Merge pull request #3808 from Northeastern-Electric-Racing/cloudwatch-dashboard

Cloudwatch dashboard

Author: walker-sean

.ebextensions/02_cloudwatch_agent.config

@@ -1,6 +1,6 @@
 files:
-  "/opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json":
-    mode: "000644"
+  "/opt/aws/amazon-cloudwatch-agent/bin/config.json":
+    mode: "000600"
     owner: root
     group: root
     content: |
@@ -11,6 +11,10 @@ files:
         },
         "metrics": {
           "namespace": "CWAgent",
+          "append_dimensions": {
+            "AutoScalingGroupName": "${aws:AutoScalingGroupName}",
+            "InstanceId": "${aws:InstanceId}"
+          },
           "metrics_collected": {
             "mem": {
               "measurement": [
@@ -35,29 +39,10 @@ files:
                 "*"
               ]
             }
-          },
-          "append_dimensions": {
-            "AutoScalingGroupName": "${aws:AutoScalingGroupName}",
-            "InstanceId": "${aws:InstanceId}"
           }
         }
       }
 
-commands:
-  01_install_cloudwatch_agent:
-    command: |
-      if ! command -v amazon-cloudwatch-agent-ctl &> /dev/null; then
-        wget -q https://s3.amazonaws.com/amazoncloudwatch-agent/amazon_linux/amd64/latest/amazon-cloudwatch-agent.rpm
-        rpm -U ./amazon-cloudwatch-agent.rpm
-        rm -f ./amazon-cloudwatch-agent.rpm
-      fi
-    test: "[ ! -f /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl ]"
-
-  02_stop_cloudwatch_agent:
-    command: |
-      /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl \
-        -a fetch-config \
-        -m ec2 \
-        -c file:/opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json \
-        -s
-    ignoreErrors: true
+container_commands:
+  start_cloudwatch_agent:
+    command: /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a append-config -m ec2 -s -c file:/opt/aws/amazon-cloudwatch-agent/bin/config.json

infrastructure/environments/production/main.tf

@@ -34,6 +34,11 @@ provider "aws" {
 locals {
   project_name = "finishline"
   environment  = "production"
+  
+  # Extract ALB ARN suffix for CloudWatch metrics
+  # Full ARN: arn:aws:elasticloadbalancing:region:account:loadbalancer/app/name/id
+  # Suffix needed: app/name/id
+  alb_arn_suffix = try(split("loadbalancer/", data.aws_lb.eb_alb.arn)[1], "")
 }
 
 #############
@@ -253,6 +258,31 @@ resource "aws_sns_topic" "alerts" {
   }
 }
 
+#############
+# Data Source: Fetch Autoscaling Group Name
+#############
+# Query AWS directly to get the actual autoscaling group name
+data "aws_autoscaling_groups" "eb_asg" {
+  filter {
+    name   = "tag:elasticbeanstalk:environment-name"
+    values = [module.elasticbeanstalk.environment_name]
+  }
+
+  depends_on = [module.elasticbeanstalk]
+}
+
+#############
+# Data Source: Fetch Application Load Balancer
+#############
+# Query AWS directly to get the actual ALB for metrics
+data "aws_lb" "eb_alb" {
+  tags = {
+    "elasticbeanstalk:environment-name" = module.elasticbeanstalk.environment_name
+  }
+
+  depends_on = [module.elasticbeanstalk]
+}
+
 #############
 # Monitoring Module
 #############
@@ -263,7 +293,8 @@ module "monitoring" {
   environment                = local.environment
   aws_region                 = var.aws_region
   eb_environment_name        = module.elasticbeanstalk.environment_name
-  eb_autoscaling_group_name  = module.elasticbeanstalk.autoscaling_groups[0]
+  eb_autoscaling_group_name  = data.aws_autoscaling_groups.eb_asg.names[0]
+  alb_arn_suffix             = local.alb_arn_suffix
   rds_instance_id            = module.rds.db_instance_id
   log_retention_days         = 30
   sns_topic_arn              = aws_sns_topic.alerts.arn

infrastructure/modules/iam/main.tf

@@ -163,6 +163,18 @@ resource "aws_iam_role_policy" "eb_ecr_access" {
   })
 }
 
+# Attach AWS managed policy for CloudWatch Agent
+# This policy includes permissions for:
+# - cloudwatch:PutMetricData
+# - ec2:DescribeVolumes, ec2:DescribeTags
+# - logs:* (CreateLogGroup, CreateLogStream, PutLogEvents, etc.)
+# - xray:* (for traces)
+# - ssm:GetParameter (for configs in Parameter Store)
+resource "aws_iam_role_policy_attachment" "eb_cloudwatch_agent" {
+  role       = aws_iam_role.eb_ec2_role.name
+  policy_arn = "arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy"
+}
+
 # EC2 Instance Profile
 resource "aws_iam_instance_profile" "eb_ec2_profile" {
   name = "${var.project_name}-${var.environment}-eb-ec2-profile"

infrastructure/modules/monitoring/main.tf

@@ -27,15 +27,14 @@ resource "aws_cloudwatch_dashboard" "main" {
           }
         }
       },
-      # EC2 Memory Utilization
+      # EC2 Memory Utilization (Custom Metric)
       {
         type = "metric"
         properties = {
           metrics = [
-            ["CWAgent", "mem_used_percent", "AutoScalingGroupName", var.eb_autoscaling_group_name, { stat = "Average" }]
+            [{ expression = "SELECT AVG(MemoryUtilization) FROM \"CWAgent\"", id = "m1" }]
           ]
           period = 300
-          stat   = "Average"
           region = var.aws_region
           title  = "EC2 Memory Utilization (%)"
           yAxis = {
@@ -46,25 +45,42 @@ resource "aws_cloudwatch_dashboard" "main" {
           }
         }
       },
-      # EB Request Count
+      # EC2 Disk Utilization (Custom Metric) - Root filesystem
       {
         type = "metric"
         properties = {
           metrics = [
-            ["AWS/ElasticBeanstalk", "RequestCount", "EnvironmentName", var.eb_environment_name, { stat = "Sum" }]
+            [{ expression = "SELECT AVG(DiskUtilization) FROM \"CWAgent\" WHERE path = '/'", id = "m1" }]
+          ]
+          period = 300
+          region = var.aws_region
+          title  = "EC2 Disk Utilization (%) - Root"
+          yAxis = {
+            left = {
+              min = 0
+              max = 100
+            }
+          }
+        }
+      },
+      {
+        type = "metric"
+        properties = {
+          metrics = [
+            ["AWS/ApplicationELB", "RequestCount", "LoadBalancer", var.alb_arn_suffix, { stat = "Sum" }]
           ]
           period = 300
           stat   = "Sum"
           region = var.aws_region
           title  = "Request Count"
         }
       },
-      # HTTP 5xx Errors
+      # HTTP 5xx Errors (Target Responses)
       {
         type = "metric"
         properties = {
           metrics = [
-            ["AWS/ElasticBeanstalk", "ApplicationRequests5xx", "EnvironmentName", var.eb_environment_name, { stat = "Sum" }]
+            ["AWS/ApplicationELB", "HTTPCode_Target_5XX_Count", "LoadBalancer", var.alb_arn_suffix, { stat = "Sum" }]
           ]
           period = 300
           stat   = "Sum"
@@ -144,6 +160,47 @@ resource "aws_cloudwatch_dashboard" "main" {
           region = var.aws_region
           title  = "RDS Freeable Memory (Bytes)"
         }
+      },
+      # RDS Read/Write Latency
+      {
+        type = "metric"
+        properties = {
+          metrics = [
+            ["AWS/RDS", "ReadLatency", "DBInstanceIdentifier", var.rds_instance_id, { stat = "Average", label = "Read Latency" }],
+            [".", "WriteLatency", ".", ".", { stat = "Average", label = "Write Latency" }]
+          ]
+          period = 300
+          stat   = "Average"
+          region = var.aws_region
+          title  = "RDS Read/Write Latency (ms)"
+        }
+      },
+      # RDS Queue Depth
+      {
+        type = "metric"
+        properties = {
+          metrics = [
+            ["AWS/RDS", "DiskQueueDepth", "DBInstanceIdentifier", var.rds_instance_id, { stat = "Average" }]
+          ]
+          period = 300
+          stat   = "Average"
+          region = var.aws_region
+          title  = "RDS Disk Queue Depth"
+        }
+      },
+      # RDS Throughput (MB/s)
+      {
+        type = "metric"
+        properties = {
+          metrics = [
+            ["AWS/RDS", "ReadThroughput", "DBInstanceIdentifier", var.rds_instance_id, { stat = "Average", label = "Read Throughput" }],
+            [".", "WriteThroughput", ".", ".", { stat = "Average", label = "Write Throughput" }]
+          ]
+          period = 300
+          stat   = "Average"
+          region = var.aws_region
+          title  = "RDS Disk Throughput (Bytes/sec)"
+        }
       }
     ]
   })
@@ -176,21 +233,22 @@ resource "aws_cloudwatch_metric_alarm" "eb_cpu_high" {
   }
 }
 
-# High Memory Alarm
-resource "aws_cloudwatch_metric_alarm" "eb_memory_high" {
-  alarm_name          = "${var.project_name}-${var.environment}-eb-memory-high"
+# HTTP 5xx Error Rate Alarm
+# This monitors server errors which indicate application health issues
+resource "aws_cloudwatch_metric_alarm" "alb_http_5xx_errors" {
+  alarm_name          = "${var.project_name}-${var.environment}-alb-http-5xx-high"
   comparison_operator = "GreaterThanThreshold"
   evaluation_periods  = 2
-  metric_name         = "mem_used_percent"
-  namespace           = "CWAgent"
+  metric_name         = "HTTPCode_Target_5XX_Count"
+  namespace           = "AWS/ApplicationELB"
   period              = 300
-  statistic           = "Average"
-  threshold           = 80
-  alarm_description   = "This metric monitors EC2 memory utilization"
+  statistic           = "Sum"
+  threshold           = 10  # Alert if more than 10 5xx errors in 5 minutes
+  alarm_description   = "High rate of HTTP 5xx errors indicates application issues"
   alarm_actions       = [var.sns_topic_arn]
 
   dimensions = {
-    AutoScalingGroupName = var.eb_autoscaling_group_name
+    LoadBalancer = var.alb_arn_suffix
   }
 
   tags = {
@@ -199,21 +257,25 @@ resource "aws_cloudwatch_metric_alarm" "eb_memory_high" {
   }
 }
 
-# Critical Memory Alarm
-resource "aws_cloudwatch_metric_alarm" "eb_memory_critical" {
-  alarm_name          = "${var.project_name}-${var.environment}-eb-memory-critical"
+#############
+# RDS CloudWatch Alarms
+#############
+
+# High RDS CPU Alarm
+resource "aws_cloudwatch_metric_alarm" "rds_cpu_high" {
+  alarm_name          = "${var.project_name}-${var.environment}-rds-cpu-high"
   comparison_operator = "GreaterThanThreshold"
   evaluation_periods  = 2
-  metric_name         = "mem_used_percent"
-  namespace           = "CWAgent"
+  metric_name         = "CPUUtilization"
+  namespace           = "AWS/RDS"
   period              = 300
   statistic           = "Average"
-  threshold           = 90
-  alarm_description   = "This metric monitors EC2 memory utilization - CRITICAL"
+  threshold           = 75
+  alarm_description   = "RDS CPU utilization is high - may need optimization or larger instance"
   alarm_actions       = [var.sns_topic_arn]
 
   dimensions = {
-    AutoScalingGroupName = var.eb_autoscaling_group_name
+    DBInstanceIdentifier = var.rds_instance_id
   }
 
   tags = {
@@ -222,22 +284,73 @@ resource "aws_cloudwatch_metric_alarm" "eb_memory_critical" {
   }
 }
 
-# HTTP 5xx Error Rate Alarm
-# This monitors server errors which indicate application health issues
-resource "aws_cloudwatch_metric_alarm" "eb_http_5xx_errors" {
-  alarm_name          = "${var.project_name}-${var.environment}-eb-http-5xx-high"
+# High RDS Read Latency Alarm
+resource "aws_cloudwatch_metric_alarm" "rds_read_latency_high" {
+  alarm_name          = "${var.project_name}-${var.environment}-rds-read-latency-high"
   comparison_operator = "GreaterThanThreshold"
   evaluation_periods  = 2
-  metric_name         = "ApplicationRequests5xx"
-  namespace           = "AWS/ElasticBeanstalk"
+  metric_name         = "ReadLatency"
+  namespace           = "AWS/RDS"
   period              = 300
-  statistic           = "Sum"
-  threshold           = 10  # Alert if more than 10 5xx errors in 5 minutes
-  alarm_description   = "High rate of HTTP 5xx errors indicates application issues"
+  statistic           = "Average"
+  threshold           = 0.01  # 10ms in seconds
+  alarm_description   = "RDS read latency is high - may indicate I/O bottleneck or need for indexing"
+  alarm_actions       = [var.sns_topic_arn]
+
+  dimensions = {
+    DBInstanceIdentifier = var.rds_instance_id
+  }
+
+  tags = {
+    Environment = var.environment
+    Project     = var.project_name
+  }
+}
+
+# Low RDS Freeable Memory Alarm
+resource "aws_cloudwatch_metric_alarm" "rds_memory_low" {
+  alarm_name          = "${var.project_name}-${var.environment}-rds-memory-low"
+  comparison_operator = "LessThanThreshold"
+  evaluation_periods  = 2
+  metric_name         = "FreeableMemory"
+  namespace           = "AWS/RDS"
+  period              = 300
+  statistic           = "Average"
+  threshold           = 524288000  # 500MB in bytes
+  alarm_description   = "RDS freeable memory is low - may need larger instance or query optimization"
   alarm_actions       = [var.sns_topic_arn]
 
   dimensions = {
-    EnvironmentName = var.eb_environment_name
+    DBInstanceIdentifier = var.rds_instance_id
+  }
+
+  tags = {
+    Environment = var.environment
+    Project     = var.project_name
+  }
+}
+
+# High Memory Alarm
+resource "aws_cloudwatch_metric_alarm" "eb_memory_high" {
+  alarm_name          = "${var.project_name}-${var.environment}-eb-memory-high"
+  comparison_operator = "GreaterThanThreshold"
+  evaluation_periods  = 2
+  threshold           = 75
+  alarm_description   = "This metric monitors EC2 memory utilization"
+  alarm_actions       = [var.sns_topic_arn]
+
+  metric_query {
+    id          = "m1"
+    return_data = true
+    metric {
+      namespace   = "CWAgent"
+      metric_name = "MemoryUtilization"
+      period      = 300
+      stat        = "Average"
+      dimensions = {
+        AutoScalingGroupName = var.eb_autoscaling_group_name
+      }
+    }
   }
 
   tags = {