How to setup AWS Monitoring
How to Set Up AWS Monitoring in Cloudmon
Connect your AWS account to Cloudmon using read-only IAM credentials. Once connected, Cloudmon auto-discovers your resources and begins collecting metrics in real time.
Overview
This guide walks you through connecting your AWS account to Cloudmon for the first time. Once complete, Cloudmon will have read-only access to your AWS environment and will begin auto-discovering your resources.
Prerequisites
Before you begin, ensure the following are in place:
| Title | Description |
| AWS Account access | You must have IAM permissions to create users, roles, and attach policies |
| Cloudmon account | An active Cloudmon account with Cloud Monitoring license |
| Supported regions | All standard AWS regions are supported. |
| Services to monitor | Decide which services you want to monitor (EC2, RDS, S3, etc.) — you will scope IAM permissions accordingly |
How It Works
Cloudmon connects to your AWS account using a dedicated read-only IAM user or cross-account IAM role. It calls AWS CloudWatch and service-specific APIs at regular intervals to pull metrics, resource lists, and configuration data. Nothing is installed inside your AWS environment.
Configuration Steps
Step 1 — Create a Read-Only IAM Policy in AWS
Follow the AWS documentation to create a read-only IAM policy: Creating IAM policies — AWS documentation
Step 2 — Create an IAM User for Cloudmon
Follow the AWS documentation to create a programmatic IAM user and attach your policy: Creating an IAM user — AWS documentation
⚠️ Important: The Secret Access Key is shown only once. Store it securely before closing this screen.
Step 3 — (Optional) Use a Cross-Account IAM Role Instead
If your organization prefers IAM roles over IAM users (recommended for multi-account setups), follow the AWS documentation to create a cross-account IAM role: Creating a cross-account IAM role — AWS documentation
Step 4 — Add Your AWS Account in Cloudmon
- Log in to your Cloudmon dashboard
- Go to Cloud → AWS → Add AWS Account
- Select Amazon Web Services
- Fill in the form:
| Field | Value |
| Probe | Select the probe to monitor the AWS environment |
| Name | A friendly name (e.g. "Production AWS") |
| Access Key ID | From Step 2 (if using IAM User) |
| Secret Access Key | From Step 2 (if using IAM User) |
| Services | Select EC2, RDS, S3, or others as needed |
| Discovery Interval | From a list based on the requirement |
| Additional Options | Brings down a Region selection option |
| Notify Discovery (checkbox) | Notifies the user when the environment has been discovered |
| Notify to | Who should receive the notification |
| Tags | Any tags that could be associated with this AWS account |
- Click Validate & Save
- Cloudmon will test the credentials — a green checkmark confirms a successful connection
Step 5 — Discover Your Resources
- After saving, Cloudmon runs an initial auto-discovery scan
- Navigate to Cloud → AWS
- You will see all discovered resources grouped by service and region
- Click any resource to open its monitoring dashboard
What Gets Collected
- Performance metrics (CPU, memory, disk, network)
- Resource inventory (instance lists, config)
- Availability/status checks
- CloudWatch alarms state
Troubleshooting
| Symptom | Likely Cause | Fix |
| "Invalid credentials" error on validation | Access Key ID or Secret is incorrect | Re-enter credentials from the AWS IAM console |
| "Access Denied" on a specific service | IAM policy is missing a required permission | Add the missing action to CloudmonReadOnlyPolicy |
| Resources not appearing after discovery | Wrong region selected, or resources have no CloudWatch data | Check selected regions match where resources are deployed |
| Metrics showing gaps | CloudWatch detailed monitoring is not enabled on the instance | Enable detailed monitoring in AWS EC2 console (adds cost) |
| Role ARN validation fails | Cloudmon's account ID is not trusted in the role's trust policy | Re-check the trusted entity in the IAM role |
Related Articles
Actions in AWS Monitoring
Setup Guide Actions in AWS Monitoring Manage your connected AWS accounts — edit configuration, re-run discovery, enable or disable monitoring, or remove an account entirely. Overview All Actions in AWS monitoring are performed from the probe settings ...AWS Alarm Rules
Setup Guide Configuring Alarm Rules for AWS Set up alarms to be notified when your AWS resources exceed defined thresholds. Alarms can be configured at a group level or directly on individual monitored resources. Overview Cloudmon alarm rules work on ...Cloud Monitoring
Cloud Monitoring Monitor Your Entire Cloud Infrastructure with Cloudmon Gain full visibility into your AWS and Azure environments — all from a single pane of glass. Track performance, set intelligent alerts, and never miss a critical event across ...AWS Monitoring
Amazon Web Services AWS Cloud Monitoring with Cloudmon Connect your AWS account once and get full visibility into your AWS services such as EC2 instances, RDS databases, and S3 buckets — with real-time metrics, smart alerts, and historical ...What are the different modes of monitoring in cloudmon?
There are three modes of monitoring: agent-based and agentless monitoring