Before you install the CloudWatch agent, set up connectivity for the agent.
About this task
This procedure enables the agent to send information through
Amazon Web Services (AWS) to the CloudWatch service. In your
Cyber Recovery VPC, create an endpoint for the AWS monitoring service.
Steps
In the AWS Management Console, go to the VPC service.
Under
VIRTUAL PRIVATE CLOUD, click
Endpoints.
Click
Create Endpoint.
For
Service category, select
AWS services, if necessary.
For
Service Name, type
monitoring in the search bar and press Enter.
Select the resulting service name.
The service name is displayed as
com.amazonaws.<region>.monitoring, where
<region> is your current AWS region.
From the VPC drop-down list, select your
Cyber Recovery VPC.
Under
Subnets, keep the selected Availability Zone, which is the default. From the
Subnet ID drop-down list , select the
Cyber Recovery host and DDVE subnet.
For example, select
<your prefix>_PPCR Mgmt Host and DDVE Private Subnet.
Leave
Enable DNS name enabled.
For
Security group, either disable the listed default in the
Security group field or disable the security group in the following list to ensure that there are no security groups selected. Then, under
Group Name, select the
crEC2EndpointSecurityGroup.
For
Policy, select Full Access, if necessary.
Add an identifying label by clicking
Add Tag and typing a key and a value.
For example, type
<your prefix> Monitoring Endpoint.
Click
Create endpoint.
The new endpoint is displayed in the list on the endpoints page.
From the
Endpoints page, determine the IP address of the newly created endpoint:
Select the newly created endpoint.
Under the list of endpoints, click the
Subnets tab.
Record the address under
IPv4 Address so that you can add it to the security group as described in the next step.
In your Cyber Recovery VPC, add a new rule to the
Cyber Recovery Security Group:
In the AWS Management Console, go to the VPC Service.
Under
SECURITY, click
Security Groups.
From the list, select
<your prefix>_PPCR Mgmt Host SG.
Under the list, click the
Outbound rules tab and the click
Edit outbound rules.
The
Edit outbound rules page is displayed.
Click
Add rule.
In the row that is added to the bottom of the list of rules, complete the following fields:
Type—Select HTTPS.
Protocol—Leave the default value.
Port range—Leave the default value.
Destination—Leave as
Custom.
Enter the IP address that you recorded in step 4. Ensure that you append
/32 to the address to indicate it is a single IP address.
Description—Add a meaningful description.
Click
Save rules.
The Security Groups page is displayed.
Next steps
Install the CloudWatch agent.
Data is not available for the Topic
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\