Using synthetic monitoring

You can use Amazon CloudWatch Synthetics to create canaries, configurable scripts that run on a schedule, to monitor your endpoints and APIs. Canaries follow the same routes and perform the same actions as a customer, which makes it possible for you to continually verify your customer experience even when you don't have any customer traffic on your applications. By using canaries, you can discover issues before your customers do.

Canaries are scripts written in Node.js or Python. They create Lambda functions in your account that use Node.js or Python as a framework. Canaries work over both HTTP and HTTPS protocols.

Canaries offer programmatic access to a headless Google Chrome Browser via Puppeteer or Selenium Webdriver. For more information about Puppeteer, see Puppeteer. For more information about Selenium, see www.selenium.dev/.

Canaries check the availability and latency of your endpoints and can store load time data and screenshots of the UI. They monitor your REST APIs, URLs, and website content, and they can check for unauthorized changes from phishing, code injection and cross-site scripting.

CloudWatch Synthetics is integrated with Application Signals, which can discover and monitor your application services, clients, Synthetics canaries, and service dependencies. Use Application Signals to see a list or visual map of your services, view health metrics based on your service level objectives (SLOs), and drill down to see correlated X-Ray traces for more detailed troubleshooting. To see your canaries in Application Signals, turn on X-Ray active tracing. Your canaries are displayed on the Service Map connected to your services, and in the Service detail page of the services they call.

For a video demonstration of canaries, see the following:

• Introduction to Amazon CloudWatch Synthetics

• Amazon CloudWatch Synthetics Demo

• Create Canaries Using Amazon CloudWatch Synthetics

• Visual Monitoring with Amazon CloudWatch Synthetics

You can run a canary once or on a regular schedule. Canaries can run as often as once per minute. You can use both cron and rate expressions to schedule canaries.

For information about security issues to consider before you create and run canaries, see Security considerations for Synthetics canaries.

By default, canaries create several CloudWatch metrics in the CloudWatchSynthetics namespace. These metrics have CanaryName as a dimension. Canaries that use the executeStep() or executeHttpStep() function from the function library also have StepName as a dimension. For more information about the canary function library, see Library functions available for canary scripts.

CloudWatch Synthetics integrates well with the X-Ray Trace Map, which uses CloudWatch with AWS X-Ray to provide an end-to-end view of your services to help you more efficiently pinpoint performance bottlenecks and identify impacted users. Canaries that you create with CloudWatch Synthetics appear on the trace map. For more information, see X-Ray Trace Map.

CloudWatch Synthetics is currently available in all commercial AWS Regions and the GovCloud Regions.

Note

In Asia Pacific (Osaka), AWS PrivateLink is not supported. In Asia Pacific (Jakarta), AWS PrivateLink and X-Ray are not supported.

Topics

• Required roles and permissions for CloudWatch canaries
• Creating a canary
• Groups
• Troubleshooting a failed canary
• Sample code for canary scripts
• Canaries and X-Ray tracing
• Running a canary on a VPC
• Encrypting canary artifacts
• Viewing canary statistics and details
• CloudWatch metrics published by canaries
• Edit or delete a canary
• Start, stop, delete, or update runtime for multiple canaries
• Monitoring canary events with Amazon EventBridge