AWS Cloudwatch Metric Stream
AWS Cloudwatch Metric Stream enables customers to send their Cloudwatch metrics to Levitate.
Pre-requisites
Create a cluster on Levitate dashboard
and copy the Write HTTP Endpoint URL from the Cloudstream section.
Setting up required IAM policy
Ensuring your AWS Identity and Access Management (IAM) user account has access permissions is crucial. The following access policy is specifically crafted to enable actions related to creating Kinesis Data Streams and CloudWatch Metric Streams.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"cloudwatch:StartMetricStreams",
"cloudwatch:PutMetricStream",
"cloudwatch:GetMetricStream",
"cloudwatch:GetMetricData",
"cloudwatch:ListMetrics",
"cloudwatch:ListMetricStreams"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"firehose:PutRecord",
"firehose:CreateDeliveryStream",
"firehose:DescribeDeliveryStream",
"firehose:PutRecordBatch",
"firehose:UpdateDestination",
"firehose:ListDeliveryStreams"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:ListAllMyBuckets",
"s3:CreateBucket",
"s3:GetBucketLocation",
"s3:GetObject",
"s3:ListBucket",
"s3:ListBucketMultipartUploads",
"s3:PutObject"
],
"Resource": [
"arn:aws:s3:::*"
]
},
{
"Effect": "Allow",
"Action": [
"iam:CreateRole",
"iam:CreatePolicy",
"iam:AttachRolePolicy",
"iam:CreatePolicyVersion",
"iam:DeletePolicyVersion",
"iam:PassRole"
],
"Resource": [
"arn:aws:iam::<account_id>:policy/*",
"arn:aws:iam::<account_id>:role/*"
]
},
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream"
],
"Resource": [
"arn:aws:logs:<region>:<account_id>:log-group:*:log-stream:*"
]
}
]
}
Creating an AWS Kinesis Delivery Stream
-
Open the AWS Kinesis homepage (console.aws.amazon.com/kinesis/home)
-
Open the left sidebar (click on the ☰ icon, if it is not expanded already)
-
Click on
Delivery Streams
-
Click on
Create delivery stream
-
Choose
Direct PUT
-
Delivery stream name =
last9-$your_organization_name
-
Set the copied write HTTP Endpoint URL from the Levitate cluster as an HTTP endpoint.
-
Add
usernameandpassword. Use thecluster_idfrom the Levitate cluster page asusername. Create a Write Token and use it aspassword.
-
Choose or create an S3 bucket to save data the stream failed to deliver.
-
Click on
Create delivery stream
Sending data from Cloudwatch to the delivery stream
-
Open the Cloudwatch console and click on
Metrics -> Streams
-
Click on
Create metric stream
-
Choose
All metricsto send all Cloudwatch metrics. Optionally, you can also select specific namespace metrics you want to send by using theSelect namespaces=.
-
Ensure that you use the delivery stream created in the earlier step and that the output format is
Opentelemetry 0.7.
-
Enter the
Metric stream nameaslast9-$your_organization_name- click onCreate metric stream.
Verification
Once the Cloudwatch metric stream is enabled, it sends metrics with the prefix amazonaws_com_AWS prefix. They can be
observed in the Hosted Grafana in the Explore tab in Levitate.
Troubleshooting
Please get in touch with us on Discord or Email if you have any questions.