2.1.3. CloudWatch Dashboards (Multi-Account, Multi-Region)
💡 First Principle: A dashboard is an operational control panel — it surfaces the metrics that matter most for a specific context, so you don't have to search for them under pressure. Good dashboards tell you the health story at a glance; bad dashboards show everything and help you understand nothing.
CloudWatch Dashboards support both cross-account and cross-region metrics on a single dashboard. This is critical in enterprise environments where your application may span multiple AWS accounts and regions. You configure cross-account dashboards by enabling sharing in the source account and granting access in the monitoring account.
Widget Types Available:
| Widget | Best For |
|---|---|
| Metric | Time-series graphs of one or more metrics |
| Alarm Status | Quick health overview (green/red for each alarm) |
| Log Insights Query | Embedded log analysis results |
| Text | Labels, instructions, links |
| Explorer | Dynamic metric browsing by tag/resource type |
Shareable Dashboards allow you to share a dashboard as a public URL without requiring the viewer to have an AWS account. This is useful for sharing NOC dashboards with stakeholders who aren't AWS users. The shared URL provides read-only access to the dashboard.
⚠️ Exam Trap: When a question asks about multi-account monitoring visibility, the answer is CloudWatch cross-account dashboards or CloudWatch cross-account observability (not a separate third-party tool). For cross-region visibility in a single pane, dashboards can aggregate metrics from any region you specify.
Reflection Question: Your company has 5 AWS accounts (dev, staging, prod, logging, security). Which account should host the centralized CloudWatch dashboard, and how do the other accounts grant it access?
