Monitoring memory usage in AWS CloudWatch for Windows instance

Question

By default, memory usage isn’t monitored by CloudWatch. So I tried to add it to my Windows instance in AWS using these instructions.

This is what I did:

1. I created a user named custom-metrics-user. Then I stored the access and secret key.

2. I created and attached an Inline Policy to the user. it looks like this:

   { 
     "Version": "2012-10-17", 
     "Statement": [ 
       { 
         "Effect": "Allow", 
         "Action": ["cloudwatch:PutMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "ec2:DescribeTags"], 
         "Resource": "*" 
       } 
     ] 
   }
   

3. I launched a Windows Instance [2012 R2 Base AMI]. After accessing the instance through RDP, I found that the AWS.EC2.Windows.CloudWatch.json file is already present.

4. I changed that .json file accordingly. After changing it, it looks like this:

   {
       "EngineConfiguration": {
           "PollInterval": "00:00:15",
           "Components": [
               {
                   "Id": "ApplicationEventLog",
                   "FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
                   "Parameters": {
                       "LogName": "Application",
                       "Levels": "1"
                   }
               },
               {
                   "Id": "SystemEventLog",
                   "FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
                   "Parameters": {
                       "LogName": "System",
                       "Levels": "7"
                   }
               },
               {
                   "Id": "SecurityEventLog",
                   "FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
                   "Parameters": {
                   "LogName": "Security",
                   "Levels": "7"
                   }
               },
               {
                   "Id": "ETW",
                   "FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
                   "Parameters": {
                       "LogName": "Microsoft-Windows-WinINet/Analytic",
                       "Levels": "7"
                   }
               },
               {
                   "Id": "IISLog",
                   "FullName": "AWS.EC2.Windows.CloudWatch.IisLog.IisLogInputComponent,AWS.EC2.Windows.CloudWatch",
                   "Parameters": {
                       "LogDirectoryPath": "C:\\inetpub\\logs\\LogFiles\\W3SVC1"
                   }
               },
               {
                   "Id": "CustomLogs",
                   "FullName": "AWS.EC2.Windows.CloudWatch.CustomLog.CustomLogInputComponent,AWS.EC2.Windows.CloudWatch",
                   "Parameters": {
                       "LogDirectoryPath": "C:\\CustomLogs\\",
                       "TimestampFormat": "MM/dd/yyyy HH:mm:ss",
                       "Encoding": "UTF-8",
                       "Filter": "",
                       "CultureName": "en-US",
                       "TimeZoneKind": "Local"
                   }
               },
               {
                   "Id": "PerformanceCounter",
                   "FullName": "AWS.EC2.Windows.CloudWatch.PerformanceCounterComponent.PerformanceCounterInputComponent,AWS.EC2.Windows.CloudWatch",
                   "Parameters": {
                       "CategoryName": "Memory",
                       "CounterName": "Available MBytes",
                       "InstanceName": "",
                       "MetricName": "Memory",
                       "Unit": "Megabytes",
                       "DimensionName": "InstanceId",
                       "DimensionValue": "{instance_id}"
                   }
               },
               {
                   "Id": "CloudWatchLogs",
                   "FullName": "AWS.EC2.Windows.CloudWatch.CloudWatchLogsOutput,AWS.EC2.Windows.CloudWatch",
                   "Parameters": {
                       "AccessKey": "",
                       "SecretKey": "",
                       "Region": "us-east-1",
                       "LogGroup": "Default-Log-Group",
                       "LogStream": "{instance_id}"
                   }
               },
               {
                   "Id": "CloudWatch",
                   "FullName": "AWS.EC2.Windows.CloudWatch.CloudWatch.CloudWatchOutputComponent,AWS.EC2.Windows.CloudWatch",
                   "Parameters": 
                   {
                       "AccessKey": "AKIAIK2U6EU675354BQ",
                       "SecretKey": "nPyk9ntdwW0y5oaw8353fsdfTi0e5/imx5Q09vz",
                       "Region": "us-east-1",
                       "NameSpace": "System/Windows"
                   }
               }
           ],
           "Flows": {
               "Flows": 
               [
                   "PerformanceCounter,CloudWatch"
               ]
           }
       } 
   }
   

5. I enabled CloudWatch Logs integration under EC2ConfigSettings.

6. I restarted the EC2Config Service.

I got no errors but the Memory metric isn't being shown in the Cloud Watch console. The blog says to wait for 10-15 minutes for the metric to appear, but it has already been an hour since I have done it. What’s going wrong?

Answer 1

First, you need to add an IAM role to your instance:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "AllowAccessToSSM",
            "Effect": "Allow",
            "Action": [
                "cloudwatch:PutMetricData",
                "logs:CreateLogGroup",
                "logs:CreateLogStream",
                "logs:DescribeLogGroups",
                "logs:DescribeLogStreams",
                "logs:PutLogEvents"
            ],
            "Resource": [
                "*"
            ]
        }
    ]
}

Note that you cannot add a role to an existing instance. So do it before launching. Then you need to configure the EC2Config file (normally) accessible via the following path:

C:\Program Files\Amazon\Ec2ConfigService\Settings.AWS.EC2.Windows.CloudWatch.json

You should add the following block to the JSON file:

...

{
    "Id": "PerformanceCounter",
    "FullName": "AWS.EC2.Windows.CloudWatch.PerformanceCounterComponent.PerformanceCounterInputComponent,AWS.EC2.Windows.CloudWatch",
    "Parameters": {
        "CategoryName": "Memory",
        "CounterName": "Available MBytes",
        "InstanceName": "",
        "MetricName": "Memory",
        "Unit": "Megabytes",
        "DimensionName": "InstanceId",
        "DimensionValue": "{instance_id}"
    }
}

...

{
    "Id": "CloudWatch",
    "FullName": "AWS.EC2.Windows.CloudWatch.CloudWatch.CloudWatchOutputComponent,AWS.EC2.Windows.CloudWatch",
    "Parameters": 
    {
        "AccessKey": "",
        "SecretKey": "",
        "Region": "eu-west-1",
        "NameSpace": "PerformanceMonitor"
    }
}

Do not forget to restart the EC2Config service on your server after changing the config file. You should be able to get the memory metrics after a couple of minutes in your CloudWatch console. The level of CloudWatch monitoring on your instance should also be set to detailed:

Update:

According to the documentation, you can now attach or modify an IAM role to your existing instance.

Answer 2

I am running a Windows 2012 Base R2 Server and it is running EC2Config Version greater than 4.0. If anyone faces the same problem, please restart the Amazon SSM Agent Service after restarting EC2Config Service.

I read it in the following link [STEP-6] :

http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/send_logs_to_cwl.html

It reads the following :

If you are running EC2Config version 4.0 or later, then you must restart the SSM Agent on the instance from the Microsoft Services snap-in.

I solved my issue by doing this.