AWS S3¶

Use the "Cloud Sync" series of script packages in the script market to synchronize cloud monitoring and cloud asset data to TrueWatch.

Configuration¶

Install Func¶

It is recommended to enable TrueWatch Integration - Extensions - DataFlux Func (Automata): all preconditions are automatically installed, please proceed with the script installation.

If you deploy Func yourself, refer to Self-deploy Func

Install Script¶

Note: Please prepare the Amazon AK with the required permissions in advance (for simplicity, you can directly grant the global read-only permission ReadOnlyAccess)

Enable Script for Automata¶

Log in to the TrueWatch console
Click the 【Integration】 menu, select 【Cloud Account Management】
Click 【Add Cloud Account】, select 【AWS】, and fill in the required information on the interface. If you have already configured the cloud account information before, ignore this step
Click 【Test】, and click 【Save】 after the test is successful. If the test fails, please check whether the relevant configuration information is correct and test again
Click 【Cloud Account Management】, you can see the added cloud account in the list, click the corresponding cloud account to enter the details page
Click the 【Integration】 button on the cloud account details page, find AWS S3 under the Not Installed list, and click the 【Install】 button to pop up the installation interface for installation.

Manually Enable Script¶

Log in to the Func console, click 【Script Market】, enter the TrueWatch script market, search for: integration_aws_s3
Click 【Install】, and enter the corresponding parameters: AWS AK ID, AK Secret, and account name.
Click 【Deploy Startup Script】, the system will automatically create the Startup script set and automatically configure the corresponding startup script.
After enabling, you can see the corresponding automatic trigger configuration in 「Management / Automatic Trigger Configuration」. Click 【Execute】 to execute it immediately without waiting for the scheduled time. Wait a moment, you can view the execution task records and corresponding logs.

Verification¶

In 「Management / Automatic Trigger Configuration」, confirm whether the corresponding task has the corresponding automatic trigger configuration, and you can also check the corresponding task records and logs to check for any abnormalities
In TrueWatch, check whether the asset information exists in 「Infrastructure / Custom」
In TrueWatch, check whether there is corresponding monitoring data in 「Metrics」

Metrics¶

After configuring Amazon CloudWatch, the default measurement sets are as follows. You can collect more metrics by configuration Amazon CloudWatch Metrics Details

Amazon S3 Daily Storage Metrics for Buckets in CloudWatch¶

The AWS/S3 namespace includes the following daily storage metrics for buckets.

Metric Description

BucketSizeBytes The amount of data in bytes stored in the bucket for the following storage classes: S3 Standard (STANDARD)S3 Intelligent-Tiering (INTELLIGENT_TIERING)S3 Standard-Infrequent Access (STANDARD_IA)S3 OneZone-Infrequent Access (ONEZONE_IA)Reduced Redundancy Storage (RRS) (REDUCED_REDUNDANCY)S3 Glacier Instant Retrieval (GLACIER_IR)S3 Glacier Deep Archive (DEEP_ARCHIVE)S3 Glacier Flexible Retrieval (GLACIER)This value is calculated by summing the size of all objects and metadata (current and non-current objects) in the bucket, including the size of all parts of multipart uploads to the bucket that have not been completed. Valid storage type filters: StandardStorage, IntelligentTieringFAStorage, IntelligentTieringIAStorage, IntelligentTieringAAStorage, IntelligentTieringAIAStorage, IntelligentTieringDAAStorage, StandardIAStorage, StandardIASizeOverhead, StandardIAObjectOverhead, OneZoneIAStorage, OneZoneIASizeOverhead, ReducedRedundancyStorage, GlacierInstantRetrievalSizeOverhead, GlacierInstantRetrievalStorage, GlacierStorage, GlacierStagingStorage, GlacierObjectOverhead, GlacierS3ObjectOverhead, DeepArchiveStorage, DeepArchiveObjectOverhead, DeepArchiveS3ObjectOverhead, and DeepArchiveStagingStorage (see StorageType dimension) Unit: Bytes Valid statistics: Average

NumberOfObjects The total number of objects stored in the bucket for all storage classes. This value is calculated by counting all objects (including current and non-current objects), delete markers, and all parts of multipart uploads to the bucket that have not been completed. Valid storage type filters: AllStorageTypes (see StorageType dimension) Unit: Count Valid statistics: Average

Amazon S3 CloudWatch Request Metrics in CloudWatch¶

The AWS/S3 namespace includes the following request metrics. These metrics include non-billable requests (if they are GET requests from COPY and Replication).

Metric	Description
`AllRequests`	The total number of HTTP requests made to an Amazon S3 bucket (regardless of type). If you configure a metric for a filter, the metric will only return HTTP requests that meet the filter requirements. Unit: Count Valid statistics: Sum
`GetRequests`	The number of HTTP GET requests made for an object in an Amazon S3 bucket. This does not include list operations. This metric increments for each source of a COPY object request. Unit: Count Valid statistics: SumNote that paginated list requests (e.g., List Multipart Uploads, List Parts, Get Bucket Object Versions, and other requests) are not included in this metric.
`PutRequests`	The number of HTTP PUT requests made for an object in an Amazon S3 bucket. This metric increments for each target of a COPY object request. Unit: Count Valid statistics: Sum
`DeleteRequests`	The number of HTTP `DELETE` requests made for an object in an Amazon S3 bucket. This metric also includes Delete Multiple Objects requests. This metric shows the number of requests made, not the number of objects deleted. Unit: Count Valid statistics: Sum
`HeadRequests`	The number of HTTP `HEAD` requests made to an Amazon S3 bucket. Unit: Count Valid statistics: Sum
`PostRequests`	The number of HTTP `POST` requests made to an Amazon S3 bucket. Unit: Count Valid statistics: SumNote that Delete Multiple Objects and SELECT Object Content requests are not included in this metric.
`SelectRequests`	The number of Amazon S3 SELECT Object Content requests made for an object in an Amazon S3 bucket. Unit: Count Valid statistics: Sum
`SelectBytesScanned`	The number of bytes of data scanned using Amazon S3 SELECT Object Content requests in an Amazon S3 bucket. Unit: Bytes Valid statistics: Average (bytes per request), Sum (bytes per period), Sample Count, Min, Max (same as p100), any percentile between p0.0 and p99.9
`SelectBytesReturned`	The number of bytes of data returned using Amazon S3 SELECT Object Content requests in an Amazon S3 bucket. Unit: Bytes Valid statistics: Average (bytes per request), Sum (bytes per period), Sample Count, Min, Max (same as p100), any percentile between p0.0 and p99.9
`ListRequests`	The number of HTTP requests to list the contents of a bucket. Unit: Count Valid statistics: Sum
`BytesDownloaded`	The number of bytes downloaded for requests made to an Amazon S3 bucket (the response to the request contains a body). Unit: Bytes Valid statistics: Average (bytes per request), Sum (bytes per period), Sample Count, Min, Max (same as p100), any percentile between p0.0 and p99.9
`BytesUploaded`	The number of bytes uploaded for requests made to an Amazon S3 bucket (the request contains a body). Unit: Bytes Valid statistics: Average (bytes per request), Sum (bytes per period), Sample Count, Min, Max (same as p100), any percentile between p0.0 and p99.9
`4xxErrors`	The number of HTTP 4xx client error status code requests made to an Amazon S3 bucket with a value of 0 or 1. The Average statistic shows the error rate, and the Sum statistic shows the count of this type of error per period. Unit: Count Valid statistics: Average (reports per request), Sum (reports per period), Min, Max, Sample Count
`5xxErrors`	The number of HTTP 5xx server error status code requests made to an Amazon S3 bucket with a value of 0 or 1. The Average statistic shows the error rate, and the Sum statistic shows the count of this type of error per period. Unit: Count Valid statistics: Average (reports per request), Sum (reports per period), Min, Max, Sample Count
`FirstByteLatency`	The per-request time from when a complete request is received by an Amazon S3 bucket to when the response begins to be returned. Unit: Milliseconds Valid statistics: Average, Sum, Min, Max (same as p100), Sample Count, any percentile between p0.0 and p100
`TotalRequestLatency`	The elapsed per-request time from when the first byte is received to when the last byte is sent to an Amazon S3 bucket. This metric includes the time spent receiving the request body and sending the response body (not included in `FirstByteLatency`). Unit: Milliseconds Valid statistics: Average, Sum, Min, Max (same as p100), Sample Count, any percentile between p0.0 and p100

S3 Replication Metrics in CloudWatch¶

You can use S3 Replication Metrics to monitor the progress of replication by tracking pending bytes, pending operations, and replication latency. For more information, see Monitoring Progress Using Replication Metrics.

Note:

You can enable alerts for replication metrics in Amazon CloudWatch. When setting an alert for replication metrics, set the Missing data treatment field to Treat missing data as ignore (maintain the alarm state).

Metric	Description
`ReplicationLatency`	The maximum number of seconds that the destination AWS region is behind the source AWS region for a given replication rule. Unit: Seconds Valid statistics: Max
`BytesPendingReplication`	The total number of bytes of objects pending replication for a given replication rule. Unit: Bytes Valid statistics: Max
`OperationsPendingReplication`	The number of operations pending replication for a given replication rule. Unit: Count Valid statistics: Max
`OperationsFailedReplication`	The number of operations that failed replication for a given replication rule. Unit: Count Valid statistics: Sum (total number of failed operations), Average (failure rate), Sample Count (total number of replication operations)

S3 Storage Lens Storage Statistics Management Tool Metrics in CloudWatch¶

You can publish S3 Storage Lens Storage Statistics Management Tool usage and activity metrics to Amazon CloudWatch to create a unified view of operational health in CloudWatch dashboards. S3 Storage Lens Storage Statistics Management Tool metrics are published to the AWS/S3/Storage-Lens namespace in CloudWatch. The CloudWatch publishing option is available for S3 Storage Lens Storage Statistics Management Tool dashboards that have been upgraded to advanced metrics and recommendations.

For a list of S3 Storage Lens Storage Statistics Management Tool metrics published to CloudWatch, see Amazon S3 Storage Lens Storage Statistics Management Tool Metrics Glossary. For a complete list of dimensions, see Dimensions.

S3 Object Lambda Request Metrics in CloudWatch¶

S3 Object Lambda includes the following request metrics.

Metric	Description
`AllRequests`	The total number of HTTP requests made to an Amazon S3 bucket using an Object Lambda access point. Unit: Count Valid statistics: Sum
`GetRequests`	The number of HTTP `GET` requests made for an object using an Object Lambda access point. This metric does not include list operations. Unit: Count Valid statistics: Sum
`BytesUploaded`	The number of bytes uploaded to an Amazon S3 bucket using an Object Lambda access point (the request contains a body). Unit: Bytes Valid statistics: Average (bytes per request), Sum (bytes per period), Sample Count, Min, Max (same as p100), any percentile between p0.0 and p99.9
`PostRequests`	The number of HTTP `POST` requests made to an Amazon S3 bucket using an Object Lambda access point. Unit: Count Valid statistics: Sum
`PutRequests`	The number of HTTP `PUT` requests made for an object in an Amazon S3 bucket using an Object Lambda access point. Unit: Count Valid statistics: Sum
`DeleteRequests`	The number of HTTP `DELETE` requests made for an object in an Amazon S3 bucket using an Object Lambda access point. This metric includes Delete Multiple Objects requests. This metric shows the number of requests made, not the number of objects deleted. Unit: Count Valid statistics: Sum
`BytesDownloaded`	The number of bytes downloaded for requests made to an Amazon S3 bucket using an Object Lambda access point (the response includes a body). Unit: Bytes Valid statistics: Average (bytes per request), Sum (bytes per period), Sample Count, Min, Max (same as p100), any percentile between p0.0 and p99.9
`FirstByteLatency`	The per-request time from when a complete request is received by an Amazon S3 bucket through an Object Lambda access point to when the response begins to be returned. This metric depends on the runtime of the AWS Lambda function transforming the object before the function returns bytes to the Object Lambda access point. Unit: Milliseconds Valid statistics: Average, Sum, Min, Max (same as p100), Sample Count, any percentile between p0.0 and p100
`TotalRequestLatency`	The elapsed per-request time from when the first byte is received to when the last byte is sent to an Object Lambda access point. This metric includes the time spent receiving the request body and sending the response body (not included in `FirstByteLatency`). Unit: Milliseconds Valid statistics: Average, Sum, Min, Max (same as p100), Sample Count, any percentile between p0.0 and p100
`HeadRequests`	The number of HTTP `HEAD` requests made to an Amazon S3 bucket using an Object Lambda access point. Unit: Count Valid statistics: Sum
`ListRequests`	The number of HTTP `GET` requests to list the contents of an Amazon S3 bucket. This metric includes both `List` and `ListV2` operations. Unit: Count Valid statistics: Sum
`4xxErrors`	The number of HTTP 4xx server error status code requests made to an Amazon S3 bucket using an Object Lambda access point with a value of 0 or 1. The Average statistic shows the error rate, and the Sum statistic shows the count of this type of error per period. Unit: Count Valid statistics: Average (reports per request), Sum (reports per period), Min, Max, Sample Count
`5xxErrors`	The number of HTTP 5xx server error status code requests made to an Amazon S3 bucket using an Object Lambda access point with a value of 0 or 1. The Average statistic shows the error rate, and the Sum statistic shows the count of this type of error per period. Unit: Count Valid statistics: Average (reports per request), Sum (reports per period), Min, Max, Sample Count
`ProxiedRequests`	The number of HTTP requests made to an Object Lambda access point that return standard Amazon S3 API responses. (No Lambda function is configured for such requests.) Unit: Count Valid statistics: Sum
`InvokedLambda`	The number of HTTP requests for S3 objects in which a Lambda function is invoked. Unit: Count Valid statistics: Sum
`LambdaResponseRequests`	The number of `WriteGetObjectResponse` requests made by a Lambda function. This metric only applies to `GetObject` requests.
`LambdaResponse4xx`	The number of HTTP 4xx client errors that occur when a Lambda function calls `WriteGetObjectResponse`. This metric provides the same information as `4xxErrors`, but only applies to `WriteGetObjectResponse` calls.
`LambdaResponse5xx`	The number of HTTP 5xx server errors that occur when a Lambda function calls `WriteGetObjectResponse`. This metric provides the same information as `5xxErrors`, but only applies to `WriteGetObjectResponse` calls.

Metrics for Amazon S3 on Outposts in CloudWatch¶

For a list of metrics used for S3 on Outposts in CloudWatch, see CloudWatch metrics.

Dimensions for Amazon S3 in CloudWatch¶

The following dimensions are used to filter Amazon S3 metrics.

Dimension	Description
`BucketName`	This dimension filters the data you request for only the identified bucket.
`StorageType`	This dimension filters the data you store in the bucket by the following storage types: `StandardStorage` – The number of bytes for objects in the `STANDARD` storage class. `IntelligentTieringAAStorage` – The number of bytes for objects in the Archive Access tier of the `INTELLIGENT_TIERING` storage class. `IntelligentTieringAIAStorage` – The number of bytes for objects in the Archive Instant Access tier of the `INTELLIGENT_TIERING` storage class. `IntelligentTieringDAAStorage` – The number of bytes for objects in the Deep Archive Access tier of the `INTELLIGENT_TIERING` storage class. `IntelligentTieringFAStorage` – The number of bytes for objects in the Frequent Access tier of the `INTELLIGENT_TIERING` storage class. `IntelligentTieringIAStorage` – The number of bytes for objects in the Infrequent Access tier of the `INTELLIGENT_TIERING` storage class. `StandardIAStorage` – The number of bytes for objects in the "Standard - Infrequent Access" (`STANDARD_IA`) storage class. `StandardIASizeOverhead` – The number of bytes for objects smaller than 128KB in the `STANDARD_IA` storage class. `IntAAObjectOverhead` – For each object in the Archive Access tier of the `INTELLIGENT_TIERING` storage class, S3 Glacier adds 32KB of storage for indexing and related metadata. This additional data is required to identify and restore the object. This additional storage is charged at S3 Glacier rates. `IntAAS3ObjectOverhead` – For each object in the Archive Access tier of the `INTELLIGENT_TIERING` storage class, Amazon S3 uses 8KB of storage for the name of the object and other metadata. This additional storage is charged at S3 Standard rates. `IntDAAObjectOverhead` – For each object in the Deep Archive Access tier of the `INTELLIGENT_TIERING` storage class, S3 Glacier adds 32KB of storage for indexing and related metadata. This additional data is required to identify and restore the object. This additional storage is charged at S3 Glacier Deep Archive rates. `IntDAAS3ObjectOverhead` – For each object in the Deep Archive Access tier of the `INTELLIGENT_TIERING` storage class, Amazon S3 adds 8KB of storage for indexing and related metadata. This additional data is required to identify and restore the object. This additional storage is charged at S3 Standard rates. `OneZoneIAStorage` – The number of bytes for objects in the "S3 One Zone - Infrequent Access" (`ONEZONE_IA`) storage class. `OneZoneIASizeOverhead` – The number of bytes for objects smaller than 128KB in the `ONEZONE_IA` storage class. `ReducedRedundancyStorage` – The number of bytes for objects in the Reduced Redundancy Storage (RRS) class. `GlacierInstantRetrievalSizeOverhead` – The number of bytes for objects smaller than 128KB in the S3 Glacier Instant Retrieval storage class. `GlacierInstantRetrievalStorage` – The number of bytes for objects in the S3 Glacier Instant Retrieval storage class. `GlacierStorage` – The number of bytes for objects in the S3 Glacier Flexible Retrieval storage class. `GlacierStagingStorage` – The number of bytes for individual parts of multipart objects in the S3 Glacier Flexible Retrieval storage class before a `CompleteMultipartUpload` request is completed on the object. `GlacierObjectOverhead` – For each archived object, S3 Glacier adds 32KB of storage for indexing and related metadata. This additional data is required to identify and restore the object. This additional storage is charged at S3 Glacier Flexible Retrieval rates. `GlacierS3ObjectOverhead` – For each object archived to S3 Glacier Flexible Retrieval, Amazon S3 uses 8KB of storage for the name of the object and other metadata. This additional storage is charged at S3 Standard rates. `DeepArchiveStorage` – The number of bytes for objects in the S3 Glacier Deep Archive storage class. `DeepArchiveObjectOverhead` – For each archived object, S3 Glacier adds 32KB of storage for indexing and related metadata. This additional data is required to identify and restore the object. This additional storage is charged at S3 Glacier Deep Archive rates. `DeepArchiveS3ObjectOverhead` – For each object archived to S3 Glacier Deep Archive, Amazon S3 uses 8KB of storage for the name of the object and other metadata. This additional storage is charged at S3 Standard rates. `DeepArchiveStagingStorage` - The number of bytes for individual parts of multipart objects in the S3 Glacier Deep Archive storage class before a `CompleteMultipartUpload` request is completed on the object.
`FilterId`	This dimension filters the request metrics you specify for the bucket. When creating a metric configuration, you need to specify a filter ID (e.g., prefix, tag, or access point). For more information, see Creating Metric Configurations.

Dimensions for S3 Storage Lens Storage Statistics Management Tool in CloudWatch¶

For a list of dimensions used to filter S3 Storage Lens Storage Statistics Management Tool metrics in CloudWatch, see Dimensions.

Dimensions for S3 Object Lambda Requests in CloudWatch¶

The following dimensions are used to filter data from Object Lambda access points.

Dimension	Description
`AccessPointName`	The name of the access point to which the request is being made.
`DataSourceARN`	The source from which the Object Lambda access point is retrieving data. If the request invokes a Lambda function, this refers to the Lambda ARN. Otherwise, this refers to the access point ARN.

Object¶

The AWS S3 object data structure collected can be seen in 「Infrastructure - Custom」

{
  "measurement": "aws_s3",
  "tags": {
    "name"              : "dataxxxx",
    "RegionId"          : "cn-northwest-1",
    "LocationConstraint": "cn-northwest-1",
    "Name"              : "dataxxxx"
  },
  "fields": {
    "CreationDate": "2022-03-09T06:13:31Z",
    "Grants"      : "{JSON data}",
    "message"     : "{instance JSON data}"
  }
}

Note: The fields in tags and fields may change with subsequent updates

Tip 1: The value of tags.name is the instance name, used as a unique identifier

Tip 2: fields.message is a JSON serialized string

Tip 3: fields.Grants is the bucket access control list