AWS Instance CloudWatch Utilization

This feature gathers AWS CloudWatch data for instances on 30-day intervals.

Best Practice:We recommend running the AWS CloudWatch data on a monthly basis.

This section describes:

AWS Instance CloudWatch Required Permissions
AWS Instance CloudWatch Functionality
AWS Instance CloudWatch: Windows Support
AWS Instance CloudWatch Input Parameters
AWS Instance CloudWatch: AWS Required Permissions
AWS Instance CloudWatch Supported Clouds
AWS Instance CloudWatch Observation Period

AWS Instance CloudWatch Required Permissions

Flexera One Role

Important:The required Flexera One role is View credentials. For complete descriptions of each role available in Flexera One, see Flexera One Roles.

AWS IAM Feature

CloudWatchReadOnlyAccess 

AWS Instance CloudWatch Functionality

This feature identifies all instances reporting performance metrics to CloudWatch whose CPU or Memory utilization is below the thresholds set in the  Average used memory percentage  and Average used CPU percentage  parameters.
The  Exclusion Tag Key  parameter is a string value. Only supply the Tag Key. Tag Values are not analyzed and therefore are not needed. If the exclusion tag key is used on an Instance, that Instance is presumed to be exempt from this feature.
This feature sets the tag defined in the Action Tag Key:Value parameter on the underutilized instances that were identified.
If you get an N/A in a field, you need to install the CloudWatch Agent on the instance to get those metrics.
This feature only pulls running instances, as it is unable to get correct monitoring metrics from instances in other states.

AWS Instance CloudWatch: Windows Support

To enable Windows support, you need to add the following to your cloudwatch config.json and restart the CloudWatch agent.

    "metrics": {

            "append_dimensions": {

                    "AutoScalingGroupName": "${aws:AutoScalingGroupName}",

                    "ImageId": "${aws:ImageId}",

                    "InstanceId": "${aws:InstanceId}",

                    "InstanceType": "${aws:InstanceType}"

  }

}

AWS Instance CloudWatch Input Parameters

This feature requires the following input parameters during configuration.

Email addresses of the recipients you wish to notify—A list of email addresses to notify
Average used memory percentage—Utilization below this percentage will trigger an action to tag the instance. Providing -1 will turn off this metric for consideration.
Average used CPU percentage—Utilization below this percentage will trigger an action to tag the instance. Providing -1 will turn off this metric for consideration.
Exclusion Tag Key—An AWS-native instance tag to ignore instances that you don't want to consider for downsizing. Only supply the tag key.
Action Tag Key:Value—The tag key:value pair to set on an instance that is underutilized.

AWS Instance CloudWatch: AWS Required Permissions

This feature requires permissions to list Metrics and Get Metric Statistics from the AWS Cloudwatch API. The Cloud Management Platform automatically creates two Credentials when connecting AWS to Cloud Management; AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY. The IAM user credentials contained in those credentials will require the following permissions:

{

  "Version": "2012-10-17",

  "Statement":[{

      "Effect":"Allow",

      "Action":["cloudwatch:GetMetricStatistics","cloudwatch:ListMetrics"],

      "Resource":"*",

      "Condition":{

         "Bool":{

            "aws:SecureTransport":"true"

            }

         }

      }

    

}

AWS Instance CloudWatch Supported Clouds

AWS

AWS Instance CloudWatch Observation Period

By default, this feature calculates utilization over a 30-day period.

To calculate over a different period of time, you can update the feature template.

Replace the 30 wherever you see  var start_date = new Date(new Date().setDate(new Date().getDate() - 30)).toISOString(); with the new number of days you want to use.

Depending on the number of days you choose to collect metrics for, you may need to update the  period  property. For 30 days, we use the value of 2592000, which is 30 days in seconds. You will need to update the value wherever you see 'Period': "2592000". For more details, see the official  AWS CloudWatch API Documentation.