Various parts of the platform utilize the data received from CloudWatch to populate. When an AWS account is configured within the platform, CloudWatch collection is enabled by default -
As long as the AWS IAM Policy is correctly configured to allow CloudWatch access and this option is enabled within the platform, we will by default gather CloudWatch metrics for the following asset types -
- EC2 Instances (Basic Only)
- EBS Volumes
- S3 Buckets
- Elastic Load Balancers (ELB)
- RDS Instances
- DynamoDB
Leaving CloudWatch enabled allows us to populate the following metrics reports -
These metrics are also used in the following areas of the Platform -
- Governance Policies
- Performance reports
- Rightsizing
- Asset Report Metrics
What is the impact of disabling access?
If the CloudWatch Optional collection is disabled under an AWS account within the platform we will no longer collect any associated metrics via the AWS API for assets that belong to this account.
This is the reason Rightsizing reports can contain assets with no score.