AWS Config Rule: CloudWatch Alarm Resource Check


Fernando Honig

Last Update vor 10 Monaten

Description: Checks whether the specified resource type has a CloudWatch alarm for the specified metric. For resource type, you can specify EBS volumes, EC2 instances, RDS clusters, or S3 buckets.

Trigger type: Periodic

AWS Region: All supported AWS regions

How to Resolve Manually

This Alarm will check your specified resources to see if a CloudWatch Alarm has been configured for the specified metric. The list of resources applicable for this are

  • AWS::EC2::Volume
  • AWS::EC2::Instance
  • AWS::RDS::Cluster
  • AWS::S3:Bucket

The `metricName` parameter will define which metric is associated with the alarm. For example, 'CPUUtilization' for EC2 Instances, or 'BucketSizeBytes' for S3 Buckets)

If you defined for example the Resource to be EC2 and the Metric to be CPUUtilization, then the check would iterate over all EC2 Instances and return NON-COMPLIANT if an instance did not have an Alarm associated with CloudWatch for CPUUtilization. You would then need to create one per Instance in order to revert this rule to COMPLIANT.

Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here

Was this article helpful?

1 out of 1 liked this article

Still need help? Message Us