Amazon CloudWatch is an inexpensive way to monitor your solution in AWS and due to the extensive set of metrics provided for every AWS service out of the box, it’s easy and quick to adopt. Granted it’s not going to replace your enterprise monitoring solution overnight, but for those who haven’t got the time or justification to spin up their own Nagios/Zabbix/OpsView solution it can do basic event monitoring and alerting.
It’s fairly legacy these days to use hardcoded IAM Access Key ID and Secret Access Key values to call the AWS API, which has spawned a variety of different ways to obtain and utilise IAM credentials. Wait, what’s wrong with hardcoded credentials? The issues are numerous, some of which have come to the surface because of data breaches. See Dev put AWS keys on Github or leaked access keys resulting in a $6,000 bill for starters.