Create a Amazon Managed Service for Prometheus workspace

Follow these steps to create a Amazon Managed Service for Prometheus workspace. You can choose to use the AWS CLI or the Amazon Managed Service for Prometheus console.

Note

If you are running an Amazon EKS cluster, you can also create a new workspace using AWS Controllers for Kubernetes.

To create a workspace using the AWS CLI

Enter the following command to create the workspace. This example creates a workspace named my-first-workspace, but you can use a different alias (or none) if you want. Workspace aliases are friendly names that help you identify your workspaces. They do not have to be unique. Two workspaces can have the same alias, but all workspaces have unique workspace IDs, which are generated by Amazon Managed Service for Prometheus.

(Optional) To use your own KMS key to encrypt data stored in your workspace, you can include the kmsKeyArn parameter with the AWS KMS key to use. While Amazon Managed Service for Prometheus does not charge you for using customer managed keys, there may be costs associated with keys from AWS Key Management Service. For more information about Amazon Managed Service for Prometheus encryption of data in the workspace, or how to create, manage, and use your own customer managed key, see Encryption at rest.

Parameters in brackets ([]) are optional, do not include the brackets in your command.
```
aws amp create-workspace [--alias my-first-workspace] [--kmsKeyArn arn:aws:aps:us-west-2:111122223333:workspace/ws-sample-1234-abcd-56ef-7890abcd12ef]  [--tags Status=Secret,Team=My-Team]
```
This command returns the following data:
- workspaceId is the unique ID for this workspace. Make a note of this ID.
- arn is the ARN for this workspace.
- status is the current status of the workspace. Immediately after you create the workspace, this will probably be CREATING.
- kmsKeyArn is the customer managed key used to encrypt the workspace data, if given.
  
  Note
  Workspaces created with customer managed keys cannot use AWS managed collectors for ingestion.
  Choose whether to use customer managed keys or AWS owned keys carefully. Workspaces created with customer managed keys can't be converted to use AWS owned keys later (and vice versa).
- tags lists the workspace's tags, if any.
If your create-workspace command returns a status of CREATING, you can then enter the following command to determine when the workspace is ready. Replace my-workspace-id with the value that the create-workspace command returned for workspaceId.
```
aws amp describe-workspace --workspace-id my-workspace-id
```
When the describe-workspace command returns ACTIVE for status, the workspace is ready to use.

To create a workspace using the Amazon Managed Service for Prometheus console

Open the Amazon Managed Service for Prometheus console at https://console.aws.amazon.com/prometheus/.
Choose Create.
For Workspace alias, enter an alias for the new workspace.

Workspace aliases are friendly names that help you identify your workspaces. They do not have to be unique. Two workspaces can have the same alias, but all workspaces have unique workspace IDs, which are generated by Amazon Managed Service for Prometheus.
(Optional) To use your own KMS key to encrypt data stored in your workspace, you can select Customize encryption settings, and choose the AWS KMS key to use (or create a new one). You can choose a key in your account from the drop down list, or enter the ARN for any key that you have access to. While Amazon Managed Service for Prometheus does not charge you for using customer managed keys, there may be costs associated with keys from AWS Key Management Service.

For more information about Amazon Managed Service for Prometheus encryption of data in the workspace, or how to create, manage, and use your own, customer managed key, see Encryption at rest.

Note
Workspaces created with customer managed keys cannot use AWS managed collectors for ingestion.
Choose whether to use customer managed keys or AWS owned keys carefully. Workspaces created with customer managed keys can't be converted to use AWS owned keys later (and vice versa).
(Optional) To add one or more tags to the workspace, choose Add new tag. Then, in Key, enter a name for the tag. You can add an optional value for the tag in Value.

To add another tag, choose Add new tag again.
Choose Create workspace.

The workspace details page appears. This displays information including the status, ARN, workspace ID, and endpoint URLs for this workspace for both remote write and queries.

The status returns CREATING until the workspace is ready. Wait until the status is ACTIVE before you move on to setting up your metric ingestion.

Make note of the URLs that are displayed for Endpoint - remote write URL and Endpoint - query URL. You'll need them when you configure your Prometheus server to remote write metrics to this workspace and when you query those metrics.

For information about how to ingest metrics into the workspace, see Ingest Prometheus metrics to the workspace.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Manage workspaces

Edit a workspace