Open the nodeserver-cf-template.py script.
After the first IAM policy, add the following MonitoringPolicy IAM policy. Simply add the following action to the statement:
t.add_resource(IAMPolicy(
"MonitoringPolicy",
PolicyName="AllowSendingDataForMonitoring",
PolicyDocument=Policy(
Statement=[
Statement(
Effect=Allow,
Action=[
Action("cloudwatch", "Put*"),
Action("logs", "Create*"),
Action("logs", "Put*"),
Action("logs", "Describe*"),
Action("events", "Put*"),
Action("firehose", "Put*"),
Action("autoscaling", "DescribeAutoScalingInstances"),
],
Resource=["*"])
]
),
Roles=[Ref("Role")]
))
Save the file. It should be similar to http://bit.ly/2v3cdeM.
Then, once again, update the stacks:
$ git add nodeserver-cf-template.py
$ git commit -m "Allowing the instance to describe the ASG instances"
$ git push
$ python nodeserver-cf-template.py > nodeserver-cf.template
$ aws cloudformation update-stack
--capabilities CAPABILITY_IAM
--stack-name helloworld-staging
--template-body file://nodeserver-cf.template
--parameters
ParameterKey=InstanceType,UsePreviousValue=true
ParameterKey=KeyPair,,UsePreviousValue=true
ParameterKey=PublicSubnet,,UsePreviousValue=true
ParameterKey=ScaleCapacity,,UsePreviousValue=true
ParameterKey=VpcId,,UsePreviousValue=true
$ aws cloudformation update-stack
--capabilities CAPABILITY_IAM
--stack-name helloworld-production
--template-body file://nodeserver-cf.template
--parameters
ParameterKey=InstanceType,UsePreviousValue=true
ParameterKey=KeyPair,UsePreviousValue=true
ParameterKey=PublicSubnet,UsePreviousValue=true
ParameterKey=ScaleCapacity,UsePreviousValue=true
ParameterKey=VpcId,UsePreviousValue=true
Next, we are going to create a new role in our Ansible repository to install and configure a tool to emit those metrics.