Amazon Web Services (AWS)

Hello everyone!

I have a question about the rule we can create for Amazon Web Services (AWS)

I see that first I need the ID of the access key for the AWS account and the secret access key:


After that, we need to specify the region:


And then specify the services that I need to monitor:

Here is my question, I have databases running on AWS, and for that reason I cannot install the corresponding agent and query to monitor the database, these databases are MSSQL, MySQL, and Prostgresql.

My first question is, wat parameters are needed to create the username and password, and if you just select the option “Relational Database Service (RDS)”, what kind of information can I see for the database?


If someone can help me I appreciate it

Hi Gustavo,

There is detailed documentation available for setting this up. See this guide to get started. AFAIK it monitors the cluster, not individual databases.

Regards, Julius

1 Like

The credentials i.e. Access Key ID and the secret Access Key ID are used by the special agent {{agent_aws}} which fetches data from an AWS account relying on the WATO configuration ruleset {{Amazon Web Services (AWS)}} for a given host. Some of the AWS objects like EC2,EBS,RDS etc. can be monitored and will show up in the monitoring. But if the MSSQL,MYSQL etc. running on an EC2 instance needs to be monitored, then an agent together with an agent plugin has to be installed there.

Julius already gave you the link for the documentation for AWS monitoring.

However, if you need to monitor MSSQL,MySQL and Postgresql, then you have to install the Checkmk agent with the respective plugin on the host and ofcouse configure the agent plugin with their specific configuration file and this way you can monitor these databases on AWS.

1 Like

Hello everyone!

I am using version 2.00p12. In order to connect with AWS, I have configured an host without ip , but I couldn´t find the option IP address family “no ip” , so i left the field blank , and the discovery of the AWS services fails.
Any help is appreciated !

Hi @mau

Could you show your AWS rules configuration?

You must use the correct access key ID for your AWS account and the secret access key, remember that in the conditions part, specify your host name:


On your host you don’t need to select any options for the IP or for the agent, just create the host with a hostname and do a discovery for the services.

Hello @Gustavo,

Thank you , now it works, indeed I used a key that I had deactivated days ago !
But, at least for EC2 it seems that , in this agentless mode, only the status of the instance is available, isn’t it ?

Thanks for your help !

Yes for example for databases you only get 1 check for instance health, the other checks are related to AWS