AWS-Virtual Machine monitoring using terraform


3 min read


I will be deploying AWS VM and will monitor VM's CPU utilization using AWS CloudWatch. AWS SES service is used to send an email to the user or admin when an alarm is triggered.

Terraform is used to automate the deployment process.


  • Need AWS CLI installed on the local machine

  • Need terraform installed

  • VS code is used for coding ennvironment

Tech Specs:

  • AWS CloudWatch


  • AWS EC2


  • Terraform provider:

    Providing terraform with the provider aws.

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 4.16"

  required_version = ">= 1.2.0"

provider "aws" {
  region  = "us-east-1"
  • Launching AWS instance:
resource "aws_instance" "new-instance" { 
    ami = "ami-0a749d160bf052e89" 
    instance_type = "t2.micro"

tags = { 
    Name = "newinstance" 
  • Launching AWS CloudWatch:
resource "aws_cloudwatch_metric_alarm" "vm_metric_alaram" {
  alarm_name                = "vm-metricalert-terraform"
  comparison_operator       = "GreaterThanOrEqualToThreshold"
  evaluation_periods        = 2
  metric_name               = "CPUUtilization"
  namespace                 = "AWS/EC2"
  period                    = 120
  statistic                 = "Average"
  threshold                 = 1
  alarm_description         = "This metric monitors ec2 cpu utilization, alam will be triggered when the CPU utilization is above 1%."
  insufficient_data_actions = []
  alarm_actions             = [aws_sns_topic.email_sns_topic.arn]

  dimensions = {
    InstanceId = #"new-instance" is the id collected from vm deployment. 
  • Launching AWS SNS Service:
resource "aws_sns_topic" "email_sns_topic" {
  name = "email-sns-topic"

resource "aws_sns_topic_subscription" "email_sns_subscription" {
  topic_arn = aws_sns_topic.email_sns_topic.arn
  protocol  = "email"
  endpoint  = "" #provide your email address

Now, the code is complete. We need to deploy this to aws.

Next step is to configure AWS CLI in the terminal.

AWS CLI configuration:

1. Run : aws configure

Access key ID and Secret Access Key is required to configure the CLI. These keys can be found in AWS management console under IAM>USERS.

Provide with the region and output format.

plaintext aws configure

That's it. AWS CLI is configured now we can make changes to AWS without using the console.

Next step is to deploy the terraform code.

Terraform deployment:

    1.              terraform init

      It will initialize the working directory which has terraform configuration files in it.

      1.     terraform fmt

        Terraform fmt (format) is used for formatting the code. .

      2.     terraform validate

        Terraform validate, validates the configuration files in the working directory.

      3.     terraform plan

        Terraform plan command creates an execution plan, which lets you preview the changes that Terraform plans to make to your infrastructure.

      4.     terraform apply

        Terraform apply will execute the code and resources will deployed.

        Now, if you check the aws console the resources are deployed.

Email subscription:

You will receive an email for confirming the SNS subscription, for getting email alerts from CloudWatch. Click on confirm subscription and you are good to go.

###Email alert received


Ansh Paul | LinkedIn