Menu
Amazon CloudWatch
User Guide

Creating Amazon CloudWatch Alarms

You can create a CloudWatch alarm that sends an Amazon Simple Notification Service message when the alarm changes state. An alarm watches a single metric over a time period you specify, and performs one or more actions based on the value of the metric relative to a given threshold over a number of time periods. The action is a notification sent to an Amazon Simple Notification Service topic or Auto Scaling policy. Alarms invoke actions for sustained state changes only. CloudWatch alarms will not invoke actions simply because they are in a particular state, the state must have changed and been maintained for a specified number of periods.

After an alarm invokes an action due to a change in state, its subsequent behavior depends on the type of action that you have associated with the alarm. For Auto Scaling policy notifications, the alarm continues to invoke the action for every period that the alarm remains in the new state. For Amazon Simple Notification Service notifications, no additional actions are invoked.

An alarm has three possible states:

  • OK—The metric is within the defined threshold

  • ALARM—The metric is outside of the defined threshold

  • INSUFFICIENT_DATA—The alarm has just started, the metric is not available, or not enough data is available for the metric to determine the alarm state

In the following figure, the alarm threshold is set to 3 and the evaluation period is 3. That is, the alarm invokes its action if the oldest period is breaching and the others are breaching or missing within a time window of 3 periods. In the figure, this happens with the third through fifth time periods, and the alarm's state is set to ALARM. At period six, the value dips below the threshold, and the state reverts to OK. Later, during the ninth time period, the threshold is breached again, but the previous periods are OK. Consequently, the alarm's state remains OK.

Alarm threshold trigger alarm

Note

CloudWatch doesn't test or validate the actions you specify, nor does it detect any Auto Scaling or SNS errors resulting from an attempt to invoke nonexistent actions. Make sure your actions exist.

Common Features of Alarms

  • You can create up to 5000 alarms per AWS account. To create or update an alarm, you use the PutMetricAlarm API function (mon-put-metric-alarm command).

  • You can list any or all of the currently configured alarms, and list any alarms in a particular state using the DescribeAlarms API (mon-describe-alarms command). You can further filter the list by time range.

  • You can disable and enable alarms by using the DisableAlarmActions and EnableAlarmActions APIs (mon-disable-alarm-actions and mon-enable-alarm-actions commands).

  • You can test an alarm by setting it to any state using the SetAlarmState API (mon-set-alarm-state command). This temporary state change lasts only until the next alarm comparison occurs.

  • You can create an alarm using the PutMetricAlarm API function (mon-put-metric-alarm command) before you've created a custom metric. In order for the alarm to be valid, you must include all of the dimensions for the custom metric in addition to the metric namespace and metric name in the alarm definition.

  • Finally, you can view an alarm's history using the DescribeAlarmHistory API (mon-describe-alarm-history command). CloudWatch preserves alarm history for two weeks. Each state transition is marked with a unique time stamp. In rare cases, your history might show more than one notification for a state change. The time stamp enables you to confirm unique state changes.

Note

Some AWS resources do not send metric data to CloudWatch under certain conditions.

For example, Amazon EBS may not send metric data for an available volume that is not attached to an Amazon EC2 instance, because there is no metric activity to be monitored for that volume. If you have an alarm set for such a metric, you may notice its state change to Insufficient Data. This may simply be an indication that your resource is inactive, and may not necessarily mean that there is a problem.