we have an aws account with some s3 buckets that are used by several people. I would like to know if there is a way, and if so which ones, to configure an sns notification by email when a restore from s3 glacier deep archive is completed so that this email goes to the person who initiated the retrieval ?
Yes, there in fact there are multiple ways to accomplish this. What you would want to do is to create an Event Notification for your bucket. This can be found in the console by going into the bucket Properties and pressing the Create Event Notification button.
You will be prompted to select the type of action for which you want to send notifications. You would want to select s3:ObjectRestore:Completed:
You will need destination for your events. For sending emails, one option would be to create an SNS topic and use that as a destination. This topic can be integrated with Amazon Simple Email Service (SES) which will be able to send mails.
Other option would be to select a Lambda function as destination and use that to send emails and do other automations.
the problem is more, how as an admin can I configure the sending of mail to the user who initiated the restoration and only to him
In this case you would want to enable Event Bridge integration for your bucket. If you enable it, it will send events which contain requester who initiated the restore for an object (see event full event format here). Event Bridge can be also integrated with SNS or Lambda.
Related
I am looking for ideas on how to set the recipient of PagerDuty alerts.
To give some context, I have an aws config rule that publishes a new event into an SNS topic, via EventBridge, each time the config rule is non-compliant then I have PagerDuty subscribed to the sns topic; PagerDuty successfully receives the alerts and forward them to the alert recipients, no issue is here.
My question is this: is it possible to set the recipient of the PagerDuty Alert based on the event that triggers the alert?
I am thinking about using lambda to query CloudTrail to extract the email address of the user initiating the event that causes the aws config to become non-compliant, but not sure how to set that email address as the recipient of the PagerDuty notification.
Is this even possible? or is there a better way to approach it?
Thanks in advance
Some options for thought:
Depending on the size of your instance you could build a specific service for each of the possible recipients. Either using the lambda you mentioned to control which service the alert is routed to. Or, alternatively, using a PagerDuty global Ruleset (or event orchestration) to route the alert based on its contents.
This doesn't need a much setup initially but the tradeoff is that it quickly becomes unwieldly at scale.
https://support.pagerduty.com/docs/event-orchestration#global-orchestrations
I've also seen solutions that assign an escalation policy without a specific target to a service such as user account with no contact info. When an alert and incident are opened a webhook is sent to, for example, RunDeck and that tool takes action in PagerDuty. The correct recipient is assigned to the incident and requested to acknowledge.
The tradeoffs here are losing visual sight of who is on-call for a service and the lift to stand up RunDeck, a lambda, or some other listener to process the webhook event.
https://support.pagerduty.com/docs/event-orchestration#webhooks
https://www.pagerduty.com/integrations/rundeck-runbook-automation/
I'm trying to find a way using the AWS SDK API to grab the current contents of the event notifications block. This Event Notifications is under an S3 bucket and is dynamic with how many notifications there are. I want a way to send a request, have it return a list with the current notifications so I can verify that it's working through an automated test. I'm not sure how to do this currently via the API so any help would be appreciated!
Workflow: Javascript GET Request > S3 Bucket Event Notifications > Returns list of all event notifications tied to this bucket
[Example Picture of the Event Notifications contains a message][1]
[1]: https://i.stack.imgur.com/UGJgK.png
I have enabled the S3 notification create:* event for SNS sending to my email from AWS CLI in my Windows servers.
However, there are many notification emails received from the SNS after I copied 10000+ local files such as xml, html, jpg to the S3. Because of creating the folder or the files, it is going to send the event with per creating file request to SNS.
I search the topic discussed in Edit event notification prefix and suffix and I think it just partially works on folder and file.
How can just receive one notification email that indicates it's starting the copy job?
How can just receive one notification email that indicates it's starting the copy job?
You can't. This is not how S3 notifications work. You would have to develop custom solution to that. Maybe instead of SNS, have a lambda function to get triggered. The function would somehow verify if this is the first file being uploaded, and send out email only for that file.
I know that the AWS sends emails about any EC2 instances with Scheduled Events, but I would also like to have these notifications sent through HipChat and text message as well. Is there a default way of selecting a setting that can do this in AWS? Or would I have to create a more custom solution to achieve this?
With Scheduled Events in EC2 being manual tool for monitoring health of instances as of right now, there isn't many options. From the design point of view on AWS platform, this could be one possible solution:
Create AWS SES mailbox and enable it to receive emails,
Create a forwarding rule in your original e-mail inbox where you receive those e-mail notifications from AWS about Scheduled Events to forward e-mails of this type (based on filter you define) to the previously created AWS SES mailbox,
In your AWS SES mailbox create "Receipt Rule" with SNS Action, that will basically publish entire content of the e-mail to the SNS Topic using AWS SNS. (The SNS topic you choose must be in the same AWS region as the Amazon SES endpoint you use to receive email)
Once that e-mail content lands in AWS SNS Topic as an event, you can use AWS Lambda subscribed to your SNS topic as a handler of the event, parse what you need and forward customized notification to any of your third-party (outside of AWS) alerting tools (such as PagerDuty, Slack channel, HipChat, or whatever you use for SMS notifications).
This design does have one week point: relying onto your external mailbox forwarding system (if you are receiving Scheduled Events e-mails in inbox not based on AWS SES).
Ideally you could try to see in your AWS Account settings if it is possible to use AWS SES mailbox for Scheduled Events notifications, but I haven't tried that.
You can receive text messages as notification by setting alarm for that ec2 instance e.g if CPU usages goes above 80% then create an alarm and eventually you can set it to get emails or text messages. Thanks
Is there a way by which I can get notified when a upload is completed in S3 Bucket? The requirement is that I need to provide link to users after uploading of a video is complete in the bucket. By default now I provide link after 30 minutes of start of video, whether video takes 5 minutes to upload or 40 minutes. So is there any way like any API that provides information that the upload has been completed?
Notifications can be triggered in Amazon S3 when any of the following occur:
s3:ObjectCreated:*
s3:ObjectCreated:Put
s3:ObjectCreated:Post
s3:ObjectCreated:Copy
s3:ObjectCreated:CompleteMultipartUpload
s3:ObjectRemoved:*
s3:ObjectRemoved:Delete
s3:ObjectRemoved:DeleteMarkerCreated
s3:ReducedRedundancyLostObject
Notifications can be sent via three destinations:
Amazon Simple Notification Service (SNS), which in-turn can send notifications via email, HTTP/S endpoint, SMS, mobile push notification
Amazon Simple Queueing Service (SQS)
Amazon Lambda (not currently available in all regions)
See: Configuring Amazon S3 Event Notifications
The most appropriate choice depends on your programming preference and how your app is written:
Use SNS to push to an HTTP endpoint to trigger some code in your app
Write some code to periodically check an SQS queue
Write a Lambda function in Node.js or Java
Once triggered, your code would then need to identify who uploaded the video, retrieve their user details, then send them an email notification. This would be easiest if you control the key (filename) of the object being uploaded, since this will assist in determining the user to notify.
You can use Amazon Lambda to post a message to Amazon SNS (or notify you any other way) when a file is uploaded to S3.
Setup an S3 trigger to your Lambda function. See this tutorial: http://docs.aws.amazon.com/lambda/latest/dg/walkthrough-s3-events-adminuser.html
Inside your Lambda function, send out your notification. You can use SNS, SES, SQS, etc.
There is no direct method that can tell that whether the upload is complete or not in S3 bucket. You can do a simple thing which I have followed after lot of research and it is working correctly.
Follow this link and read the size of file after every 30 seconds or so as per your requirement when the file size has not changed for two simultaneous readings once again check the size for surety because it might be due to network congestion that size might not have changed for two simultaneous readings.