# Monitoring deployments with Amazon CloudWatch tools
<a name="monitoring-cloudwatch"></a>

You can monitor CodeDeploy deployments using the following CloudWatch tools: Amazon CloudWatch Events, CloudWatch alarms, and Amazon CloudWatch Logs. 

Reviewing the logs created by the CodeDeploy agent and deployments can help you troubleshoot the causes of deployment failures. As an alternative to reviewing CodeDeploy logs on one instance at a time, you can use CloudWatch Logs to monitor all logs in a central location.

For information about using CloudWatch alarms and CloudWatch Events to monitor your CodeDeploy deployments, see the following topics. 

**Topics**
+ [Monitoring deployments with CloudWatch alarms in CodeDeploy](monitoring-create-alarms.md)
+ [Monitoring deployments with Amazon CloudWatch Events](monitoring-cloudwatch-events.md)

# Monitoring deployments with CloudWatch alarms in CodeDeploy
<a name="monitoring-create-alarms"></a>

You can create a CloudWatch alarm for an instance or Amazon EC2 Auto Scaling group you are using in your CodeDeploy operations. An alarm watches a single metric over a time period you specify and performs one or more actions based on the value of the metric relative to a given threshold over a number of time periods. CloudWatch alarms invoke actions when their state changes (for example, from `OK` to `ALARM`).

Using native CloudWatch alarm functionality, you can specify any of the actions supported by CloudWatch when an instance you are using in a deployment fails, such as sending an Amazon SNS notification or stopping, terminating, rebooting, or recovering an instance. For your CodeDeploy operations, you can configure a deployment group to stop a deployment whenever any CloudWatch alarm you associate with the deployment group is activated. 

You can associate up to ten CloudWatch alarms with a CodeDeploy deployment group. If any of the specified alarms are activated, the deployment stops, and the status is updated to Stopped. To use this option, you must grant CloudWatch permissions to your CodeDeploy service role.

For information about setting up CloudWatch alarms in the CloudWatch console, see [Creating Amazon CloudWatch alarms](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/AlarmThatSendsEmail.html) in the *Amazon CloudWatch User Guide*.

For information about associating a CloudWatch alarm with a deployment group in CodeDeploy, see [Create a deployment group with CodeDeploy](deployment-groups-create.md) and [Change deployment group settings with CodeDeploy](deployment-groups-edit.md).

**Topics**
+ [Grant CloudWatch permissions to a CodeDeploy service role](monitoring-create-alarms-grant-permissions.md)

# Grant CloudWatch permissions to a CodeDeploy service role
<a name="monitoring-create-alarms-grant-permissions"></a>

Before you can use CloudWatch alarm monitoring with your deployments, the service role you use in your CodeDeploy operations must be granted permission to access the CloudWatch resources. 

**To grant CloudWatch permissions to a service role**

1. Sign in to the AWS Management Console and open the IAM console at [https://console.aws.amazon.com/iam/](https://console.aws.amazon.com/iam/).

1. In the IAM console, in the navigation pane, choose **Roles**.

1. Choose the name of the service role you use in your AWS CodeDeploy operations.

1. On the **Permissions** tab, in the **Inline Policies** area, choose **Create Role Policy**.

   –or–

   If the **Create Role Policy** button is not available, expand the **Inline Policies** area, and then choose **click here**.

1. On the **Set Permissions** page, choose **Custom Policy**, and then choose **Select**.

1. On the **Review Policy** page, in the **Policy Name** field, type a name to identify this policy, such as `CWAlarms`.

1. Paste the following into the **Policy Document** field: 

------
#### [ JSON ]

****  

   ```
   {
       "Version":"2012-10-17",		 	 	 
       "Statement": [
           {
               "Effect": "Allow",
               "Action": "cloudwatch:DescribeAlarms",
               "Resource": "*"
           }
       ]
   }
   ```

------

1. Choose **Apply Policy**.

# Monitoring deployments with Amazon CloudWatch Events
<a name="monitoring-cloudwatch-events"></a>

You can use Amazon CloudWatch Events to detect and react to changes in the state of an instance or a deployment (an "event") in your CodeDeploy operations. Then, based on rules you create, CloudWatch Events will invoke one or more target actions when a deployment or instance enters the state you specify in a rule. Depending on the type of state change, you might want to send notifications, capture state information, take corrective action, initiate events, or take other actions. You can select the following types of targets when using CloudWatch Events as part of your CodeDeploy operations:
+ AWS Lambda functions
+  Kinesis streams
+ Amazon SQS queues
+ Built-in targets (`EC2 CreateSnapshot API call`, `EC2 RebootInstances API call`, `EC2 StopInstances API call` , and `EC2 TerminateInstances API call`)
+ Amazon SNS topics

The following are some use cases:
+ Use a Lambda function to pass a notification to a Slack channel whenever deployments fail.
+ Push data about deployments or instances to a Kinesis stream to support comprehensive, real-time status monitoring.
+ Use CloudWatch alarm actions to automatically stop, terminate, reboot, or recover Amazon EC2 instances when a deployment or instance event you specify occurs.

The remainder of this topic describes the basic procedure for creating a CloudWatch Events rule for CodeDeploy. Before you create event rules for use in your CodeDeploy operations, however, you should do the following:
+ Complete the CloudWatch Events prerequisites. For information, see [Amazon CloudWatch Events Prerequisites](https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/CWE_Prerequisites.html).
+ Familiarize yourself with events, rules, and targets in CloudWatch Events. For more information, see [What is Amazon CloudWatch Events?](https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/WhatIsCloudWatchEvents.html) and [New CloudWatch Events – Track and respond to changes to your AWS resources](https://aws.amazon.com/blogs/aws/new-cloudwatch-events-track-and-respond-to-changes-to-your-aws-resources/).
+ Create the target or targets you will use in your event rules. 

**To create a CloudWatch Events rule for CodeDeploy:**

1. Open the CloudWatch console at [https://console.aws.amazon.com/cloudwatch/](https://console.aws.amazon.com/cloudwatch/).

1. In the navigation pane, choose **Events**.

1. Choose **Create rule**, and then under **Event selector**, choose **AWS CodeDeploy**.

1. Specify a detail type:
   + To make a rule that applies to all state changes of both instances and deployments, choose **Any detail type**, and then skip to step 6.
   + To make a rule that applies to instances only, choose **Specific detail type**, and then choose **CodeDeploy Instance State-change Notification**.
   + To make a rule that applies to deployments only, choose **Specific detail type**, and then choose **CodeDeploy Deployment State-change Notification**.

1. Specify the state changes the rule applies to:
   + To make a rule that applies to all state changes, choose **Any state**.
   + To make a rule that applies to some state changes only, choose **Specific state(s)**, and then choose one or more status values from the list. The following table lists the status values you can choose:  
****    
[\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/codedeploy/latest/userguide/monitoring-cloudwatch-events.html)

1. Specify which CodeDeploy applications the rule applies to:
   + To make a rule that applies to all applications, choose **Any application**, and then skip to step 8.
   + To make a rule that applies to one application only, choose **Specific application**, and then choose the name of the application from the list.

1. Specify which deployment groups the rule applies to:
   + To make a rule that applies to all deployment groups associated with the selected application, choose **Any deployment group**.
   + To make a rule that applies to only one of the deployment groups associated with the selected application, choose **Specific deployment group(s)**, and then choose the name of the deployment group from the list.

1. Review your rule setup to make sure it meets your event-monitoring requirements.

1. In the **Targets** area, choose **Add target\$1**.

1. In the **Select target type** list, choose the type of target you have prepared to use with this rule, and then configure any additional options required by that type. 

1. Choose **Configure details**.

1. On the **Configure rule details** page, type a name and description for the rule, and then choose the **State** box to enable to rule now.

1. If you're satisfied with the rule, choose **Create rule**.