Skip to main content
Amazon CloudWatch is AWS’s monitoring and observability service that helps you observe your applications and infrastructure resources. Aiven provides integrations that enable you to include Aiven service data into Amazon CloudWatch metrics and logs.

Integration types

Aiven supports two types of CloudWatch integrations:
  • CloudWatch Metrics - Send service performance metrics to CloudWatch
  • CloudWatch Logs - Stream service logs to CloudWatch log groups

CloudWatch metrics integration

Prerequisites

  • An AWS account and the region it is in
  • An Aiven account with a service running
  • AWS Access Key and Secret Key
To generate your AWS credentials:
  1. Open your AWS console under the IAM dashboard
  2. Click Users and open the Security credentials tab
  3. Choose Create access key
  4. Click Download and keep the file secure

Configure the metrics endpoint

1

Access integration endpoints

In your Aiven project, click Integration endpoints.
2

Create CloudWatch endpoint

Click AWS CloudWatch Metrics and select Add a new endpoint or Create new.
3

Configure endpoint settings

Enter the following details:
  • Endpoint name - Reference name for this integration
  • CloudWatch Namespace - Organize your metrics in different spaces
  • Access Key - Your AWS access key
  • Secret Key - Your AWS secret key
  • Region - Your AWS account region
4

Save endpoint

Click Create to save the endpoint configuration.

Enable metrics on a service

1

Open service integrations

From your service page, click Integrations.
2

Select CloudWatch Metrics

Choose the Amazon CloudWatch Metrics option.
3

Choose endpoint

Select the endpoint you created by its Endpoint name and click Continue.
4

Customize metrics

Select which metric groups or individual metric fields to send to CloudWatch.
5

Verify in AWS

Go to your AWS CloudWatch console and check the Metrics section. Data may take a few minutes to arrive.

CloudWatch logs integration

Prerequisites

  • An AWS account with the region configured
  • An Aiven account with a running service
  • AWS Access Key and Secret Key with appropriate permissions
Your AWS credentials must have the following permissions:
  • logs:DescribeLogStreams - List log streams for the log group
  • logs:CreateLogGroup - Create log groups
  • logs:CreateLogStream - Create log streams
  • logs:PutLogEvents - Upload log events to streams
See the CloudWatch API documentation for more information.

Configure using Aiven Console

1

Create logs endpoint

In the Aiven Console, select Integration endpoints and choose AWS CloudWatch Logs.
2

Add new endpoint

Select Add new endpoint or Create new and configure:
  • Endpoint name - Reference name for this integration
  • Access Key - Your AWS access key
  • Secret Key - Your AWS secret key
  • Region - Your AWS account region
  • Log Group Name - (Optional) Where log streams are grouped. If not provided, it will be generated.
3

Save endpoint

Select Create to save the endpoint.
4

Enable on service

In your service, select Integrations and choose Amazon CloudWatch Logs.
5

Select endpoint

Pick the endpoint by its Endpoint name and choose Enable.
6

Verify logs

Visit your AWS CloudWatch console and check the Logs section. Data should appear within a few minutes.

Configure using Aiven CLI

avn service integration-endpoint-create --project PROJECT \
   -d ENDPOINT_NAME -t external_aws_cloudwatch_logs \
   -c log_group_name=LOG_GROUP_NAME \
   -c access_key=AWS_ACCESS_KEY \
   -c secret_key=AWS_SECRET_ACCESS_KEY \
   -c region=AWS_REGION

Parameters

VariableDescription
PROJECTAiven project where your endpoint is saved
ENDPOINT_NAMEReference name for this log integration
LOG_GROUP_NAME(Optional) Group for log streams on CloudWatch
AWS_REGIONAWS region of your account
AWS_ACCESS_KEYYour AWS access key ID
AWS_SECRET_ACCESS_KEYYour AWS secret access key
AIVEN_SERVICE_NAMEAiven service name to send logs from
ENDPOINT_IDID of the integration endpoint

Troubleshooting

Metrics not appearing

  • Verify your AWS credentials have the correct permissions
  • Check that the CloudWatch namespace is correctly configured
  • Allow a few minutes for initial data to appear
  • Ensure the service integration is enabled

Logs not streaming

  • Confirm AWS credentials have all required CloudWatch Logs permissions
  • Verify the AWS region matches your CloudWatch configuration
  • Check log group name doesn’t conflict with existing groups
  • Review AWS CloudWatch Logs service limits

Build docs developers (and LLMs) love

Get started for freeTalk to us