Amazon Managed Grafana is a highly scalable, highly available, and fully managed service for open source Grafana, providing interactive data visualization for your monitoring and operational data. Using Amazon Managed Grafana, you can visualize, analyze, and alarm on your metrics, logs, and traces collected from multiple data sources in your observability system, including AWS, third-party ISVs, and other resources across your IT portfolio. Amazon Managed Grafana offloads the operational management of Grafana by automatically scaling compute and database infrastructure as usage demands increase, with automated version updates and security patching. Amazon Managed Grafana natively integrates with AWS services so you can securely add, query, visualize, and analyze your AWS data across multiple accounts and regions with a few clicks in the AWS Console. Amazon Managed Grafana integrates with AWS IAM Identity Center (successor to AWS SSO) and supports Security Assertion Markup Language (SAML) 2.0, so you can easily set up user access to specific dashboards and data sources for only certain users in your corporate directory.
Visualize and correlate data across multiple data sources
Amazon Managed Grafana connects to multiple data sources, enabling you to visualize, analyze, and correlate your metrics, logs, and traces in a unified dashboard. Amazon Managed Grafana securely and natively integrates with AWS services such as Amazon Managed Service for Prometheus, making it simple to query your AWS data across multiple accounts and multiple Regions in a single console. For example, you can create a dashboard that correlates container metrics from Amazon Managed Service for Prometheus, AWS services metrics from Amazon CloudWatch, and logs from Amazon OpenSearch Service to monitor the health and performance of your applications running in containers. In the same console, you can layer and visualize data from self-managed data sources like Graphite, and third-party ISVs like Datadog and Splunk in the same dashboard. Click here to view a full list of supported data sources.
ABOVE: An example of an Amazon Managed Grafana dashboard visualizing data from AWS X-Ray as a data source. Click here to view the full list of supported data sources.
Get started easily with pre-built panels and dashboards
Amazon Managed Grafana makes it easy to construct the right queries and customize the display properties so that you can create the dashboard you need. With multiple pre-built dashboards for various data sources, you can instantly start visualizing and analyzing your application data without having to build dashboards from scratch.
A dashboard is a set of one or more panels organized and arranged into one or more rows. Panels are the basic visualization building blocks in Amazon Managed Grafana, and are visual representations of your queries. Your queries display data over time, such as temperature fluctuations and current status, or lists of logs or alerts. Using a panel, you can choose from a wide variety of styling and formatting options, and apply visualizations to your data, such as graphs, bar gauges, heatmaps. Each panel can interact with data from any configured data source.
Amazon Managed Grafana also provides guided query building to help you get familiar with different query languages, so you can focus on spot-checking specific metrics, or deep dive into a log error without having to save or edit a team dashboard. In Explore mode, you can also view historical queries to jumpstart on-demand troubleshooting and help reduce mean time to resolution.
ABOVE: An example of a pre-built dashboard visualizing Amazon CloudWatch data for an Amazon EC2 instance. Amazon Managed Grafana provides pre-built dashboards to help you get started quickly.
ABOVE: An example of an imported MySQL Grafana dashboard for visualizing Prometheus metrics from Amazon Managed Service for Prometheus (AMP). The MySQL database is hosted on Amazon EKS and metrics exported through MySQL exporter. Amazon Managed Grafana provides the ability for customers to import Grafana dashboards to help get started quickly.
Set up alerts to identify issues quickly
By quickly identifying unintended changes in your system, you can minimize disruptions to your services. With Amazon Managed Grafana, you can configure alerts to identify problems in your system moments after they occur. You define the alert rule, how often it should be evaluated, the conditions that must be met for the alert to trigger, and how the alert notification should be delivered. You can also view and manage alerts from Amazon Managed Service for Prometheus and other Prometheus Alertmanager data sources in your Amazon Managed Grafana workspace.
Share dashboards easily with user authentication and authorization
With Amazon Managed Grafana, you can easily share interactive dashboards with specific users or across teams within your organization. With AWS IAM Identity Center (successor to AWS SSO) and SAML 2.0 integration with Identity Providers, you can leverage your existing corporate directory services to grant user access and authentication to your Grafana workspaces. You can assign user Read/Write or Read-Only roles by giving them Administrator, Editor, or Viewer privileges. You can also create Teams to restrict dashboard and data source access to the right users. Amazon Managed Grafana integrates with popular corporate directory services including Microsoft Active Directory, Azure Active Directory, Okta, Ping Identity, OneLogin, and CyberArk. With the Grafana Team Sync feature, Amazon Managed Grafana keeps track of all synchronized users in teams giving you flexibility to combine group memberships from your directory services with Grafana teams.
Troubleshoot and collaborate with your team
You can create multiple Grafana Teams to easily grant data source access permissions and share dashboards to groups of users. New team members added later will also inherit access permissions to shared resources without having to manually grant permissions one dashboard at a time. Users can view and edit dashboards in real time, track dashboard version changes, and easily share dashboards with other users in the same Team so that everyone is viewing the same data while troubleshooting operational issues. Users can also easily share dashboards with other teams or external entities by creating dashboard snapshots that can be publicly accessed.
Security and authentication
Amazon Managed Grafana tightly integrates with multiple AWS services to meet your corporate security and compliance requirements. Access to Amazon Managed Grafana is authenticated through AWS IAM Identity Center (successor to AWS SSO) or your existing Identity Provider via SAML 2.0, enabling re-use of existing trust relationships between AWS and your corporate user directories. You can track changes made to Grafana workspaces for compliance and audit tracking using audit logs provided by AWS CloudTrail. Amazon Managed Grafana also natively integrates with multiple AWS data sources including Amazon OpenSearch Service, Amazon CloudWatch, AWS X-Ray, AWS IoT SiteWise, Amazon Timestream, and Amazon Managed Service for Prometheus, so you don’t have to manually manage IAM credentials and permissions for each data source. Amazon Managed Grafana also discovers the resources in your account across multiple Regions and across your Organizational Units, and automatically provisions the right IAM policies to access your data.
Amazon Managed Grafana can also connect to data sources that are inside your private Amazon Virtual Private Cloud (VPC) without using public IPs or requiring traffic to traverse the Internet. Data sources such as OpenSearch, Amazon RDS databases, self-managed Prometheus, and other data sources often do not have a publicly facing endpoint. By connecting your Amazon Managed Grafana workspaces to your VPC, you will now be able to query, visualize, and alert on the data sources within your VPC. You can also connect Grafana workspaces to multiple VPCs using VPC Peering and Transit Gateways. In this way, you can have both your privately-hosted and public-facing data sources connect to the same Amazon Managed Grafana workspace to visualize your data all in one place.
You have granular security controls over your Amazon Managed Grafana workspaces by defining customer-managed prefix lists and VPC endpoints to help you restrict the inbound network traffic that can reach your Grafana workspaces. To learn more, check out the user guide for managing network access. You can also use AWS PrivateLink to connect between Amazon VPC and Amazon Managed Grafana workspaces. You can control access to the Amazon Managed Grafana service from the virtual private cloud (VPC) endpoints by attaching an IAM resource policy for Amazon VPC endpoints. Amazon Managed Grafana supports two different kinds of VPC endpoints. You can connect to the Amazon Managed Grafana service, providing access to the Amazon Managed Grafana APIs to manage workspaces. Or you can create a VPC endpoint to a specific workspace. For information about creating a VPC endpoint for your Grafana workspaces, see Interface VPC endpoints.
No servers to manage
With a few clicks in the Amazon Managed Grafana console, you can instantly create one or many workspaces to visualize and analyze your metrics, logs, and traces without having to build, package, or deploy any hardware or infrastructure. Amazon Managed Grafana automatically provisions, configures, and manages the operations of your Grafana workspaces, with automatic version upgrades to ensure that your Grafana workspaces are always up-to-date with the latest features. The service auto scales to meet your dynamic usage demands.
Highly available and secure
Automatic recovery and patching
Amazon Managed Grafana workspaces are highly available with multi-AZ replication. Amazon Managed Grafana also continuously monitors the health of your Grafana workspaces and replaces unhealthy nodes, without impacting your access to Grafana workspaces. Amazon Managed Grafana manages the availability of your compute and database nodes so that you don’t have to start, stop, or reboot any infrastructure resources.
Encryption and security
Amazon Managed Grafana encrypts your data at rest without special configuration, third-party tools, or additional cost. Amazon Managed Grafana also encrypts data in-transit via TLS.
Upgrade to Grafana Enterprise directly from the AWS Console
You can optionally upgrade to Grafana Enterprise via an AWS Marketplace purchase from the Amazon Managed Grafana console. This gives you access to additional enterprise plugins for a wide variety of third-party ISVs, including AppDynamics, Atlassian Jira, Datadog, Dynatrace, Gitlab, Honeycomb, MongoDB, New Relic, Oracle Database, Salesforce, SAP HANA, ServiceNow, VMware Tanzu Observability by Wavefront, and Snowflake.
ABOVE: Amazon Managed Grafana dashboard visualizing data from Snowflake, ServiceNow, New Relic, and Datadog. Their Grafana plugins are available for use in Amazon Managed Grafana with an optional upgrade to Grafana Enterprise.
Learn more about pricing options for Amazon Managed Grafana.
Instantly get access to the AWS Free Tier.
Get started building with Amazon Managed Grafana in the AWS Management Console.