To create an alarm for Site-to-Site VPN connection state

  1. Open the CloudWatch console at https://console.aws.amazon.com/cloudwatch/.
  2. In the navigation pane, choose AlarmsCreate alarm.
  3. Choose Select metric.
  4. Choose VPN, then choose VPN Connection Metrics.
  5. Select your Site-to-Site VPN connection and the TunnelState metric. Choose Select metric.
  6. For Statistic, specify Maximum.

    Alternatively, if you've configured your Site-to-Site VPN connection so that both tunnels are up, you can specify a statistic of Minimum to send a notification when at least one tunnel is down.

  7. For Whenever, choose Lower/Equal (<=) and enter 0 (or 0.5 for when at least one tunnel is down). Choose Next.
  8. Under Select an SNS topic, select an existing notification list or choose New list to create a new one. Choose Next.
  9. Enter a name and description for your alarm. Choose Next.
  10. Check the settings for your alarm, and then choose Create alarm.