformationArgs
{
Name = "EventCount",
Namespace = "YourNamespace",
Value = "1",
},
Pattern = "",
});
}
}
LogMetricFilterArgs
LogMetricFilterState
LogResourcePolicy
Provides a resource to manage a CloudWatch log resource policy.
Example Usage
Elasticsearch Log Publishing
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var elasticsearch_log_publishing_policyPolicyDocument = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs
{
Statements =
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs
{
Actions =
{
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:PutLogEventsBatch",
},
Principals =
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs
{
Identifiers =
{
"es.amazonaws.com",
},
Type = "Service",
},
},
Resources =
{
"arn:aws:logs:*",
},
},
},
}));
var elasticsearch_log_publishing_policyLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy("elasticsearch-log-publishing-policyLogResourcePolicy", new Aws.CloudWatch.LogResourcePolicyArgs
{
PolicyDocument = elasticsearch_log_publishing_policyPolicyDocument.Apply(elasticsearch_log_publishing_policyPolicyDocument => elasticsearch_log_publishing_policyPolicyDocument.Json),
PolicyName = "elasticsearch-log-publishing-policy",
});
}
}
Route53 Query Logging
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var route53_query_logging_policyPolicyDocument = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs
{
Statements =
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs
{
Actions =
{
"logs:CreateLogStream",
"logs:PutLogEvents",
},
Principals =
{
new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs
{
Identifiers =
{
"route53.amazonaws.com",
},
Type = "Service",
},
},
Resources =
{
"arn:aws:logs:*:*:log-group:/aws/route53/*",
},
},
},
}));
var route53_query_logging_policyLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy("route53-query-logging-policyLogResourcePolicy", new Aws.CloudWatch.LogResourcePolicyArgs
{
PolicyDocument = route53_query_logging_policyPolicyDocument.Apply(route53_query_logging_policyPolicyDocument => route53_query_logging_policyPolicyDocument.Json),
PolicyName = "route53-query-logging-policy",
});
}
}
LogResourcePolicyArgs
LogResourcePolicyState
LogStream
Provides a CloudWatch Log Stream resource.
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var yada = new Aws.CloudWatch.LogGroup("yada", new Aws.CloudWatch.LogGroupArgs
{
});
var foo = new Aws.CloudWatch.LogStream("foo", new Aws.CloudWatch.LogStreamArgs
{
LogGroupName = yada.Name,
});
}
}
LogStreamArgs
LogStreamState
LogSubscriptionFilter
Provides a CloudWatch Logs subscription filter resource.
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var testLambdafunctionLogfilter = new Aws.CloudWatch.LogSubscriptionFilter("testLambdafunctionLogfilter", new Aws.CloudWatch.LogSubscriptionFilterArgs
{
DestinationArn = aws_kinesis_stream.Test_logstream.Arn,
Distribution = "Random",
FilterPattern = "logtype test",
LogGroup = "/aws/lambda/example_lambda_name",
RoleArn = aws_iam_role.Iam_for_lambda.Arn,
});
}
}
LogSubscriptionFilterArgs
LogSubscriptionFilterState
MetricAlarm
Provides a CloudWatch Metric Alarm resource.
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var foobar = new Aws.CloudWatch.MetricAlarm("foobar", new Aws.CloudWatch.MetricAlarmArgs
{
AlarmDescription = "This metric monitors ec2 cpu utilization",
ComparisonOperator = "GreaterThanOrEqualToThreshold",
EvaluationPeriods = "2",
InsufficientDataActions = {},
MetricName = "CPUUtilization",
Namespace = "AWS/EC2",
Period = "120",
Statistic = "Average",
Threshold = "80",
});
}
}
Example in Conjunction with Scaling Policies
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var batPolicy = new Aws.AutoScaling.Policy("batPolicy", new Aws.AutoScaling.PolicyArgs
{
AdjustmentType = "ChangeInCapacity",
AutoscalingGroupName = aws_autoscaling_group.Bar.Name,
Cooldown = 300,
ScalingAdjustment = 4,
});
var batMetricAlarm = new Aws.CloudWatch.MetricAlarm("batMetricAlarm", new Aws.CloudWatch.MetricAlarmArgs
{
AlarmActions =
{
batPolicy.Arn,
},
AlarmDescription = "This metric monitors ec2 cpu utilization",
ComparisonOperator = "GreaterThanOrEqualToThreshold",
Dimensions =
{
{ "AutoScalingGroupName", aws_autoscaling_group.Bar.Name },
},
EvaluationPeriods = "2",
MetricName = "CPUUtilization",
Namespace = "AWS/EC2",
Period = "120",
Statistic = "Average",
Threshold = "80",
});
}
}
Example with an Expression
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var foobar = new Aws.CloudWatch.MetricAlarm("foobar", new Aws.CloudWatch.MetricAlarmArgs
{
AlarmDescription = "Request error rate has exceeded 10%",
ComparisonOperator = "GreaterThanOrEqualToThreshold",
EvaluationPeriods = "2",
InsufficientDataActions = {},
MetricQueries =
{
new Aws.CloudWatch.Inputs.MetricAlarmMetricQueryArgs
{
Expression = "m2/m1*100",
Id = "e1",
Label = "Error Rate",
ReturnData = "true",
},
new Aws.CloudWatch.Inputs.MetricAlarmMetricQueryArgs
{
Id = "m1",
Metric = new Aws.CloudWatch.Inputs.MetricAlarmMetricQueryMetricArgs
{
Dimensions =
{
{ "LoadBalancer", "app/web" },
},
MetricName = "RequestCount",
Namespace = "AWS/ApplicationELB",
Period = "120",
Stat = "Sum",
Unit = "Count",
},
},
new Aws.CloudWatch.Inputs.MetricAlarmMetricQueryArgs
{
Id = "m2",
Metric = new Aws.CloudWatch.Inputs.MetricAlarmMetricQueryMetricArgs
{
Dimensions =
{
{ "LoadBalancer", "app/web" },
},
MetricName = "HTTPCode_ELB_5XX_Count",
Namespace = "AWS/ApplicationELB",
Period = "120",
Stat = "Sum",
Unit = "Count",
},
},
},
Threshold = "10",
});
}
}
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var xxAnomalyDetection = new Aws.CloudWatch.MetricAlarm("xxAnomalyDetection", new Aws.CloudWatch.MetricAlarmArgs
{
AlarmDescription = "This metric monitors ec2 cpu utilization",
ComparisonOperator = "GreaterThanUpperThreshold",
EvaluationPeriods = "2",
InsufficientDataActions = {},
MetricQueries =
{
new Aws.CloudWatch.Inputs.MetricAlarmMetricQueryArgs
{
Expression = "ANOMALY_DETECTION_BAND(m1)",
Id = "e1",
Label = "CPUUtilization (Expected)",
ReturnData = "true",
},
new Aws.CloudWatch.Inputs.MetricAlarmMetricQueryArgs
{
Id = "m1",
Metric = new Aws.CloudWatch.Inputs.MetricAlarmMetricQueryMetricArgs
{
Dimensions =
{
{ "InstanceId", "i-abc123" },
},
MetricName = "CPUUtilization",
Namespace = "AWS/EC2",
Period = "120",
Stat = "Average",
Unit = "Count",
},
ReturnData = "true",
},
},
ThresholdMetricId = "e1",
});
}
}
Example of monitoring Healthy Hosts on NLB using Target Group and NLB
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var xxxNlbHealthyhosts = new Aws.CloudWatch.MetricAlarm("xxxNlbHealthyhosts", new Aws.CloudWatch.MetricAlarmArgs
{
ComparisonOperator = "LessThanThreshold",
EvaluationPeriods = "1",
MetricName = "HealthyHostCount",
Namespace = "AWS/NetworkELB",
Period = "60",
Statistic = "Average",
Threshold = @var.Logstash_servers_count,
AlarmDescription = "Number of XXXX nodes healthy in Target Group",
ActionsEnabled = "true",
AlarmActions =
{
aws_sns_topic.Sns.Arn,
},
OkActions =
{
aws_sns_topic.Sns.Arn,
},
Dimensions =
{
{ "TargetGroup", aws_lb_target_group.Lb_tg.Arn_suffix },
{ "LoadBalancer", aws_lb.Lb.Arn_suffix },
},
});
}
}
NOTE: You cannot create a metric alarm consisting of both
statisticandextended_statisticparameters. You must choose one or the other