Edit me

How to Install Amazon CloudWatch Agent on an EC2 Instance for Enhanced Rightsizing Recommendations

This document provides step-by-step instructions for installing and configuring the CloudWatch agent on a Linux-based EC2 instance, to enable memory metrics for nOps Enhanced Rightsizing Recommendations.


Before proceeding with installation, ensure the following prerequisites are met:

  • IAM role on EC2 with assigned permission of “CloudWatchAgentServerPolicy”

  • Attach IAM Role to EC2

If the IAM role’s permission is not configured, follow the below steps 

  • Create an IAM Role 

  • IAM > Roles and Create role

  • Service or use case SELECT EC2 and click Next

  • In Permissions policies select CloudWatchAgentServerPolicy and click Next

  • Enter role Name and Save 

To Attach the IAM role to the EC2 instance, follow the following steps: 

  • Select EC2 from the action menu, select Security and Modify IAM Role

Note: if you have already any IAM role attached to the EC2 instance, then you just need to add the “CloudWatchAgentServerPolicy” permission for that role. Also, This technical document is based on  Amazon Linux. The commands may be different for Ubuntu.

Installation Steps

  1. Connect to the EC2 Instance: Log in to the EC2 instance using SSH or AWS CLI.

  2. Ensure that AWS CLI is installed using syntax:

    aws –version

This command checks the version of the AWS CLI installed on the instance.

  1. To Install CloudWatch Agent:
  • Run following the command in the shell  sudo yum install amazon-cloudwatch-agent

  • Confirm the installation when prompted:

  • Is this ok [y/n]: y

4. Execute the configuration wizard using the following command:

sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-config-wizard </b> Once the wizard starts, follow the configuration steps provided below.

Configuration Steps

  • OS Selection: Choose “Linux” as the operating system.

  • Environment Type: Select “EC2” for the hosting environment.

  • User Setup: Choose a user with the necessary access to run the agent.

  • StatsD Daemon: Enable StatsD daemon with default configurations.

  • Metrics Collection:

    • CollectD: Choose “No” if not using CollectD.

    • Host Metrics: Yes

    • CPU Metrics: Enable CPU metrics per core.

    • Memory Metrics: Enable monitoring of memory metrics.

    • EC2 Dimensions: Add EC2 dimensions to all metrics if available.

    • Resolution: Collect metrics at high resolution (sub-minute resolution).

    • Default Metrics Configuration: Choose “Basic” for detailed metric configuration.

  • Confirm the configuration settings and proceed with the wizard.

5. Ensure the status is active.

sudo amazon-cloudwatch-agent-ctl -a status </b>

  1. To start CloudWatch Agent

    sudo amazon-cloudwatch-agent-ctl -a start

Note: Following successful configuration, it is important to note that there may be a delay of a few hours before the matrix reflects accurately on CloudWatch. This delay is attributed to various background processes and data synchronization procedures.

7. Viewing memory metrics in the CloudWatch Console:

  • Go to the AWS Management Console

  • Navigate to CloudWatch > Metrics in the left sidebar.

  • Under Browse, select CWAgent or EC2 depending on your setup.

  • Choose the specific instance for which you want to view memory metrics.

Note: Upon the display of the memory matrix on AWS, the enhanced recommendation functionality will undergo automatic synchronization with nOps. This synchronization process will be triggered once a minimum dataset of 360 hours becomes available within a 30-day timeframe, sufficient for rightsizing analysis.


I have already installed the CloudWatch agent on my EC2 instance, but I don’t see memory metrics available. What could be the issue?

If you have already installed the CloudWatch Agent but are not seeing memory metrics, there are several possible causes. Below are steps to troubleshoot and resolve the problem:

  1. Check IAM Role Permissions:

    1. Ensure that the IAM role assigned to the EC2 instance has the necessary permissions.

    2. Verify that the IAM role includes the “CloudWatchAgentServerPolicy” permission to allow the CloudWatch Agent to collect and publish metrics to CloudWatch.

  2. Verify CloudWatch Configuration:

    1. Review the CloudWatch Agent configuration file (/opt/aws/amazon-cloudwatch-agent/bin/config.json) to confirm that metrics such as memory are enabled for collection. Use the following command: 

      nano /opt/aws/amazon-cloudwatch-agent/bin/config.json

  • And verify the below code should be in the config file:

      "mem": {
               "metrics_collection_interval": 60

Back to top       Home
Tags: essentials