AWS Cloudwatch alarms repeated notifications to slack - amazon-web-services

I'm successfully deployed solution described in AWS blog that enables repeated notifications on CloudWatch Alarms utilizing the alarm’s state change event via Amazon EventBridge and AWS Step Function.
There is a site which describe this:
https://github.com/aws-samples/amazon-cloudwatch-alarms-repeated-notification-cdk
It is able to send valid e-mail notifications, but the problem is to send it to Slack channel. I was overwhelmed by the problem of an incorrect message format being sent to a slack channel.
I'm looking for solution which can send repeated notification to Slack or how to change that code.

Related

How to get forecasted AWS alerts/outages in email?

2 weeks back, I saw a notification in AWS saying, the one of the 3 AWS EC2 instance will be stopped because of the underlying hardware cause. I almost missed the dead line as I didn't the notification via email. Is there a way get these notification via email?
It would be much better if I can get the notifications using cloud watch to my email.
If you're on Business or Enterprise Support, AWS provides a solution named "AWS Health Aware" built on top of AWS Health API, it does exactly what you're after sends you notifications via several methods including emails regarding outages and planning maintenance that affect your account(s).
If you're on a Basic support plan you can easily built something similar yourself using based on [AWS Health events][2]
This is an example of capturing AWS Health events via EventBridge so they can be further send to a lambda or SNS
https://docs.aws.amazon.com/health/latest/ug/cloudwatch-events-health.html
What I've done in the is following:
Capturing AWS Health events via EventBridge in spoke accounts and forward them to the event bus in my hub account
In the hub account I would subscribe a lambda function for all events with source "aws.health" and then send email or slack message whatever works for you.
I think Amazon EventBridge is what you are looking for. With EventBridge you can detect and react to different events such as EC2 instances scheduled for updates. You can, for example, create a rule for detecting a specific health event and in the target section choose to receive an email through SNS or invoke a CloudWatch log group, etc. Read more here.

How to configure AWS Chatbot to deliver useful messages from Beanstalk to Slack?

We have an Elastic Beanstalk deployment and wanted to receive events into our Slack channel. We setup EventBridge and Chatbot to deliver notifications. Everything works, except the notifications are useless, because Chatbot does not map the message detail only the detail type, which does not tell much. See the attached image of a notification (cropped to cut out the region/account info), the message is not too useful without telling us what was the actual change, which is in the event received by EventBridge and sent to SNS, but not mapped by Chatbot when sending to Slack.
Even their example test notification demonstrates the same problem:
I checked the Chatbot documentation where they claim support for multiple services via EventBridge. I checked EventBridge documentation where they list Elastic Beanstalk among supported services.
I also subscribed and tested Health service notifications, which work just fine. See the example test notification below.
I could not find a way to configure Chatbot to do the right thing. I could write my own message transformer for certain events and call a Slack webhook instead of using Chatbot, but I wanted to avoid writing custom code here for now.
Does anyone know if it is possible to fix Beanstalk notifications that are sent from EventBridge to Chatbot then to Slack? Or is AWS working on supporting more service notifications and in the future this might start working as it should?
Thank you in advance.

aws calling lambda on cloudwatch alarm - Only email lists for this account are available

On AWS I'm trying to create a cloudwatch alarm that sends a notification to a sns topic that in turn triggers a lambda function that is subscribed to the topic, but have run into a bit of a snag in which my lambda is never triggered. I've followed several tutorials on how to do this, I've manually tested the sns -lambda connection and this is working as is attaching the notification trigger onto cloudwatch.
I've done this all through cloudformation.
I have also tried to configure it manually from the cloudwatch console and then noticed something strange. Underneath the Send a notification to select box as shown in the image below, there is a message which says Only email lists for this account are available. So I'm guessing from that, that somewhere in this account, there is a weird setting that needs to be changed?
Updated answer:
Is the CloudWatch alarm actually in the "Alarm" state? Can you add 2 more notifications to be triggered by the "OK" and "Insufficient data" state respectively?
by reading the original post, SNS should have the right permission to invoke the Lambda function.
previous answer:
That is a general message, it has nothing to do with your SNS topic settings. I reckon it's meant to say only emails opt-in to that SNS topic will get emails.
Q: How does Amazon SNS validate a subscription request to ensure that notifications will not be sent to users as spam?
As part of the subscription registration, Amazon SNS will ensure that notifications are only sent to valid, registered subscribers/end-points. To prevent spam and ensure that a subscriber end-point is really interested in receiving notifications from a particular topic, Amazon SNS requires an explicit opt-in from subscribers using a 2-part handshake:
i. When a user first calls the Subscribe API and subscribes an end-point, Amazon SNS will send a confirmation message to the specified end-point.
ii. On receiving the confirmation message at the end-point, the subscriber should confirm the subscription request by sending a valid response. Only then will Amazon SNS consider the subscription request to be valid. If there is no response to the challenge, Amazon SNS will not send any notifications to that end-point. The exact mechanism of confirming the subscription varies by the transport protocol selected:
For HTTP/HTTPS notifications, Amazon SNS will first POST the confirmation message (containing a token) to the specified URL. The application monitoring the URL will have to call the ConfirmSubscription API with the token included token.
For Email and Email-JSON notifications, Amazon SNS will send an email to the specified address containing an embedded link. The user will need to click on the embedded link to confirm the subscription request.
For SQS notifications, Amazon SNS will enqueue a challenge message containing a token to the specified queue. The application monitoring the queue will have to call the ConfirmSubscription API with the token.
Note: The explicit “opt-in” steps described above are not required for the specific case where you subscribe your Amazon SQS queue to your Amazon SNS topic – and both are “owned” by the same AWS account.

How to confirm a slack subscription to an aws SNS topic?

I have a lambda function that notifies an SNS topic.
It currently sends an email each time I invoke the function so the lambda, the SNS piece and the email subscription are all working ok.
Now I want a Slack Integration.
I've created a channel called aws_int but I can't get it to receive the notification.
I am stuck on the need to 'verify the subscription'. I don't see how I would do this in the https connection to slack.
I don't understand how to do it manually using the console in aws because all the documentation keeps referring to using the 'Subscription Confirmation URL'
I can't find what that is.
but I cannot find what that is.
I found a post talking about the JSON being invalid: Confirming AWS SNS Topic Subscription for Slack Webhook but I don't understand how I would use that, maybe I could use Postman but I am not sure exactly how to format that POST.
So how can I integrate Slack and aws for an SNS topic, specifically how can I do the confirmation (which is required in order to activate it). This has to be a common need!
If I use the hook URL I get
Everything I am trying is just stacking up more Pending Confirmations, which btw I cannot delete...
Here's my postman attempt...
You really DON'T need Lambda. Just SNS and SLACK are enough.
I found a way to integrate AWS SNS with slack WITHOUT AWS Lambda or AWS chatbot. With this approach you can confirm the subscription easily.
Follow the video which show all the step clearly.
https://www.youtube.com/watch?v=CszzQcPAqNM
Steps to follow:
Create slack channel or use existing channel
Create a work flow with selecting Webhook
Create a variable name as "SubscribeURL". The name
is very important
Add the above variable in the message body of the
workflow Publish the workflow and get the url
Add the above Url as subscription of the SNS You will see the subscription URL in the
slack channel
Follow the URl and complete the subscription
Come back to the work flow and change the "SubscribeURL" variable to "Message"
The publish the
message in SNS. you will see the message in the slack channel.
It doesn't look like there is a way to confirm an SNS subscription to a Slack endpoint (email, webhook, whatever). If you want to use SNS as a decoupling layer, you'll need to add a lambda into the system, which can handle the confirmation process.
Lambda -> webhook -> SNS -> Lambda -> webhook -> Slack
Confirming AWS SNS Topic Subscription for Slack Webhook has some more information about this.
I would recommend just using the Lambda to send a message to slack, either calling another dedicated lambda, or just internally to the original one. There's a good tutorial here. If you really want to use SNS, then you could use your original lambda to trigger SNS, then have a new slack-dedicated lambda subscribe to the SNS topic.

AWS - Send Scheduled Events notifications with text message or HipChat message

I know that the AWS sends emails about any EC2 instances with Scheduled Events, but I would also like to have these notifications sent through HipChat and text message as well. Is there a default way of selecting a setting that can do this in AWS? Or would I have to create a more custom solution to achieve this?
With Scheduled Events in EC2 being manual tool for monitoring health of instances as of right now, there isn't many options. From the design point of view on AWS platform, this could be one possible solution:
Create AWS SES mailbox and enable it to receive emails,
Create a forwarding rule in your original e-mail inbox where you receive those e-mail notifications from AWS about Scheduled Events to forward e-mails of this type (based on filter you define) to the previously created AWS SES mailbox,
In your AWS SES mailbox create "Receipt Rule" with SNS Action, that will basically publish entire content of the e-mail to the SNS Topic using AWS SNS. (The SNS topic you choose must be in the same AWS region as the Amazon SES endpoint you use to receive email)
Once that e-mail content lands in AWS SNS Topic as an event, you can use AWS Lambda subscribed to your SNS topic as a handler of the event, parse what you need and forward customized notification to any of your third-party (outside of AWS) alerting tools (such as PagerDuty, Slack channel, HipChat, or whatever you use for SMS notifications).
This design does have one week point: relying onto your external mailbox forwarding system (if you are receiving Scheduled Events e-mails in inbox not based on AWS SES).
Ideally you could try to see in your AWS Account settings if it is possible to use AWS SES mailbox for Scheduled Events notifications, but I haven't tried that.
You can receive text messages as notification by setting alarm for that ec2 instance e.g if CPU usages goes above 80% then create an alarm and eventually you can set it to get emails or text messages. Thanks