How easy is it to monitor your application endpoints for tracing and identifying problems and fix them before they impact your customers?
The canaries make this task easier for you. Canaries.!!?
Yes, Amazon CloudWatch Synthetics is a new feature that enables you to monitor your application endpoints 24*7 more efficiently and clearly. You can create canaries and configure the scripts to monitor your endpoints and APIs in a scheduled manner. Canaries will follow a similar path and acts as same as a customer so that makes it possible to frequently verify the user experience even when there is no traffic on your applications.
Canaries are configurable Node.js scripts. They create Lambda functions for your application monitoring, and they work over HTTP and HTTPS protocols. It checks the availability and latency of your applications and stores the load time data and as well as a screenshot of your UI. And they check the availability of the endpoints from their point of view.
The security concern for Synthetic canaries are as follows:
- Always use encrypted connections that begin with https://
- Choose Canary names that do not reveal proprietary information
- It is recommended to not to use any secrets and credentials in a Canary script
- Restricting access to the resources which are created by Cloudwatch Synthetics
- Stack Traces and Exception messages
- Do not configure your Canary to point untrusted or malicious endpoints
- Header Logging
How to use CloudWatch Synthetics?
- Login into the AWS Console and under the Management and governance select Cloudwatch
- From the CloudWatch dashboard select Synthetics
- Now, click on create Canary
- For creating your first Canary you will have three options
- I’m using API canary in this example. And Name your Canary and enter your API endpoint
- If we want to edit the Canary script, we can do it in Script editor. This script will be configured for your API endpoint mentioned.
- Now, you need to decide how your canaries should run, you have two options
- You can create a retention period to store Failure Canary data and as well as Success Canary data so that we can act on it when necessary
- The artifacts created by each Canary run will be stored in an S3 bucket, you can select the existing bucket or a default bucket will be created.
- An IAM role will be created to execute the Canary.
- You can also Create Alarms for getting notified by your Canary
- Now click Create Canary, it takes up to a minute to get created
- So, you will receive the results of your Canary run, which shows whether the test is Passed or Failed
- You can check the Logs for your Canary run, screenshot shows how your customers see your applications and HAR(HTTP Archive files) gives detailed data about the performance of your web pages
So, the canaries can also be customized as per your requirement to check for broken links, page load errors, latency, transactions in your applications to reduce the meantime for resolving the issues. You will get 100 Canary runs per month with no charge, and after that, you pay per run. The prices start at $0.0012 per run in addition to it the usual charges for S3 storage and Lambda invocations.
Learn more about our AWS CloudWatch with our AWS Solutions Architect Course.
Please comment if you have any questions.