CloudWatch Metric Guide

AWS/EC2/CPUUtilizationPercent

CPUUtilizationAmazon EC2 CloudWatch metric

Q: Which CloudWatch namespace does CPUUtilization belong to?

CPUUtilization is published in the AWS/EC2 namespace with a unit of Percent. You can find it in the CloudWatch console under "Metrics" → "AWS/EC2". See the Amazon EC2 CloudWatch metrics reference in the AWS documentation.

Q: Does Nuberio automatically create CloudWatch alarms for CPUUtilization?

Nuberio does not create alarms for you by default — it debugs the alarms you already have (or identifies missing ones). The free Nuberio Audit scans your CloudWatch setup and tells you which Amazon EC2 resources are missing a CPUUtilization alarm. Nuberio Watch then monitors CPUUtilization using z-score anomaly detection against a 30-day baseline, running 9 verification checks before alerting you.

Q: Can I use Nuberio without already having a CPUUtilization alarm set up?

Yes. Nuberio Watch monitors CPUUtilization independently of your CloudWatch alarm configuration — it reads the metric directly from CloudWatch every 5 minutes on the Growth plan. If you run the free Audit first, it will tell you which resources need a CPUUtilization alarm and provide the copy-paste AWS CLI command to create it.

CPUUtilization measures the percentage of allocated EC2 compute units (vCPUs) that are in use on the instance, as reported by the hypervisor.

Audit your AWS for free Learn about Nuberio Watch

What it measures

About CPUUtilization

CPUUtilization measures the percentage of allocated EC2 compute units (vCPUs) that are in use on the instance, as reported by the hypervisor.

Namespace	AWS/EC2
Metric name	CPUUtilization
Unit	Percent
AWS docs	Official Amazon EC2 metrics reference

Why this metric matters

EC2 CPUUtilization is the most commonly monitored metric and the most commonly misconfigured alarm. The problem isn't knowing that high CPU is bad — it's knowing the difference between a legitimate utilization plateau and a runaway process. An instance running at 75% CPU doing useful work is healthy; an instance at 75% CPU because a cron job is stuck in an infinite loop is not.

For T3 and T3a instance families (burstable instances), CPU credits add a layer of complexity. The instance can burst above its baseline rate using accumulated credits. When credits are exhausted, CPU is hard-throttled to the baseline — an instance might drop from 80% to 20% effective CPU capacity instantly, causing severe application latency degradation without the CPUUtilization metric showing an obvious anomaly.

Recommended alarm threshold for CPUUtilization

Recommended threshold

> 80% for 15 consecutive minutes

A 15-minute sustained evaluation period (ConvOps recommendation) avoids alarming on brief CPU spikes caused by deployment, scheduled tasks, or garbage collection. For T-series burstable instances, add a separate alarm on CPUCreditBalance < 10 to catch credit exhaustion before the hard throttle takes effect. The 80% threshold balances alarm sensitivity against false positive rate for general workloads.

Is your CPUUtilization alarm already set up correctly?

The free Nuberio Audit scans your CloudWatch setup and flags missing or misconfigured alarms — including CPUUtilization — in 5 minutes.

Run a free audit →

Common failures that show up in CPUUtilization

When CPUUtilization reaches an alarm threshold, these are the most common root causes — in order of how often Nuberio sees them across customer AWS accounts.

Runaway process — a background job, cron task, or zombie process consumes CPU indefinitely without completing
Missing database index — a slow query forces the application to do CPU-intensive table scans rather than index lookups
Sudden traffic spike — application receives a volume of requests beyond its designed capacity, all of which require CPU-bound processing
CPU credit exhaustion on T-series instances — burstable instance runs above baseline for too long, exhausts credits, and gets throttled to baseline rate
Cryptographic operations under load — TLS termination, password hashing, or encryption operations consume more CPU than expected at scale

How Nuberio debugs CPUUtilization alarms

When CPUUtilization triggers an alarm, Nuberio Diagnose reads CloudWatch Logs, CloudTrail (recent API calls, deploys, config changes), and the current resource state in parallel. It correlates these with AWS/EC2 metrics on the same resource — giving you a plain-English root cause with numbered fix options, sent to WhatsApp or Slack, usually within 60 seconds of the alarm firing.

Before any anomaly in CPUUtilization reaches you as a proactive alert (via Nuberio Watch), it passes through 9 verification checks: a Recovery check (did the metric self-heal?), an AWS Status check (is AWS itself having an incident?), a Deploy check (was there a recent Lambda update, ECS deploy, or RDS parameter change in the last 120 minutes?), a Quota check, an Infrastructure check, a Security check, a Flap check (has this metric been anomalous more than 5 times in the last 24 hours?), a TLS check, and a Vulnerability check. Only anomalies that pass all relevant checks reach you — with full context attached.

Nuberio Watch

Detects CPUUtilization anomalies with z-score against 30-day time-bucketed baselines. 9 verification checks before any alert.

Nuberio Diagnose

When a CPUUtilization alarm fires, reads logs, CloudTrail, and resource state. Sends root cause + fix options to WhatsApp or Slack.

Nuberio Audit

Scans your CloudWatch setup for missing or misconfigured CPUUtilization alarms. Free, 5-minute read-only scan.

See how Nuberio debugs your AWS →

Related Amazon EC2 metrics

CPUUtilization rarely fails in isolation. These metrics tend to correlate — monitor them together for complete Amazon EC2 coverage.

NetworkIn alarm guide NetworkOut alarm guide StatusCheckFailed alarm guide

FAQ

Frequently asked questions about CPUUtilization

Common questions about setting up CloudWatch alarms for CPUUtilization in Amazon EC2.

What is the recommended CloudWatch alarm threshold for CPUUtilization?+

> 80% for 15 consecutive minutes. A 15-minute sustained evaluation period (ConvOps recommendation) avoids alarming on brief CPU spikes caused by deployment, scheduled tasks, or garbage collection. For T-series burstable instances, add a separate alarm on CPUCreditBalance < 10 to catch credit exhaustion before the hard throttle takes effect. The 80% threshold balances alarm sensitivity against false positive rate for general workloads.

Which CloudWatch namespace does CPUUtilization belong to?+

CPUUtilization is published in the AWS/EC2 namespace with a unit of Percent. You can find it in the CloudWatch console under "Metrics" → "AWS/EC2". See the Amazon EC2 CloudWatch metrics reference in the AWS documentation.

Does Nuberio automatically create CloudWatch alarms for CPUUtilization?+

Nuberio does not create alarms for you by default — it debugs the alarms you already have (or identifies missing ones). The free Nuberio Audit scans your CloudWatch setup and tells you which Amazon EC2 resources are missing a CPUUtilization alarm. Nuberio Watch then monitors CPUUtilization using z-score anomaly detection against a 30-day baseline, running 9 verification checks before alerting you.

Can I use Nuberio without already having a CPUUtilization alarm set up?+

Yes. Nuberio Watch monitors CPUUtilization independently of your CloudWatch alarm configuration — it reads the metric directly from CloudWatch every 5 minutes on the Growth plan. If you run the free Audit first, it will tell you which resources need a CPUUtilization alarm and provide the copy-paste AWS CLI command to create it.

This page is part of the CloudWatch metric guide — thresholds and debugging guidance for every metric across RDS, Lambda, ECS, ALB, EC2, and DynamoDB. To find which Amazon EC2 alarms your account is missing — including CPUUtilization — run the free CloudWatch alarm audit. The scan takes under 5 minutes and requires no account.