Testing Amazon CloudWatch Alarms for Effective SysOps Administration

Performing Effective Testing of Amazon CloudWatch Alarms

Prev Question Next Question

Question

A critical financial application is deployed on Amazon EC2 instances.

Amazon CloudWatch Alarms are created to notify Amazon SNS topics when Amazon EC2 instance CPU utilization exceeds 70%

The team lead is looking to test these alarms before deploying EC2 instances to production. How should a Sysops administrator perform testing of the Amazon CloudWatch Alarms in the most effective way?

Answers

A. Use third-party tools on Amazon EC2 instances to elevate CPU load which in turn will trigger an alarm sending notification to Amazon SNS topic.

B. Use cloudwatch-alarm-action-check rule from AWS Config to trigger an alarm sending notification to Amazon SNS topic.

C. Use SetAlarmState API call to trigger an alarm sending notification to Amazon SNS topic.

D. Use cloudwatch-alarm-settings-check rule from AWS Config to trigger an alarm sending notification to Amazon SNS topic.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Correct Answer: C.

For testing of alarms created using Amazon CloudWatch Alarms, SetAlarmState API action or the set-alarm-state command in the AWS CLI can be used.

This will temporarily change the alarm state to ALARM, which will initiate a notification to the Amazon SNS topic.

Option A is incorrect as using third-party tools on Amazon EC2 instances to elevate CPU is not a suggested option to test CloudWatch alarms.

Option B is incorrect as this rule will check if CloudWatch alarms have at least one alarm action & will not perform alarm testing.

Option D is incorrect as this rule will check if CloudWatch alarms have specific settings & will not perform alarm testing.

For more information on testing Amazon CloudWatch Alarms, refer to the following URL,

https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html

The most effective way to test the Amazon CloudWatch Alarms in this scenario is by using the SetAlarmState API call to trigger an alarm and send a notification to an Amazon SNS topic.

Option A suggests using third-party tools to elevate CPU load, but this approach may not accurately simulate real-world scenarios, and it may not be necessary to introduce additional dependencies into the testing process.

Option B suggests using the cloudwatch-alarm-action-check rule from AWS Config to trigger an alarm, but this rule only verifies if the actions specified in the alarm are working correctly. It does not actually trigger the alarm to test the notification system.

Option D suggests using the cloudwatch-alarm-settings-check rule from AWS Config to trigger an alarm, but this rule only verifies if the settings in the alarm are correct, such as the threshold and period. It does not actually trigger the alarm to test the notification system.

Therefore, the best option is C, which involves using the SetAlarmState API call to trigger an alarm and send a notification to an Amazon SNS topic. This API call allows you to simulate different alarm states, such as OK, ALARM, and INSUFFICIENT_DATA, which can help you test the notification system under various scenarios. You can also verify that the SNS topic is correctly configured to receive notifications.

In summary, the most effective way to test the Amazon CloudWatch Alarms in this scenario is to use the SetAlarmState API call to trigger an alarm and send a notification to an Amazon SNS topic.

Prev Question Next Question