Ensure that enhanced monitoring with Amazon CloudWatch Lambda Insights is enabled for your Amazon Lambda functions in order to help you to monitor, troubleshoot, and optimize your functions.
This rule can help you work with the AWS Well-Architected Framework.
Amazon CloudWatch Lambda Insights is a monitoring and troubleshooting service for serverless applications running on Amazon Lambda. The service collects, aggregates, and summarizes system-level metrics including CPU, memory, disk, and network usage. CloudWatch Lambda Insights also collects, aggregates, and summarizes diagnostic information such as cold starts and Lambda worker shutdowns to help you identify issues with your Lambda functions and resolve them as soon as possible. You can enable enhanced monitoring by adding the extension as a layer to your Lambda functions. A function layer is a .zip file archive that contains libraries or other dependencies. With layers, you can use libraries in your Lambda function without needing to include them in your deployment package. Once the CloudWatch Lambda Insights extension is enabled for a Lambda function, it collects system-level metrics and emits a single performance log event for every invocation of that function.
Audit
To determine if your Amazon Lambda functions are configured to use enhanced monitoring, perform the following actions:
Remediation / Resolution
To enable enhanced monitoring for existing Amazon Lambda functions, perform the following actions:
References
- AWS Documentation
- Using Lambda Insights in Amazon CloudWatch
- Getting started with Lambda Insights
- Using the AWS CLI to enable Lambda Insights on an existing Lambda function
- Available versions of the Lambda Insights extension
- AWS Command Line Interface (CLI) Documentation
- lambda
- list-functions
- get-function
- update-function-configuration
- iam
- attach-role-policy