AWS Cloud Operations Blog

Visualize AWS Health events using HAQM Managed Grafana

Introduction

In this blog post you will learn how to visualize AWS Health events using HAQM Managed Grafana to gain deeper insights across multiple Health events in a centralized place. When used in conjunction with AWS Health, Grafana can enhance the ability to respond to issues, optimize performance, and ensure the overall Health of the AWS environment. The solution provided in this post will reduce the time and effort in managing and monitoring different communication channels and will provide a single place for monitoring in a near real time visibility. This solution can be further enhanced by allowing you to create customized dashboards and alerts based on specific Health event Criteria.

AWS Health is a service that helps you stay informed about the status of your AWS resources and services. It does this by consolidating information from various AWS services, like HAQM CloudWatch, AWS Trusted Advisor, and AWS Personal Health Dashboard, to deliver a unified view of your AWS environment and potential issues. This consolidated view helps you proactively manage your resources and take appropriate action in case of any disruptions or potential risks.

Architecture Overview

The following architecture diagram highlights the AWS services used in the solution:

AWS Architecture diagram showing solution overview

Figure 1: AWS Architecture diagram showing solution overview

In the solution, you are ingesting AWS Health events via HAQM Event Bridge rules and the HAQM Kinesis Firehose  service to stream the real-time Health event into an HAQM S3 bucket.  These events are extracted and loaded into AWS Glue Data catalogue and uses HAQM Athena to build a Managed Grafana dashboard to visualize the events in near real time.

Prerequisites

You will need the following resources for this solution:

  1. Setting up HAQM Athena workgroups with HAQM Grafana pre-requisites.
  2. By default, the permissions required by the HAQM S3 to access the underlying data source of an Athena query are not included in this managed policy. You must add the necessary permissions for the HAQM S3 buckets manually, on a case-by-case basis by referring to the HAQM Athena Prerequisites.
  3. HAQM  Managed Grafana workspace. For information, and steps for creating the  HAQM Managed Grafana workspace, see Creating a Workspace.

 a.     HAQM Managed Grafana lets you to configure user access through AWS IAM Identity Center or other SAML based Identity Providers (IdP). Review HAQM Managed Grafana supports direct SAML integration with identity providers.

b.     In this post, you’re using the AWS IAM Identity Center option with HAQM Managed Grafana. To set up Authentication and Authorization, follow the instructions in the HAQM Managed Grafana User Guide to enable AWS IAM Identity Center.

c.     To use AWS data source configuration, first use the HAQM Managed Grafana console to enable service-managed AWS Identity and Access Management (IAM) roles that grants the workspace with AWS IAM policies necessary to access resources in your AWS Account/Organization. Then, use the HAQM Managed Grafana workspace console to add  the HAQM Athena data source.

Walk-through

Step 1: Launch the AWS CloudFormation Template

Download and launch this AWS CloudFormation Template to deploy Lambda, Glue Crawler, Glue Database and its related components.

Note: Some of the resources that this stack deploys incur costs when in use.

To create your resources using AWS CloudFormation template, complete the following steps:

  1. Sign in to the AWS Management Console.
  2. Navigate to the AWS CloudFormation console > Create Stack > “With new resources”.
  3. Upload the yaml template file and choose Next.
  4. Specify a “Stack name” and choose Next.
  5. Leave the “Configure stack options” at default values and choose Next.
  6. Review the details on the final screen and under “Capabilities” check the box for “I acknowledge that AWS CloudFormation might create IAM resources with custom names”.
  7. Choose Submit.
Acknowledgement

Figure 2: Acknowledgement

Note: You can review the progress of your new stack under AWS CloudFormation > Stacks > Stack_Name > Events tab

Upon successful creation of the Stack, you will notice the deployment of the following resources within the Resources section of CloudFormation: HAQM EventBridge Scheduler, an AWS Lambda Function, an HAQM S3 Bucket, an AWS Glue Crawler, an HAQM Athena Query, and AWS IAM Roles and Policies.

Note: Please keep in mind that after the completion of the mentioned CloudFormation (CFN) setup, it is essential to wait for an AWS Health event to be received by your EventBridge.

Step 2: Follow the below steps to create HAQM Athena view from saved queries

  1. Open HAQM Athena console.
  2. In the Query editor, open the saved queries tab and select the query named AWS_Health_Summary_View.
  3. Run the query to create a View named as AWS_Health_View.
HAQM Athena Query Editor

Figure 3: HAQM Athena Query Editor

Step 3: Configuring HAQM Athena data Source in HAQM Managed Grafana

To Configure HAQM Athena as data source in HAQM Managed Grafana:

  1. Launch the HAQM Managed Grafana console using the Grafana workspace URL and login using the user credentials you configured.
  2. Under Administration > Data sources > choose HAQM Athena.
  3. Configure the HAQM Athena settings by choosing Default Region (us-east-1), Data source (AWSDataCatalog), Workgroup (primary) and the Output Location of your Athena query.
  4. Choose Save & test to verify that the data source is working. Start querying and visualizing the metrics from the AWS environment.

Note: In case you receive a permission denied error, verify the Grafana service role permissions discussed in the previous step.

Image representing how to add data source in Grafana

Figure 4: Image representing how to add data source in Grafana

  1. Choose  Save & Test

Step 4: Create an HAQM Managed Grafana Dashboard using Athena as a data source

You will use HAQM Managed Grafana to create a new AWS Health dashboard. Now that you have completed all the previous steps successfully, we will create HAQM Managed Grafana dashboard by following below-mentioned steps:

  1. Download the Health dashboard JSON file from this GitHub Repository.
  2. To import a dashboard, choose the “+” or go to the Dashboards tab on the HAQM Managed Grafana console and choose Import.
  3. Copy and paste the contents of the JSON file into the Import via panel JSON textbox and choose Load.

Note: You can either upload a dashboard JSON file, paste a dashboard URL or paste dashboard JSON text directly into the text area and choose Load

Importing JSON in Grafana

Figure 5: Importing JSON in Grafana

Naming your Grafana dashboard

Figure 6: Naming your Grafana dashboard

Learn more about Exporting and importing dashboards.

Step 5: Analyse AWS Health metrics using Grafana dashboard

Now your Grafana dashboard is setup and configured to refresh every 5 minutes. This dashboard runs a query against the materialized views created in HAQM Athena and provides us with the visibility on below events:

Incident Awareness: Get timely notifications about service disruptions, enabling you to take appropriate action or make necessary adjustments to your applications.

Maintenance Visibility: Be informed about upcoming maintenance activities that might impact your resources, helping you plan and manage potential downtime.

Service Performance Insights: Access historical data about service performance to analyse trends and identify potential issues.

You can further enhance this dashboard by customizing it as per your business use-case.

Image representing AWS Health events in Grafana dashboard

Figure 7: Image representing AWS Health events in Grafana dashboard

Clean up

To avoid incurring future charges, delete all resources used in this post.

Conclusion

In this blog post, you learned how to build AWS Health event dashboard on HAQM Managed Grafana. You reviewed how one can create a single-pane-of-glass visibility to track AWS Health events in near real-time. This will help your cloud operations team by providing ongoing visibility into your resource performance and the availability of your AWS services and accounts. You can use this dashboard to learn how service and resource changes might affect your applications running on AWS. You can get hands-on experience with the AWS observability services using the One Observability Workshop.

About the authors:

Rajat Agarwal

Rajat is a Technical Account Manager at AWS committed to accelerate the cloud journey for AWS Global Enterprise customers. He has 10+ years of industry experience across Bigdata, ETL, Systems administration, cloud operations and cloud infrastructure management. He is passionate about cloud technologies and strives to leverage them towards his customers’ success on AWS cloud.

Alok Bhatnagar

Alok is a Technical Account Manager at HAQM Web Services. He has more than 19 years of industry experience including roles in application infra architecture, software design development with expertise on cloud native architecture. He has experience in working with global customers to help in their journey to cloud through migration and modernisation. He has worked with various customers and help them successfully exit the on Prem data centre.

Yash Bindlish

Yash is a Enterprise Support Manager at HAQM Web Services. He has more than 17 years of industry experience including roles in cloud architecture, systems engineering, and infrastructure. He works with Global Enterprise customers and help them build, scalable, modern and cost effective solutions on their growth journey with AWS. He loves solving complex problems with his solution-oriented approach.