Amazon Managed Service for Prometheus (AMP) with CloudFormation

Deploying Amazon Managed Service for Prometheus (AMP) with CloudFormation.

Amazon Managed Service for Prometheus (AMP) simplifies Prometheus's deployment, management, and scaling.

Prometheus is an open-source monitoring and alerting toolkit. It has a robust querying language, a powerful data model, and extensive integrations. Prometheus helps engineers gain insights into the health and performance of their applications and systems by offering a thorough solution for monitoring infrastructure, applications, and services. From collecting metrics and generating alerts based on predefined thresholds, to its scalability, reliability, and community support, Prometheus is a significant pillar of observability.

Why Amazon Managed Service for Prometheus (AMP)?

AMP helps reduce the hassle of managing Prometheus infrastructure by handling the heavy lifting. Tasks such as provisioning network, storage, and computing resources for the deployment of Prometheus, scaling, upgrades and patches, high availability, etc., are all managed by AWS.

That means you and your team can use those valuable insights to improve your applications. Plus, AMP plays super nicely with other AWS services and offers a pay-as-you-go setup, making it the go-to for organizations wanting top-notch Prometheus monitoring on AWS.

Deploying Amazon Managed Service for Prometheus (AMP) with CloudFormation

AWS CloudFormation, is a tool that enables developers to define their infrastructure as code (IaC). With CloudFormation, you can describe your AWS resources in a simple, declarative template, specifying everything you need, from EC2 instances to S3 buckets and IAM roles. Once defined, CloudFormation provides and configures the resources, ensuring consistency and repeatability across environments.

A CloudFormation template is a JSON or YAML file that defines the AWS resources and their configurations needed to deploy an application or infrastructure stack.CloudFormation templates are written in a declarative format, specifying the desired state of the infrastructure rather than the steps required to achieve that state.

The following is a CloudFormation Template for deploying AMP

AWSTemplateFormatVersion: "2024-09-09"
Description: "Amazon Managed Service for Prometheus (AMP) Deployment Example"

Parameters:
  WorkspaceName:
    Description: "Name for the Prometheus workspace"
    Type: String
    Default: "MyPrometheusWorkspace"

Resources:
  PrometheusWorkspace:
    Type: AWS::Prometheus::Workspace
    Properties:
      WorkspaceName: !Ref WorkspaceName
      Retention: 30 # Retention period for metrics (in days)
      DataSources:
        - Type: "CloudWatch"
          Region: !Ref AWS::Region
          AssumeRoleArn: !GetAtt IAMRole.Arn
      WorkspaceDescription: "Managed Prometheus workspace for monitoring applications"

  IAMRole:
    Type: AWS::IAM::Role
    Properties:
      AssumeRolePolicyDocument:
        Version: "2024-10-17"
        Statement:
          - Effect: Allow
            Principal:
              Service: [prometheus.amazonaws.com]
            Action: ["sts:AssumeRole"]
      Policies:
        - PolicyName: "PrometheusDataAccessPolicy"
          PolicyDocument:
            Version: "2024-10-17"
            Statement:
              - Effect: Allow
                Action:
                  - "cloudwatch:GetMetricData"
                  - "cloudwatch:GetMetricStatistics"
                  - "cloudwatch:ListMetrics"
                Resource: "*"

Outputs:
  PrometheusWorkspaceName:
    Description: "Name of the created Prometheus workspace"
    Value: !Ref PrometheusWorkspace
  IAMRoleArn:
    Description: "ARN of the IAM role used by Prometheus workspace"
    Value: !GetAtt IAMRole.Arn

After creating the template, you can deploy the AMP stack with aws cli by using the following command;

aws cloudformation create-stack --stack-name MyAMPStack --template-body file://amp-deployment.yaml --parameters ParameterKey=WorkspaceName,ParameterValue=MyPrometheusWorkspace

Benefits of Deploying AMP with CloudFormation

Deploying AMP with CloudFormation helps simplify the process and reduces the manual labour required. Other benefits includes

1. Infrastructure as Code (IaC): CloudFormation allows you to define your infrastructure in a declarative template, enabling you to treat infrastructure as code. This approach enhances consistency, repeatability, and version control, as infrastructure changes can be tracked along with application code.
2. Automated Provisioning: With CloudFormation, you can automate the provisioning of AMP resources, including Prometheus workspaces and IAM roles. This eliminates manual intervention and reduces the risk of errors during deployment.
3. Simplified Deployment: CloudFormation abstracts the complexity of infrastructure management, providing a simple and standardized way to deploy AMP. You can define all the necessary resources and configurations in a single template, making deployment straightforward and repeatable.
4. Integration with AWS Ecosystem: CloudFormation seamlessly integrates with other AWS services, allowing you to incorporate AMP into your existing AWS environment effortlessly. You can leverage CloudFormation features like parameterization and resource dependencies to create highly customizable and scalable deployments
5. Resource Management: CloudFormation provides centralized management and tracking of AMP resources, making it easy to monitor, update, and delete resources as needed. You can track changes, view stack history, and roll back to previous configurations if necessary, providing greater control and visibility over your infrastructure.

Conclusion

Deploying Amazon Managed Service for Prometheus (AMP) with AWS CloudFormation streamlines the process of setting up Prometheus monitoring on AWS. By abstracting the complexities of infrastructure management, AMP enables teams to leverage monitoring insights to optimize application performance and reliability while reducing the manual labour and time.