I have created AWS Cloudwatch Alarm on a Target group for my Elastic Load Balancer.
Once the alarm state goes from OK to Alarm it is should send notification to an AWS SNS Topic with a Lambda function as subscriber.
What I have tested:
The lambda function works with a dummy SNS event
Publishing a test message to the SNS Topic results in all subscribers being notified
The CloudWatch Alarm successfully goes into state Alarm.
The CloudWatch Alarm History says "2019-08-04 13:18:00 Action Successfully executed action arn:arn:aws:sns:eu-west-1:something"
It seems like there is something wrong in the link between the CloudWatch Alarm and the SNS Topic. The SNS topic Access Policy has been configured to "Everyone" and still no luck.
The exact settings on my CloudWatch Alarm
Threshold
UnHealthyHostCount > 0 for 1 datapoints within 1 minute
ARN
arn:aws:cloudwatch:eu-west-1:xxxxx:alarm:awsapplicationelb-targetgroup-API-Workers-xxxxxx-High-Unhealthy-Hosts
Namespace
AWS/ApplicationELB
Metric name
UnHealthyHostCount
LoadBalancer
app/Backend-API-HTTPS/xxxxxx
TargetGroup
targetgroup/API-Workers/xxxxx
Statistic
Sum
Period
1 minute
Datapoints to alarm
1 out of 1
Missing data treatment
Treat missing data as bad (breaching threshold)
Percentiles with low samples
evaluate
The actions configured for this were selected from a list of "Select an existing SNS topic". I also tried configuring the topic ARN directly. In both cases the configuration of the actions are marked as valid by the AWS console.
Related
is there any elegant way to create a reacuuring alarms system to send sns notifications as long as the cloudwatch alarm is in ALARM status ?
i've searched the internet but most of the solutions are pretty complicated for a simple task
You could create a simple process like this:
Create AWS Cloudwatch scheduled events: https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/Create-CloudWatch-Events-Scheduled-Rule.html
These scheduled events should trigger a Lambda
The Lambda function should check the alarm status. if the status is ALARM, trigger SNS to send a notification
Hi came to know that I can enable AWS cloud watch alarm for AWS EC2 spot intance if there is intrputtion for termination notice, here is more details
Now CloudWatch users can setup a rule that automatically sends the EC2
Spot two-minute warning to an SNS topic to get a push notification.
I have no clue how to setup SNS topic to get intrputtion for termination notice?
Create an SNS topic and subscribe to this topic to get notifications.
Create a CloudWatch Event Rule to trigger an action whenever a spot instance is terminated.
Configure your event as shown in the screenshot below.
Select SNS Topic as the target and enter the ARN of the topic you created.
How can i notify a result of lambda when status OK(normal) and NG both?
I set a alarm on cloudwatch when status NG. It was working.
But when i got OK(normal) status, i couldn't get notify email.
I set up custom metrics by lamda result log when OK(normal) status on cloudwatch alarm.
Is it possible on alarm?
Is there an any simple way?
It sounds like your requirements are:
Trigger an AWS Lambda function when a CloudWatch alarm enters the ALARM state
Trigger an AWS Lambda function when a CloudWatch alarm enters the OK state
Each AWS CloudWatch alarm can be configured with multiple Actions.
Therefore, you can create one Action for ALARM and another action for OK:
The CloudWatch Alarm can send a notification to an Amazon SNS topic. The AWS Lambda function can subscribe to the SNS topic and will be triggered when the alarm sends the notification to SNS.
I would like to send out alerts and create logs any time an instance is created within an aws account. The instances in the account are mostly static and are rarely changed, so an alert should go off when an unauthorized change is made.
How can I create a cloudwatch alarm that can do this?
I can think of 2 options:
Option 1 - You write code
Enable CloudTrail
Have S3 trigger a Lambda function for PutObject (gets triggered whenever CloudTrail delivers events)
Write a Lambda function that reads the passed S3 object, looks for RunInstances event and sends a mail including instance name, instance id, who launched the instance etc., using AWS SES
You pay for CloudTrail+S3 only (SES cost is negligible)
Option 2 - Let AWS do everything
Enable CloudTrail
Have CloudTrail logs delivered to CloudWatch
Add an alarm in CloudWatch to send you an alert using SNS when CloudWatch detects RunInstances
You pay for CloudTrail+S3+CloudWatch
More info: Sending Events to CloudWatch Logs
I'm using an AWS Lambda (hourly triggered by a Cloudwatch rule) to trigger the creation of an EMR cluster to execute a job. The EMR cluster once finished its steps write a result file in a S3 bucket. The key path is the hour of the day
/bucket/2017/04/28/00/result.txt
/bucket/2017/04/28/01/result.txt
..
/bucket/2017/04/28/23/result.txt
I wanted to put some alert in case for some reason the EMR job failed to create the result.txt for the hour.
I have already put some alerts on the Lambda invocation count and on the lambda error count but I didn't manage to find the appropriate alert to test that the EMR actually correctly finishes its job.
Note that the Lambda is triggered every 3 min past the hour and takes about 15 minutes to complete. Would a good solution be to create an other Lambda that is triggered every 30min past the hour and checks that the correct key is present in the bucket? if not then write some logs to cloudwatch that I could monitor and use them to create my alert?
What other way could I achieve this alerting?
S3 offers free metrics on object count per bucket, but doesn't publish often enough for your use case.
CloudWatch Alarm on S3 Request Metrics
For a cost, you can enable CloudWatch metrics for S3 requests to enable request metrics that write data in 1-minute periods. You could, for example, create a relevant alarm on the following S3 CloudWatch metrics:
PutRequests sum <= 0 over each hour
4xxErrors sum >= 1 over 1 minute
5xxErrors sum >= 1 over 1 minute
The HTTP status code alarms on much shorter intervals (down to 1 minute), will offer feedback nearer to when these failures occur.
CloudWatch Alarm on Put Events
If you don't want to incur the cost of S3 request metrics, you could instead configure an event to publish a message to an SNS topic on S3 put. You can use CloudWatch to set up alerting on the sum of messages published (or lack thereof).
You could then create a CloudWatch alarm based on this topic failing to publish a message.
Dimensions: TopicName = YOURSNSTOPIC
Namespace: AWS/SNS
Metric Name: NumberOfMessagesPublished
Threshold: NumberOfMessagesPublished <= 0 for 60 minutes (4 periods)
Statistic: Sum
Period: 15 minutes
Treat missing data as: breaching
Actions: Send notification to another, separate SNS topic that sends you an email/sms, or otherwise publishes to some alerting service.
Discussion
Note that both CloudWatch solutions have the caveat that they won't fire alerts exactly at 30 minutes past the hour, but they will capture your entire monitoring period.
You may be able to further configure from these base examples by adjusting your period or how cloudwatch treats missing data to get better results.
A lambda that triggers 30 minutes past the hour (via cron-style scheduling) to check S3 request metrics or the SNS topic's "NumberOfMessagesPublished" metric instead of relying on CloudWatch alarms could also accomplish this. This may be a better alternative if firing exactly 30 minutes past the hour is important, as the CloudWatch alarm's firing time will not be as precise.
Further Reading
AWS Documentation - Configuring Amazon S3 Event Notifications
AWS Documentation - SNS CloudWatch Metrics
AWS Documentation - S3 CloudWatch Metrics