NOTE: Certain information in this article may be missing or out of date. We are in the process of updating the content.
Amazon Cloudwatch is a cloud based monitoring and management system for developers and IT managers.
NOTE: We are no longer actively supporting this integration as of April 2019. If you have previously authenticated this data source, it will still appear in the list of your data sources. We will not be improving this integration further.
How to Connect
Before you get started you will need your Amazon Cloudwatch connection name, access key ID, and secret access key.
- Log in to your Grow account and click Add Metric.
- In order to connect your Amazon Cloudwatch account, you’ll need your connection name, access key ID, and secret access key. There is a fourth field where you can input the region, but this is an optional field.
- Go ahead and enter the name of your connection. To get the Access Key ID and Secret Access Key, you will need to create an IAM user in your CloudWatch account. (If you haven’t done this, check below in the FAQs for how to set this up.)
Note: The Access Key ID and Secret Access Key are only available when you first create the user, so be sure to record them somewhere in case you need them later.
- Enter your Access Key ID and Secret Access Key, then press Submit.
And that's it! You are good to go.
FAQS + Tips and Tricks
To manage permissions to Amazon CloudWatch, an administrator or a user with rights to create IAM users and policies can create an IAM user. This is an identity within your AWS account. An IAM user has specific custom permissions within your account---for example, to view CloudWatch metrics. IAM is an acronym for AWS Identity and Access Management.
It's an Amazon best practice not to use your AWS root account for day-to-day tasks.
If you want to read more detailed information about the roles in AWS, you can read their documentation here.
To manage access to your CloudWatch information, you can create different users or identities within your AWS account and manage the permissions for each one. Their help article on managing resources says, “When granting permissions, you decide who is getting the permissions, the resources they get permissions for, and the specific actions that you want to allow on those resources.” CloudWatch itself does not have any resources that you can control access to.
The snippet below shows the code for read-only access. If you want, you can create a custom policy, beginning with changing the "Version" field. Alternatively, you can attach a managed policy to the user. The following is a Read-Only Access policy. Amazon has documentation about attaching managed policies to users which you can read here.
If you have more questions about managing permissions, we recommend you check out their help docs on the topic. They are detailed and fairly easy to understand.