Clone AWS CloudWatch Alarms

AWS does not allow to clone or copy its CloudWatch alarms from Console, however we have a workaround to create a new CloudWatch alarm with same config by running just 2 commands.

The below command will print output of existing AWS Alarm:

aws cloudwatch describe-alarms --alarm-names "myalarmname"
{
"MetricAlarms": [
{
"AlarmName": "myalarmname",
"AlarmArn": "arn:aws:cloudwatch:us-west-7:123456789011:alarm:RootUsage",
"AlarmDescription": "Monitoring for console logins and alerting.",
"AlarmConfigurationUpdatedTimestamp": "2024-1-07T03:2:47.185000+00:00",
"ActionsEnabled": true,
"OKActions": [],
"AlarmActions": [
"arn:aws:sns:us-west-7:123456789011:myalarm"
],
"InsufficientDataActions": [],
"StateValue": "INSUFFICIENT_DATA",
"StateReason": "Insufficient Data: 1 datapoint was unknown.",
"StateReasonData": "{\"version\":\"1.0\",\"queryDate\":\"2024-1-07T03:2:47.185000+00:00\",\"statistic\":\"Sum\",\"period\":300,\"recentDatapoints\":[],\"threshold\":1.0,\"evaluatedDatapoints\":[{\"timestamp\":\"2024-1-07T03:2:47.185000+00:00\"}]}",
"StateUpdatedTimestamp": "2024-1-07T03:2:47.185000+00:00",
"MetricName": "RootUsage",
"Namespace": "CISBenchmark",
"Statistic": "Sum",
"Dimensions": [],
"Period": 300,
"EvaluationPeriods": 1,
"DatapointsToAlarm": 1,
"Threshold": 1.0,
"ComparisonOperator": "GreaterThanOrEqualToThreshold",
"TreatMissingData": "missing",
"StateTransitionedTimestamp": "2024-1-07T03:2:47.185000+00:00"
}
],
"CompositeAlarms": []
}

Now we will take the configurations of the above existing Alarm and create a new. Just a simple command:

aws cloudwatch put-metric-alarm \
--alarm-name myalarmname2 \
--alarm-description "Monitoring for console logins and alerting.",, \
--actions-enabled \
--alarm-actions "arn:aws:sns:us-west-7:123456789011:CISAlarm" \
--comparison-operator "GreaterThanOrEqualToThreshold" \
--datapoints-to-alarm "1" \
--evaluation-periods "1" \
--metric-name "RootUsage" \
--namespace "CISBenchmark" \
--period "300" \
--statistic "Sum" \
--threshold "1.0"

Note:
Please note that we cannot rename existing CloudWatch Alarm in any way. The only way is to recreate it with different methods. I have shared the above method because it involves less effort and chances of errors are minimal.

Leave a Reply

Your email address will not be published. Required fields are marked *