Posted in

Implement AWS CloudWatch to the AWS WorkSpaces using System Manager

by Mariusz Ferdyn - Microsoft Most Valuable Professional (MVP)
  1. Install System Manager on WorkSpaces – you must follow installing AWS System Manager on-premise.
    1. Create Hybrid Activations for your AWS WorkSpaces
      Copy code and id to the script that installs it to all AWS instances using PS remoting from your Active Directory Administration Account.
    2. Invoke the following code to install a System manager Agent on Workspaces:
      Set-ExecutionPolicy Unrestricted Invoke-Command -ComputerName WSAMZN-AJHQL2HU,WSAMZN-4C2SBR05 -FilePath .InstallSME.ps1 InstallSME.ps1: $code = “xxx” $id = “yyy” $region = “us-east-1” $dir = $env:TEMP + “ssm” New-Item -ItemType directory -Path $dir -Force cd $dir (New-Object System.Net.WebClient).DownloadFile(“https://amazon-ssm-$region.s3.amazonaws.com/latest/windows_amd64/AmazonSSMAgentSetup.exe”, $dir + “AmazonSSMAgentSetup.exe”) Start-Process .AmazonSSMAgentSetup.exe -ArgumentList @(“/q”, “/log”, “install.log”, “CODE=$code”, “ID=$id”, “REGION=$region”) -Wait Get-Content ($env:ProgramData + “AmazonSSMInstanceDataregistration”) Get-Service -Name “AmazonSSMAgent”
  2. Install Cloud Watch Agent on Work Spaces – that now you are see them as Managed Instances.

    1. Install Cloud Watch binaries using Run Command From System Manager, search for AWS-ConfigureAWSPackage package.
    2. Put AmazonCloudWatchAgent in Name and confirm that Action is Install and specify targets.
    3. You can use:
      aws workspaces describe-workspaces –output json > workspaceinstances.txt notepad .workspaceinstances.txt aws ssm describe-instance-information –output json > managedinstances.txt notepad .managedinstances.txt to fetch instance details and match instanceid against computername.
    4. Disable the S3 bucket and RUN.
  3. Run script that pass config files to the insances:
    1. Run command and choose AWS-RunPowerShellScript
    2. Put script:
      New-Item “C:ProgramDataAmazonAmazonCloudWatchAgentcredentials” -Force Add-content “C:ProgramDataAmazonAmazonCloudWatchAgentcredentials” “[AmazonCloudWatchAgent]” -Force Add-content “C:ProgramDataAmazonAmazonCloudWatchAgentcredentials” “aws_access_key_id = zzz” -Force Add-content “C:ProgramDataAmazonAmazonCloudWatchAgentcredentials” “aws_secret_access_key = zzz” -Force Add-content “C:ProgramDataAmazonAmazonCloudWatchAgentcredentials” “region = us-east-1” -Force Remove-Item “C:ProgramDataAmazonAmazonCloudWatchAgentcommon-config.toml” -Force New-Item “C:ProgramDataAmazonAmazonCloudWatchAgentcommon-config.toml” -Force Add-content “C:ProgramDataAmazonAmazonCloudWatchAgentcommon-config.toml” “[credentials]” -Force Add-content “C:ProgramDataAmazonAmazonCloudWatchAgentcommon-config.toml” ” shared_credential_profile = `”AmazonCloudWatchAgent`”” -Force Add-content “C:ProgramDataAmazonAmazonCloudWatchAgentcommon-config.toml” ” shared_credential_file = `”C:\ProgramData\Amazon\AmazonCloudWatchAgent\credentials`”” -Force
    3. Specify targets.
    4. Disable the S3 bucket and RUN.
  4. Configure Parameters:
    1. Put Parameters json file to the Parameter Store.
  5. Push configuration and Launch :
    1. Run Command From System Manager, search for AmazonCloudWatch-ManageAgent package.
    2. Action: configure
    3. Mode: onPremise
    4. Optional: ssm
    5. Configuration Location: AmazonCloudWatch-windows
    6. Optional Restart: yes

    7. Specify targets.
    8. Disable the S3 bucket and RUN.
Access to CloudWatch Events:
  1. Open AWS CloudWatch console at https://console.aws.amazon.com/cloudwatch
  2. Select ‘Metrics’ from the left navigation bar. You will see 4 tabs on the right side. Select the first tab ‘All metrics’ and make sure the region is e.g. N.Virginia.
  3. Here you will see custom Namespaces ‘CWAgent’, click on it. Now it will show multiple subfolders, select ‘host, instance, objectname’ and you will see hostname WSAMZN-IOU56NBQ in the list.
  4. Select any of the available metrics and it will show a graph on top.
  5. The fastest way to find any metric for a host is to search the hostname when you click on Metrics on the left navigation bar.
  6. You can also search with a metric name. For example, search with “Memory % Committed Bytes In Use” to find Memory utilization for systems.
Debug: Logs: C:ProgramDataAmazonAmazonCloudWatchAgentLogs Config: C:ProgramDataAmazonAmazonCloudWatchAgent Test Connection: Test-NetConnection -ComputerName ec2.us-east-1.amazonaws.com -Port 443 Test-NetConnection -ComputerName logs.us-east-1.amazonaws.com -Port 443 Test-NetConnection -ComputerName monitoring.us-east-1.amazonaws.com -Port 443

Microsoft Certified Trainer, Office 365, AWS, Azure and Cloud Expert-Architect. In the IT world for over than 20 years.

Apart from the main area of Microsoft Azure expert in the field of infrastructure servers Windows Server 2003-2019, Microsoft Active Directory, Hyper-V Private Cloud, IIS, System Center, SQL.

Private Cloud, System Center, Hyper-V, Open Stack Expert and all Microsoft products Expert. Linux Server administrator.

My Azure community projects:

https://mazeball.azurewebsites.net/
https://github.com/MariuszFerdyn?tab=repositories

More