...
Service | Type | Permissions |
---|
AWS Organizations | organizations | organizations:Describe* organizations:List* |
Amazon Elastic Compute Cloud (ASG) | autoscaling | autoscaling:Describe* |
Amazon Elastic Compute Cloud (EC2) | ec2 | ec2:Describe* ec2:DescribeInstanceStatus ec2:DescribeInstances ec2:DescribeSnapshotAttribute ec2:DescribeSnapshots ec2:DescribeTags ec2:DescribeVolumeAttribute ec2:DescribeVolumeStatus ec2:DescribeVolumes |
Amazon Elastic Compute Cloud (elb) | elasticloadbalancing | elasticloadbalancing:Describe* |
Cloudwatch | cloudwatch | cloudwatch:Describe* cloudwatch:GetMetricData cloudwatch:GetMetricStatistics cloudwatch:ListMetrics |
Elastic Container Registry | ecr-public | ecr-public:DescribeImageTags ecr-public:DescribeImages ecr-public:DescribeRegistries ecr-public:DescribeRepositories ecr-public:GetRegistryCatalogData ecr-public:GetRepositoryCatalogData ecr-public:GetRepositoryPolicy ecr-public:ListTagsForResource ecr-public:TagResource |
Elastic Container Registry | ecr-private | ecr:DescribeImages ecr:DescribeRegistry ecr:DescribeRepositories ecr:GetLifecyclePolicy ecr:GetLifecyclePolicyPreview ecr:GetRegistryPolicy ecr:GetRepositoryPolicy ecr:ListImages ecr:ListTagsForResource, |
Elastic Container Service | ecs | ecs:Describe ecs:List* |
Elastic Kubernetes Service | eks | eks:Describe* eks:List* |
Elastic Filesystem | elasticfilesystem | elasticfilesystem:ClientMount elasticfilesystem:DescribeAccessPoints elasticfilesystem:DescribeAccountPreferences elasticfilesystem:DescribeBackupPolicy elasticfilesystem:DescribeFileSystemPolicy elasticfilesystem:DescribeFileSystems elasticfilesystem:DescribeLifecycleConfiguration elasticfilesystem:DescribeMountTargetSecurityGroups elasticfilesystem:DescribeMountTargets elasticfilesystem:DescribeTags elasticfilesystem:ListTagsForResource |
Relational Database Service | rds pi | pi:* rds:DescribeDBClusters rds:DescribeDBInstances rds:DescribeDBParameters rds:DescribeReservedDBInstances rds:ListTagsForResource |
Simple Storage Service | s3 | s3:GetBucketLocation s3:GetBucketPolicy s3:GetBucketPolicyStatus s3:GetBucketTagging s3:GetBucketVersioning s3:GetEncryptionConfiguration s3:GetIntelligentTieringConfiguration s3:GetInventoryConfiguration s3:GetLifecycleConfiguration s3:GetMetricsConfiguration s3:GetObject s3:GetObjectRetention s3:GetObjectTagging s3:GetObjectVersion s3:GetReplicationConfiguration s3:ListAllMyBuckets s3:ListBucket s3:ListBucketVersions |
AWS Config | config | config:DescribeConfigRules config:DescribeConfigurationRecorderStatus config:DescribeConfigurationRecorders config:GetComplianceDetailsByConfigRule config:ListAggregateDiscoveredResources config:ListDiscoveredResources config:PutConfigRule config:PutConfigurationRecorder config:SelectAggregateResourceConfig config:SelectResourceConfig config:StartConfigurationRecorder iam:PassRole config:DeleteConfigRule |
How to enable additional memory metrics on EC2 Instances
Collect metrics and logs from Amazon EC2 instances and on-premises servers with the CloudWatch agent