Monitoring and event management in AMS Accelerate - AMS Accelerate User Guide

Monitoring and event management in AMS Accelerate

The AMS Accelerate monitoring system monitors your AWS resources for failures, performance degradation, and security issues.

As a managed account, AMS Accelerate configures and deploys alarms for applicable AWS resources, monitors these resources, and performs remediation when needed.

The AMS Accelerate monitoring system relies on internal tools, such as Resource Tagger and Alarm Manager, and leverages native AWS services, such as AWS AppConfig, Amazon CloudWatch (CloudWatch), Amazon EventBridge(formerly known as CloudWatch), Amazon GuardDuty, Amazon Macie, and AWS Health.

AMS Accelerate provides a range of operational services to help you achieve operational excellence on AWS. To gain a quick understanding of how AMS helps your teams achieve overall operational excellence in AWS Cloud with some of our key operational capabilities including 24x7 helpdesk, proactive monitoring, security, patching, logging and backup, see AMS Reference Architecture Diagrams.

What is monitoring?

AMS Accelerate monitoring provides these benefits:

  • A default configuration that creates, manages, and deploys policies across your managed account for all or supported AWS resources that you select.

  • A monitoring baseline so that you have a default level of protection, even if you don’t configure any other monitoring for your managed accounts. For more information, see Alerts from baseline monitoring in AMS.

  • The ability to customize the baseline resource alarms to meet your requirements.

  • Automatic remediation of alerts by AMS Operations, when possible, to prevent or reduce the impact to your applications. For example, if you are using a standalone Amazon EC2 instance and it fails the system health check, AMS attempts to recover the instance by stopping and restarting it. For more information, see  AMS automatic remediation of alerts.

  • Visibility into active, and previously resolved, alerts using OpsCenter. For example, if you have an unexpected high CPU utilization on an Amazon EC2 instance, you can request access to the AWS Systems Manager console (which includes access to the OpsCenter console) and view the OpsItem directly in the OpsCenter console.

  • Investigating alerts to determine the appropriate actions. For more information, see Incident management.

  • Alerts generated based on the configuration in your account and supported AWS services. The monitoring configuration of an account refers to all the resource parameters in the account that create an alert. The monitoring configuration of an account includes CloudWatch Alarm definitions, and EventBridge (formerly known as CloudWatch Events) that generate the alert (alarm or event). For more information about the resource parameters, see  Alerts from baseline monitoring in AMS.

  • Notification of imminent, on-going, receding, or potential failures; performance degradation; or security issues generated by the baseline monitoring configured in an account (known as an alert). Examples of alerts include a CloudWatch Alarm, an Event, or a Finding from an AWS service, such as GuardDuty or AWS Health.