Amazon CloudWatch Integration Guide | PagerDuty

Integration Overview

Amazon CloudWatch provides monitoring for AWS resources and customer-run applications. The service can collect data, gain insight, and alert users to fix problems within applications and organizations. Amazon CloudWatch gives system-wide visibility into resource utilization and notifications can be set for when any metrics cross a specified threshold. These alarms can be automatically sent to PagerDuty, which then reliably alerts the correct on-call person through their preferred contact methods.

Follow the instructions below to configure Amazon CloudWatch with PagerDuty. Note that this integration expects to find in the Message property a nested JSON-encoded object; if this is not received, no alert will trigger. If you have any questions or need any assistance, please contact our Support team.



This integration is available for Amazon CloudWatch on AWS Cloud or AWS Outpost.

In PagerDuty

There are two ways that Amazon CloudWatch can be integrated with PagerDuty: via Event Rules or through an integration on a PagerDuty Service.

Integrating with Event Rules

Integrating with global or service-level event rules may be beneficial if you want to build different rules based on the payload coming from AWS. If you would like to learn more, please visit our article on Rulesets.

Configure a Global Event Rules Integration

  1. From the Services menu, select Event Rules and click your Default Global Ruleset.
  2. On the Event Rules screen, copy your Integration Key.
  1. Once you have your Integration Key, the Integration URL will be:[YOUR_INTEGRATION_KEY_HERE]

You can now proceed to the In the AWS Management Console section below.

Configure a Service Event Rules Integration

To use service-level event rules:

  1. Navigate to Services Service Directory select your preferred service Integrations tab Add a new integration.
  2. Enter an Integration Name, select Use our API directly and select your preferred Events API version (Events API v2 or Events API v1). Click Add Integration.
  3. Find the new integration in your integrations list and click its name. On the next page, copy the Integration Key and paste it into the following URL:[YOUR_INTEGRATION_KEY_HERE]/enqueue

You can now proceed to the In the AWS Management Console section below.

Integrating with a PagerDuty Service

Integrating with a PagerDuty Service directly can be beneficial if you don’t need to route alerts from AWS to different responders based on the event payload. You can still use service-level event rules to perform actions such as suppressing.

  1. From the Services menu, select Service Directory.
  2. On your Services page: If you are creating a new service for your integration, click +Add New Service. It is recommended that you create a service specifically for Amazon CloudWatch notifications.

If you are adding your integration to an existing service, click the name of the service you want to add the integration to. Then click the Integrations tab and click the Add a new integration link.

  1. Select Amazon CloudWatch from the Integration Type menu and enter an Integration Name.
    If you are creating a new service for your integration, in General Settings, enter a Name for your new service. Then, in Incident Settings, specify the Escalation Policy, Notification Urgency, and Incident Behavior for your new service.
  2. Click the Add Service or Add Integration button to save your new integration. You will be redirected to the Integrations page for your service.
  3. Copy the Integration URL for your new integration.

In the AWS Management Console

  1. In the Services search bar, search and select Simple Notification Service (SNS). On the SNS dashboard, select Topics and click Create Topic. This will be used to route alerts to PagerDuty from AWS.
  1. Enter a Topic name (you may want to name your topic after your PagerDuty service’s name) and Display name, then click Create topic.
  2. Now that your topic has been created, Select Subscriptions in the left hand menu and click Create Subscription.
  3. Make sure HTTPS is the selected Protocol. Paste your Integration URL from step 5 of Integrating with a PagerDuty Service (above) into the Endpoint field, ensure that the Enable raw message delivery checkbox is unchecked and click Create Subscription.
  4. Your subscription should be automatically confirmed. Click the refresh icon to make sure the Subscription ID is not PendingConfirmation.
  5. Next, navigate to Services and search and select EC2. In your EC2 dashboard, select Instances, click your instance's checkbox, click Actions, select CloudWatch Monitoring, and click Add/Edit Alarms.
  6. Click Create Alarm.
  7. Select your notification from the dropdown menu, configure the settings that you would like to use for the alarm, and click Create Alarm.
  1. At this point, you will receive alerts in PagerDuty for when an alarm has reported a critical alert, but the PagerDuty incident will not be resolved when the alarm clears. To enable automatic resolution in PagerDuty when an alarm clears, select your instance, click the Actions button, click CloudWatch Monitoring, and select Add/Edit Alarms again.
  2. You will see the alarm that you created earlier. Click view under More Options.
  3. Select your alarm, click the Actions button, then click Modify.
  4. On the Modify Alarm screen, verify your alarm threshold and settings. Add a new Action to Send Notification(s) when the alarm state reaches ALARM, by clicking + Notification.
  1. Add a notification for the OK state and check that your ALARM state notification is correct. Ensure both notifications are being sent to the Topic created earlier in the integration. Make sure to click Save Changes.
  1. You should then see a confirmation dialog that your Alarm was saved successfully.
  2. Congratulations! You have now integrated Amazon CloudWatch with PagerDuty! Now when your alarm threshold is met, an incident will be triggered within PagerDuty.
  1. Once that alarm is back in an OK state, the incident will automatically resolve within PagerDuty.


What alarm statuses affect PagerDuty incidents?

An alarm with status ALARM will trigger incidents, and status OK will resolve them. Alarms with status INSUFFICIENT_DATA will only trigger PagerDuty incidents. If you need INSUFFICIENT_DATA to resolve an incident, we recommend using an email integration instead.

If I use an email integration, how can I verify my PagerDuty service’s email address?

If you send a confirmation email to your service’s PagerDuty address, you will be able to view the message body and verify that address from the PagerDuty console. To do so, find the incident that is created by the email and view its details to verify the email address.

The link to verify will be in the incident details. The SNS confirmation page requires JavaScript, which can not be executed in the iframe the message is rendered in. To confirm your subscription, open the confirmation link in a new tab or window by right-clicking on the link and choosing Open Link in New Tab/Window.

How can I change how events from CloudWatch are deduplicated into PagerDuty?

Navigate to your PagerDuty Service click the Integrations tab click the to the right of your Amazon CloudWatch integration click Edit change the value for the Correlate events by option.

Why are my CloudWatch events not triggering incidents in PagerDuty?

Events that are not sent properly from CloudWatch will be dropped and will not trigger alerts in PagerDuty. This integration expects to find in the Message property a nested JSON-encoded object from which meaningful data about the alert can be extracted to compose the PagerDuty incident. You can find details on Amazon's SNS Message attributes here.

AWS also has some troubleshooting docs on their side which outline some things to look for on the CloudWatch side.

Updated about a month ago

Amazon CloudWatch Integration Guide | PagerDuty

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.