Amazon Managed Service for Prometheus (AMP) is a managed monitoring service that makes it easy to securely ingest, store, and query metrics from container environments. AMP scales on demand, collecting and accessing performance and operational data from container workloads on AWS and on-premises. AMP is fully compatible with Prometheus, the popular open Cloud Native Computing Foundation (CNCF) project, and also uses Cortex, another CNCF project, to automatically scale the ingestion, storage, and querying of Prometheus metrics. As an AWS managed service, AMP helps automate operations and maintenance, delivering cost-effective performance metrics and consistent query response times so you can spend less time managing your monitoring service and more time building your applications. You can use AMP to collect and query metrics from AWS container services including Amazon Elastic Kubernetes Service (EKS) and Amazon Elastic Container Service (ECS).
Easy to deploy and manage
Setup and configuration
Getting started with AMP is easy. With a few clicks in the AWS console, you can create an AMP workspace, which is a logical and isolated Prometheus server dedicated to Prometheus resources such as metrics, where you ingest, store, and query your Prometheus metrics. Each AMP workspace is automatically deployed across multiple Availability Zones, and is immediately ready to ingest and query metrics. You can quickly enable metric collection in multiple ways. You can configure AWS Distro for OpenTelemetry to collect metrics from a Prometheus-instrumented application, and send the metrics to AMP. You can also ingest metrics from Prometheus servers in clusters running Amazon EKS, and in self-managed Kubernetes clusters running on Amazon EC2.
No servers to manage
With a few clicks in the AMP console, you can instantly create one or many workspaces to monitor the performance of containerized workloads without having to build, package, or deploy any hardware or infrastructure. AMP automatically scales the ingestion, storage, and querying of operational metrics as workloads grow or shrink, and is integrated with AWS security services to enable fast and secure access to data.
Cost-effective
Pay only for what you use: With AMP, there are no upfront fees or commitments. You pay only for what you use based on metrics ingested, queried, and stored.
Highly extensible
PromQL querying
AMP supports the open source Prometheus query language (PromQL) to filter, aggregate, and alarm on metrics, and quickly get visibility into application performance without needing to make code changes. The result of a PromQL expression can be consumed by external systems via the HTTP API and visualization tools such as Amazon Managed Service for Grafana. This enables you to perform time series selection, subqueries, and functions, so you can troubleshoot issues faster and reduce mean time to detection.
Extensive instrumentation
AMP makes it easy to collect and send application metrics from multiple AWS and third-party services without having to manually instrument your application. Existing metric collectors such as the AWS Distro for OpenTelemetry collector and Prometheus servers can be used to securely remote write Prometheus metrics to AMP from over 150+ third party exporters such as Java/JMX, Apache Kafka, and Redis. Exporters are libraries and servers which help in exporting existing metrics from third-party systems as Prometheus metrics. This is useful for cases where it is not feasible to instrument a given system with Prometheus metrics directly. Learn more about third-party Prometheus exporters.
Highly secure, scalable, and available
Security
AMP offers enterprise-ready security and compliance. AWS account users can control user access and permissions to individual AMP workspaces using AWS Identity and Access Management (IAM). All queries sent to the service are authorized by IAM. AMP also integrates with AWS CloudTrail, so you can get a record of actions taken by a user, a role, or an AWS service in AMP. CloudTrail captures API calls for AMP as events, which you can set up to be continuously delivered to an Amazon S3 bucket. If you are using AMP and Amazon Managed Service for Grafana together, they seamlessly and securely connect using IAM authentication and private VPC endpoint connectivity.
Scalability
AMP is specifically architected to handle the high cardinality monitoring data with a large volume of tags (Prometheus labels) and dimensions that is generated by container-based applications. AMP manages the operational complexity of elastically scaling the ingestion, storage, and querying of metrics. With AWS PrivateLink, you can connect your VPCs to AMP and other services in AWS in a secure and scalable manner. Network traffic that uses AWS PrivateLink doesn't traverse the public internet, reducing the exposure to threat vectors such as brute force and distributed denial-of-service attacks. AMP supports the latest API versions and will be automatically updated and patched to address any critical security vulnerabilities.
Availability
AMP stores metrics, metadata, and samples on Amazon S3, which is designed for durability of 99.999999999% of objects across multiple Availability Zones, offering high durability, availability, and performance object storage for frequently accessed data. AMP is highly available and deployed across multiple AWS Regions and Availability Zones, which are connected with low-latency, high-throughput, and highly redundant networking. With Availability Zones, you can design and operate applications and databases that automatically fail over between zones without interruption. Availability Zones are more highly available, fault tolerant, and scalable than traditional single or multiple data center infrastructures. AWS delivers the highest network availability of any cloud provider.
With Amazon Managed Service for Prometheus, there are no upfront fees or commitments.
Get started building with Amazon Managed Service for Prometheus in the AWS Management Console.