Ref - https://docs.aws.amazon.com/appconfig/latest/userguide/working-with-appconfig-extensions-about-predefined-notification-eventbridge.html
Based on the above documentation, by enabling EventBrdige extension for AWS AppConfig, we can get notifications from AppConfig on actions like ON_DEPLOYMENT_START, ON_DEPLOYMENT_COMPLETE.
I am trying to implement a pub/sub type architecture using EventBridge and SNS Topics. The idea is that services will request for latest configuration from App Config once they receive a ON_DEPLOYMENT_COMPLETE event. It seems straightforward for 'AllAtOnce' deployment strategy that we will get a notification when the deployment is complete.
I would like to know how the notifications work with other strategies like 'AppConfig.Linear50PercentEvery30Seconds' where we incrementally roll out deployments to a certain percentage of hosts.
Can somebody help me with this?
Thanks!
In the strategies like AppConfig.Linear50PercentEvery30Seconds or AppConfig.Canary10Percent20Minutes, we get only one complete notification, same as AllAtOnce
This is not specifically described, but there are sentences like "If no alarms are received in this time, the deployment is complete." in the doc
It seems there is no way to get notified when each growth factor ends.
Related
I am looking for a way to monitor any changes that occur to my production envrionment. Such as security group changes, ec2 create/stop/deletes, database changes, s3 bucket changes, route table changes, subnet changes, etc... I was looking at using cloudtrail for this and monitoring all api calls. However, when testing, my subscribed SNS topic was not receiving any notifications when i was making some changes for a test. Curious if anyone else has a work around for this or if I am missing something? Maybe lambda? Just looking for the easiest way to receive email notifications when any changes are made within my prod environment. Thank you.
If you're looking to audit the entire event history of AWS API calls then you would use CloudTrail, remembering to create a trail and enabling the options if you want to audit S3 or Lambda API calls.
By itself CloudTrail will provide auditing, but it can be combined with CloudWatch/EventBridge to automate actions based on specific API calls such as triggering a Lambda or triggering an SNS topic.
Regarding your own implementation so far using SNS always ensure you've accepted the subscription first on the subscriber(s).
In addition you can use AWS Config with many resources in AWS providing 2 benefits to you. You will be able to maintain a history of changes to you resources, whilst also being able to configure compliance and resolution rules for your resources.
For example say I build a workflow that uses 10 lambda functions that trigger each other and are triggered by a dynamodb table and an S3 bucket.
Is there any AWS tool that tracks how these triggers are tying together so I can easily visualize the whole workflow I’ve created?
Bang on, few months ago, I too was in a similar situation for my distributed architecture running on AWS.
So far, I have found the following options as possibilities. I'm still figuring out which is more suitable. But, hope this information helps you.
1. AWS-Native option :: Engineer your Lambda code to trigger Cloudwatch custom-metrics for any important events from within the code. Later, you may use Cloudwatch dashboard to visualize them.
2. Non-AWS options :: There are several of them, but all of them require you to engineer your code with their respective libraries / packages to transmit the needed information. Some of them support ASYNC invocations, so it shouldn't keep your master lambdas in the waiting state for log tracing.
IOPipe
Epsagon
3. Mix of AWS & Non-AWS :: This is a more traditional approach to our problem. You log events to Cloudwatch Logs (like how Lambda does it out of the box), "ingest" these logs into popular log management and analysis SaaS tooling to make sense between these logs via "pattern-matching" and other proprietary techniques.
Splunk Cloud
Datadog
All the best! Keep me posted how it is going.
cheers,
ram
If you use CloudFormation you can visualize the resource relations with CloudFormation Designer. However, if you don't have the resources in a CloudFormation stack, you can create one from all the existing resources.
So we spent almost 6 months in moving our current app stack from AWS to GCP and now we got stuck at the AWS-SNS part.
Apparently there seems to be no service in GCP stack that can simply provide a drop in replacement for SNS or did I miss something?
Right now everything is running perfectly fine on GCP and every call to SNS in the app is still using the old AWS account.
SNS is being used primarily to notify events occurring in the app like "batch completed successfully" or "export failed with xyz error".
What are our options here?
The closest SNS replacement in GCP is probably Cloud Pub/Sub, which provides a similar publish-subscribe messaging pattern.
This document shows how the topics and subscriptions work.
At present, GCP does not have a native / proprietary email or text message service. Instead, the recommendation is to use sendgrid for emails and twilio for messages. See the following articles that describe the usage of these services:
https://cloud.google.com/appengine/docs/standard/php/sms/twilio
https://cloud.google.com/appengine/docs/standard/php/mail/sendgrid
Is there a service available in AWS that can provide this functionality? This would be used to run recurring backend jobs like sending email blasts, monitoring health, etc.
The question is somewhat unspecific.
For monitoring and scheduling tasks you can use Amazon CloudWatch. Depending on what you want to do this may be or not be a good fit.
There are tutorials on scheduling AWS Lambda and Amazon ECS, but it supports lots of other targets as well. For example you could generate a SNS message and SNS could trigger some HTTP(S)/REST-Call doing your processing or you could write a message to SQS and your application polls that queue for getting triggered.
I have a process that uses AWS EMR to run a pyspark cluster.
I have a S3 location where all the process logs gets stored.
I want to understand that is there a way I can filter out ERROR logs and get them mailed to my inbox. I do not want to save any log file on my system.
Is there any python library which can help me monitor real time logs. I have seen the boto3 and EMR library, but I could not find a answer to my problem from there.
The EMR logs will likely be buffered up into chunks of a few minutes or some size before being written to S3 ( but full disclosure, that's based on experience with other AWS S3 logging systems, not EMR itself).
If I were attempting to solve this problem, I'd use an AWS Lambda function to execute python that would read the S3 logs line by line and filter for the lines matching ERROR, and then use SNS to send the logs to your email address. You can use S3 events to automatically trigger the Lambda when objects are written to the S3 logging location for EMR, so this is as close to realtime as you're gonna get.
The architecture I am suggesting looks something like this
EMR -> S3 -> Lambda -> SNS -> email inbox
The write of each EMR log to s3 triggers a lambda which uses boto3
to filter the log for error messages, sending alerts to an SNS topic for distribution to users.
It may seem like a lot of moving parts but it won't require much to maintain it and should cost you only a few cents a month more than the S3 storage is already costing you. And the effort for the whole thing is actually pretty small.
Furthermore, you won't need:
a place to execute your code, servers to manage, etc
nontrivial deployment model for your project
any parts not shown above, for that matter
And you'll get for free:
Monitoring in the form of
cloudwatch metrics for lambda,
s3 logs (should you enable them)
cloudwatch logs that store your function's execution windows and stdout.
Easy integration into alerting through cloudwatch Alarms ( these typically integrate well with Pager Duty and the like )
dead-simple exensibility, such as
SNS can send SMS messages to your phone
add more parsing options in the lambda and redeploy
expose cloudwatch metrics and add alarms for thresholds
write the summary to S3 for pre signed email or sms links, or further processing now or later
You could send the email yourself through SES or just manually with python, but I would rather use SNS so that the subscriptions to the topic can vary independently from the python code.
Lambdas are a little intimidating to start with, but they'll include the boto3 sdk by default (which should obviate the need for a zipfile with pip dependencies all together ), which will simplify creation.
For that matter, you can set all this stuff up in the AWS console if you like doing things by dragging mouse pointers around, or intend to do it only a few times, or you can express all if it in cloudformation if you need something repeatable.
http://docs.aws.amazon.com/lambda/latest/dg/with-s3.html
http://docs.aws.amazon.com/lambda/latest/dg/python-programming-model-handler-types.html
http://docs.aws.amazon.com/sns/latest/dg/welcome.html