- Newest
- Most votes
- Most comments
Hello there,
Thanks for your question.
I do not see any error on the documentation for the AnomalyDetector resource for CloudWatch service on CloudFormation documents. So what happens is that when we want to use Anomaly Detector on CloudWatch Alarm firstly we need define the Anomaly Detector model to be created(whether it is for single Metric or a MetricMath) which is what we are doing with the section of "Type": "AWS::CloudWatch::AnomalyDetector", and then we are referencing the Anomaly detection to be used for the metrics/MetricMath function on the Alarm configuration.
With the information you have provided, I have come up with below example CloudFormation Template and tested to create CW Alarm that is using MetricMathAnomalyDetector.
{
"AWSTemplateFormatVersion": "2010-09-09",
"Parameters": {
"Instance1": {
"Description": "The EC2 instance ID to associate this alarm with.",
"Type": "AWS::EC2::Instance::Id"
},
"Instance2": {
"Description": "The EC2 instance ID to associate this alarm with.",
"Type": "AWS::EC2::Instance::Id"
}
},
"Resources": {
"ConfigFetchAnomalyDetector": {
"Type": "AWS::CloudWatch::AnomalyDetector",
"Properties": {
"MetricMathAnomalyDetector": {
"MetricDataQueries": [{
"Id": "m1",
"Label": "m1",
"MetricStat": {
"Metric": {
"MetricName": "CPUUtilization",
"Dimensions": [{
"Name": "InstanceId",
"Value": {
"Ref": "Instance1"
}
}],
"Namespace": "AWS/EC2"
},
"Period": 60,
"Stat": "Average"
},
"ReturnData": false
}, {
"Id": "m2",
"Label": "m2",
"MetricStat": {
"Metric": {
"MetricName": "CPUUtilization",
"Dimensions": [{
"Name": "InstanceId",
"Value": {
"Ref": "Instance2"
}
}],
"Namespace": "AWS/EC2"
},
"Period": 60,
"Stat": "Average"
},
"ReturnData": false
}, {
"Id": "e1",
"Label": "Total of Values",
"Expression": "m1 + m2",
"ReturnData": true
}]
},
"Configuration": {
"MetricTimeZone": "Europe/London",
"ExcludedTimeRanges": [{
"StartTime": "2022-08-11T00:00:00",
"EndTime": "2022-08-11T23:59:59"
}]
}
}
},
"EC2AnomalyDetectionAlarm": {
"Type": "AWS::CloudWatch::Alarm",
"Properties": {
"AlarmDescription": "EC2AnomalyDetectionAlarm",
"AlarmName": "EC2AnomalyDetectionAlarm",
"ComparisonOperator": "LessThanLowerOrGreaterThanUpperThreshold",
"EvaluationPeriods": 1,
"Metrics": [{
"Expression": "ANOMALY_DETECTION_BAND(e1, 2)",
"Id": "ad1"
}, {
"Id": "e1",
"Label": "Total of Values",
"Expression": "m1 + m2",
"ReturnData": true
}, {
"Id": "m1",
"Label": "m1",
"MetricStat": {
"Metric": {
"MetricName": "CPUUtilization",
"Dimensions": [{
"Name": "InstanceId",
"Value": {
"Ref": "Instance1"
}
}],
"Namespace": "AWS/EC2"
},
"Period": 60,
"Stat": "Average"
},
"ReturnData": false
}, {
"Id": "m2",
"Label": "m2",
"MetricStat": {
"Metric": {
"MetricName": "CPUUtilization",
"Dimensions": [{
"Name": "InstanceId",
"Value": {
"Ref": "Instance2"
}
}],
"Namespace": "AWS/EC2"
},
"Period": 60,
"Stat": "Average"
},
"ReturnData": false
}],
"ThresholdMetricId": "ad1",
"TreatMissingData": "breaching"
}
}
}
}
Once you create the Alarm you can see the Anomaly Detection model with below AWS CLI command and see how the model is configured:
# aws cloudwatch describe-anomaly-detectors --anomaly-detector-types METRIC_MATH
If you have any further questions, please post it as a comment and I am happy to help you further.
I trust that you find above information helpful. Have an AWSome day ahead!
Thanks
Relevant content
AWS OFFICIALUpdated 2 months ago- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 7 months ago
I have the same question as OP and I could use some clarification. The link between the "AnomalyDetector" and the "Alarm" is unclear to the point of seeming non-existent.
I took the example from the documentation, completely removed the AnomalyDetector, and it appears to have created exactly what I wanted. If I can get what I want without creating the AnomalyDetector, what's the point of the AnomalyDetector? Surely I'm missing some important nuance, but I can't see what it is. Any help would be greatly appreciated.
See below for the code that appears to build everything I need.