3 min readTechnical

Technical

CloudWatch Monitoring for $0: The Free Tier Monitoring Stack

3 min read

Monitoring should not cost more than the thing it is monitoring. Most of my projects run inside the AWS free tier, which means my monitoring budget is also zero. Here is the CloudWatch stack I use to stay on top of production without paying a cent.

What the Free Tier Gives You

CloudWatch's free tier is more useful than people think:

  • 10 custom metrics per month
  • 1 million API requests
  • 5GB of log ingestion, 5GB of log storage
  • 10 alarms
  • 3 dashboards with up to 50 metrics each

That is enough to monitor a real production system if you are disciplined about what you instrument.

The Core Setup

My core setup uses five alarms:

  1. Lambda error rate over 5% sustained for 5 minutes
  2. Lambda duration p95 over 3 seconds sustained
  3. API Gateway 5xx rate over 1% sustained
  4. DynamoDB throttling non-zero for any minute
  5. Monthly spend over the expected free-tier usage

That leaves me with 5 alarms for project-specific signals. Usually one per critical endpoint. Anything not on that list is not an emergency.

Structured Logs as Metrics

The trick to staying under the metric limit is using CloudWatch Logs Insights to compute ad-hoc metrics from structured logs, rather than emitting a separate metric. If every log line is a JSON object with a type field, you can slice by type after the fact:

sql
fields @timestamp, type, duration_ms
| filter type = "tool_call"
| stats avg(duration_ms) by bin(5m)

That query gives me the same information as a per-tool-call metric, without spending my metric quota. The tradeoff is query cost, which is minimal if you keep retention low and structure logs well.

Log Retention and Cost

Retention defaults to "never expire," which is how you accidentally blow past the 5GB storage limit. Set retention explicitly on every log group: 7 days for most things, 30 days for anything you might audit. That single config change is the difference between a free monitoring stack and a surprise bill.

The Dashboard

I have exactly one dashboard. Three rows: traffic, errors, performance. Four widgets each. It fits on one screen. If a metric is not on that dashboard it probably does not matter for day-to-day operation. Resist the urge to build twelve dashboards. You will never look at eleven of them.

The CloudWatch pricing page has the full free-tier breakdown.

RELATED READING

Technical2 min

The Consulting Shift I Am Making In Year Two

After a year of writing and building, my consulting practice is changing shape. Shorter engagements. Sharper outcomes.

Read
Technical2 min

The Frontend Shift: Shipping Less JavaScript In Year Two

A year ago I reached for Next.js for everything. This year I often reach for nothing.

Read
Technical2 min

The Serverless Lesson I Would Write On A Sticky Note

After a year of shipping serverless projects, one rule explains most of the wins and all of the losses.

Read