CloudWatch Agent on Lightsail

Step 6: Start the CloudWatch Agent

/opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-cli -a fetch-config -m onPremise -c file:/opt/aws/amazon-cloudwatch-agent/bin/config.json -s

Man that’s a long command…

Everything processed as expected and I received a “Configuration validation succeeded” as the last line before returning to the terminal. .

/opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a status -m onPremise

Running like a Refrigerator.

Nice. Means the agent is running successfully.

Step 7: After all that, permissions 🙁

So the agent was running on the instance and everything seems good with the world. After tailing the output log of the Agent for a few minute I see errors. AssumeRoleWithIdentity … . I then re-install the agent as a EC2 install, different error. Drank a beer, nope, no difference. Uggg. There has to be a way I think. I did somehow get some basic metrics, but how when both install configurations returned errors?


While the setup can (and easily does) get complicated the defaults and basic options got me up and running in an less than an hour. With practice it becomes second nature, and little effort the entire process can be part of a startup script or baked into an image and ready to go on start up….

But after 3 more additional hours of fiddling around I just could not get the Agent to authenticate via the API keys and those keys having permissions to post data to Cloud Watch. Maybe I’ll come back to this later but for now, nah. I am moving on to other ideas.

If you have been able to get this to work, please reach out to me. I would love to see where I messed up.


One thought on “CloudWatch Agent on Lightsail

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.