top of page
Search

Monitor AWS EC2 Instance Using CloudWatch and Grafana

Monitoring EC2 instances is a basic but critical task for every DevOps engineer. AWS provides CloudWatch for collecting metrics, and Grafana makes visualisation simple and powerful.

In this blog, we will learn how to monitor an AWS EC2 instance using CloudWatch and Grafana, step by step, in a clean and practical way.


🧩 Architecture Overview


AWS workflow diagram: EC2 Instance to CloudWatch (Metrics & Logs) to Grafana (Data Source) to Dashboards & Alerts (Visualizations & Rules).

✅ Prerequisites


Before starting, make sure you have:

  • An AWS account

  • A running EC2 instance

  • IAM user with programmatic access

  • Grafana installed (self-hosted or Grafana Cloud)

  • AWS access key & secret key


Step 1: Enable CloudWatch Monitoring for EC2


By default, AWS sends basic monitoring metrics every 5 minutes.


To enable detailed monitoring (recommended):

  1. Go to EC2 → Instances

  2. Select your instance

  3. Click Actions → Manange detailed monitoring

  4. Enable Detailed monitoring

AWS EC2 dashboard showing an instance named Builddevops-server1 running with details on instance ID, type, and IP addresses.

AWS EC2 console displaying a popup for enabling detailed monitoring on instance Builddevops-server1. Checkbox for Enable is selected.

This enables:

  • CPU Utilization

  • Network In / Out

  • Disk Read / Write

  • Status Check metrics (1-minute interval)


Step 2: Create / Update IAM User Permissions


Grafana needs permission to read CloudWatch Metrics and Logs.

Attach the following policy to your IAM user:


✅ IAM Policy for Grafana (Recommended)

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "cloudwatch:GetMetricData",
        "cloudwatch:GetMetricStatistics",
        "cloudwatch:ListMetrics",
        "logs:DescribeLogGroups",
        "logs:DescribeLogStreams",
        "logs:GetLogEvents",
        "logs:FilterLogEvents",
        "ec2:DescribeInstances",
        "ec2:DescribeRegions",
        "tag:GetResources"
      ],
      "Resource": "*"
    }
  ]
}
AWS IAM console showing user permissions for "builddevops_user." JSON policy details visible. Text: "Builddevopspolicy."
AWS IAM policy editor screen showing JSON code for specifying permissions, with options for editing. Grey and blue interface.

📌 This policy allows:

  • Reading EC2 metrics

  • Reading CloudWatch logs

  • Discovering EC2 instances

  • Viewing tags (useful for filtering)


Step 3: Add CloudWatch as Data Source in Grafana


  1. Login to Grafana

  2. Go to Configuration → Data Sources

  3. Click Add data source

  4. Select CloudWatch


Configure as below:

Field

Value

Authentication Provider

Access & Secret Key

Access Key

Your AWS access key

Secret Key

Your AWS secret key

Default Region

ap-south-1 (or your region)

Assume Role ARN

Leave empty

Click Save & Test


Web interface showing CloudWatch connection details with fields for authentication, region, and log settings in a dark theme.

✅ You should see:

Successfully queried the CloudWatch matrics API.
Grafana interface showing CloudWatch connection settings. Text indicates no X-ray datasource linked. Success messages are in green and red buttons.

Step 4: Import EC2 Dashboard


Grafana provides ready-made dashboards for AWS EC2.


Import Dashboard

  1. Go to Dashboards → Import

  2. Enter Dashboard ID:

1860

  1. Select:

    • Data source → CloudWatch

    • Region → Your AWS region

    • Instance → Your EC2 instance

Dark interface showing "Select data source" menu in Grafana. Options include CloudWatch and Prometheus. URLs and buttons visible.

  1. Click Import

Dark Grafana import screen shows "Importing dashboard from Grafana.com" with options for "Builddevops EC2 Stack." Red UID error alerts.

🎉 Result

You will now see a live dashboard showing:


  • CPU Utilization

  • Network In / Out

  • Disk Read / Write

  • Instance status checks

  • EC2 health metrics

Graph dashboard showing CPU and network traffic for Amazon EC2. Two line graphs depict metrics over time with minimal fluctuations.

Dashboard displaying four network graphs with green lines. Metrics include inbound and outbound traffic and packets for an instance ID.

All updated in real time from CloudWatch.


Conclusion


By integrating AWS CloudWatch with Grafana, you can easily monitor EC2 performance metrics in real time using powerful and interactive dashboards. This setup helps you gain better visibility into system health, detect issues early, and improve overall infrastructure reliability with minimal effort.

Comments

Rated 0 out of 5 stars.
No ratings yet
Add a rating
bottom of page