CloudCloudWatch Metric Streams + IAM

AWS Fargate Integration

Serverless container monitoring with CPU, memory, and network metrics per task. Right-sizing recommendations, OOMKill detection, and AI workload anomaly detection — no host agent required.

Connect Fargate Book a Demo

Setup

How It Works

Deploy CloudFormation Stack

Launch the TigerOps CloudFormation template to configure Container Insights for your ECS clusters running Fargate tasks and enable Metric Streams for the AWS/ECS namespace.

Add TigerOps Sidecar

Add the TigerOps sidecar container to your Fargate task definitions. It reads metrics from the ECS task metadata endpoint (v4) and ships CPU, memory, and network data without any privileged access.

Configure Resource Limit Alerts

TigerOps reads the CPU and memory limits from your Fargate task definition and computes utilisation as a percentage of the limit. Alerts fire before tasks are throttled or OOMKilled.

Map Tasks to Services

TigerOps maps Fargate tasks to their ECS services and application teams using task definition family names and tags. Per-service cost estimates are computed from vCPU and memory usage.

Capabilities

What You Get Out of the Box

Per-Task CPU & Memory

CPU utilisation and memory usage as a percentage of task limits, collected from the ECS task metadata endpoint. TigerOps alerts when a task approaches its CPU limit and risks throttling.

Network I/O per Task

Network bytes in/out and packets in/out per Fargate task. TigerOps identifies tasks with unexpectedly high egress, which can indicate chatty services or data exfiltration anomalies.

OOMKill Detection

Fargate task OOMKill events captured from ECS stopped task events. TigerOps surfaces OOMKill incidents with the memory usage trend leading up to the kill and the task definition memory limit.

Task Right-Sizing

Peak CPU and memory usage per task definition tracked over 30 days. TigerOps surfaces over-provisioned task definitions and estimates the monthly cost saving from reducing CPU or memory limits.

Fargate Spot Interruption Tracking

Fargate Spot task interruption events from EventBridge are tracked and correlated with service-level task count changes. TigerOps helps you understand the impact of Spot interruptions on service availability.

AI Workload Anomaly Detection

TigerOps AI baselines CPU and memory patterns per task definition family and alerts on statistically unusual resource consumption — catching runaway tasks or memory leaks early.

Configuration

Fargate Sidecar Task Definition

Add the TigerOps sidecar to your Fargate task definitions for per-task metrics.

fargate-task-definition.json

{
  "family": "my-fargate-service",
  "networkMode": "awsvpc",
  "requiresCompatibilities": ["FARGATE"],
  "cpu": "512",
  "memory": "1024",
  "containerDefinitions": [
    {
      "name": "app",
      "image": "my-app:latest",
      "essential": true,
      "portMappings": [{"containerPort": 8080}]
    },
    {
      "name": "tigerops-agent",
      "image": "public.ecr.aws/atatus/tigerops-fargate-agent:latest",
      "essential": false,
      "environment": [
        {"name": "TIGEROPS_API_KEY", "value": "${TIGEROPS_API_KEY}"},
        {"name": "TIGEROPS_SERVICE_NAME", "value": "my-fargate-service"},
        {"name": "TIGEROPS_ENVIRONMENT", "value": "production"}
      ],
      "cpu": 64,
      "memory": 128,
      "logConfiguration": {
        "logDriver": "awslogs",
        "options": {
          "awslogs-group": "/ecs/tigerops-agent",
          "awslogs-region": "us-east-1",
          "awslogs-stream-prefix": "fargate"
        }
      }
    }
  ]
}

FAQ

Common Questions

How does TigerOps collect metrics from Fargate tasks without a host agent?

TigerOps uses the ECS task metadata endpoint v4, which is available inside every Fargate task environment. The TigerOps sidecar container calls this endpoint to collect CPU, memory, and network stats for the task and all its containers.

Does the TigerOps sidecar require elevated permissions in the Fargate task?

No. The TigerOps sidecar only needs access to the ECS task metadata endpoint, which is available to all containers in a task without any special permissions. No host mounts, privileged mode, or IAM task role changes are required.

Can TigerOps monitor both ECS on Fargate and EKS on Fargate?

Yes. For ECS on Fargate, TigerOps uses the ECS task metadata endpoint. For EKS on Fargate, TigerOps uses the EKS Fargate metrics API. Both are supported in the same TigerOps workspace with unified dashboards.

How does TigerOps help right-size Fargate task CPU and memory?

TigerOps tracks peak CPU and memory utilisation per task definition over 14 and 30-day windows. It computes the gap between the peak usage and the configured limit and presents a right-sizing recommendation with the estimated monthly cost impact.

Does TigerOps support AWS Fargate for EKS (Fargate profiles)?

Yes. For EKS Fargate pods, TigerOps collects metrics via the EKS Fargate metrics API and Fluent Bit log router for CloudWatch. These are displayed alongside ECS Fargate metrics in the same serverless container dashboard.

Get Started

Full Visibility Into Every Fargate Task

Per-task CPU, memory, and network metrics with right-sizing recommendations. Add the sidecar and you are done.

Start Free Talk to an Engineer

Explore More

Related Integrations

View all 275+ integrations