Customize alarm message from AWS Cloudwatch - amazon-web-services

I got some alarm notifications from AWS Cloudwatch to my email but they are usually sent in a JSON format and the problem is that some of those emails are getting received by non-technical people in my company. I was wondering if that is possible to customize the emails sent by AWS SNS because I don't see any option in how to customize it.

If you are using Cloudwatch/Event/Rules then you can use "Input transfomer" to customize the contents of the email and then SNS will send that instead of JSON.
I am using this setup to get notified when user signs in AWS console.
In my case "Event Source" is "AWS Console Sign-in" but you can try with Cloudwatch and see if that gets you what you need.
See the screenshot, hope it helps.
https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/CloudWatch-Events-Input-Transformer-Tutorial.html
https://forums.aws.amazon.com/thread.jspa?messageID=820808

you trigger a lambda function from your SNS topic, take the event and either send it via SNS or SES. SES supports sending HTML mails, SNS just plain text mails.
I normally do the following approach:
Alarm -> SNS -> Lambda -> SES (HTML)
received by non-technical people in my company
I'd use a basic HTML template with buttons and nice looking text :-)
I created a post and a GitHub repository for that:
https://medium.com/#sandro_volpicella/how-to-customise-cloudwatch-alarm-notifications-with-lambda-ses-html-and-cdk-f0094b07fed6
https://github.com/AlessandroVol23/cloudwatch-custom-email-cdk

I don't think you can change the notifications from SNS sent via e-mail.
If you really need to customize them, you should look into SNS notifications via SES (Simple Email Service)

Related

aws calling lambda on cloudwatch alarm - Only email lists for this account are available

On AWS I'm trying to create a cloudwatch alarm that sends a notification to a sns topic that in turn triggers a lambda function that is subscribed to the topic, but have run into a bit of a snag in which my lambda is never triggered. I've followed several tutorials on how to do this, I've manually tested the sns -lambda connection and this is working as is attaching the notification trigger onto cloudwatch.
I've done this all through cloudformation.
I have also tried to configure it manually from the cloudwatch console and then noticed something strange. Underneath the Send a notification to select box as shown in the image below, there is a message which says Only email lists for this account are available. So I'm guessing from that, that somewhere in this account, there is a weird setting that needs to be changed?
Updated answer:
Is the CloudWatch alarm actually in the "Alarm" state? Can you add 2 more notifications to be triggered by the "OK" and "Insufficient data" state respectively?
by reading the original post, SNS should have the right permission to invoke the Lambda function.
previous answer:
That is a general message, it has nothing to do with your SNS topic settings. I reckon it's meant to say only emails opt-in to that SNS topic will get emails.
Q: How does Amazon SNS validate a subscription request to ensure that notifications will not be sent to users as spam?
As part of the subscription registration, Amazon SNS will ensure that notifications are only sent to valid, registered subscribers/end-points. To prevent spam and ensure that a subscriber end-point is really interested in receiving notifications from a particular topic, Amazon SNS requires an explicit opt-in from subscribers using a 2-part handshake:
i. When a user first calls the Subscribe API and subscribes an end-point, Amazon SNS will send a confirmation message to the specified end-point.
ii. On receiving the confirmation message at the end-point, the subscriber should confirm the subscription request by sending a valid response. Only then will Amazon SNS consider the subscription request to be valid. If there is no response to the challenge, Amazon SNS will not send any notifications to that end-point. The exact mechanism of confirming the subscription varies by the transport protocol selected:
For HTTP/HTTPS notifications, Amazon SNS will first POST the confirmation message (containing a token) to the specified URL. The application monitoring the URL will have to call the ConfirmSubscription API with the token included token.
For Email and Email-JSON notifications, Amazon SNS will send an email to the specified address containing an embedded link. The user will need to click on the embedded link to confirm the subscription request.
For SQS notifications, Amazon SNS will enqueue a challenge message containing a token to the specified queue. The application monitoring the queue will have to call the ConfirmSubscription API with the token.
Note: The explicit “opt-in” steps described above are not required for the specific case where you subscribe your Amazon SQS queue to your Amazon SNS topic – and both are “owned” by the same AWS account.

How to confirm a slack subscription to an aws SNS topic?

I have a lambda function that notifies an SNS topic.
It currently sends an email each time I invoke the function so the lambda, the SNS piece and the email subscription are all working ok.
Now I want a Slack Integration.
I've created a channel called aws_int but I can't get it to receive the notification.
I am stuck on the need to 'verify the subscription'. I don't see how I would do this in the https connection to slack.
I don't understand how to do it manually using the console in aws because all the documentation keeps referring to using the 'Subscription Confirmation URL'
I can't find what that is.
but I cannot find what that is.
I found a post talking about the JSON being invalid: Confirming AWS SNS Topic Subscription for Slack Webhook but I don't understand how I would use that, maybe I could use Postman but I am not sure exactly how to format that POST.
So how can I integrate Slack and aws for an SNS topic, specifically how can I do the confirmation (which is required in order to activate it). This has to be a common need!
If I use the hook URL I get
Everything I am trying is just stacking up more Pending Confirmations, which btw I cannot delete...
Here's my postman attempt...
You really DON'T need Lambda. Just SNS and SLACK are enough.
I found a way to integrate AWS SNS with slack WITHOUT AWS Lambda or AWS chatbot. With this approach you can confirm the subscription easily.
Follow the video which show all the step clearly.
https://www.youtube.com/watch?v=CszzQcPAqNM
Steps to follow:
Create slack channel or use existing channel
Create a work flow with selecting Webhook
Create a variable name as "SubscribeURL". The name
is very important
Add the above variable in the message body of the
workflow Publish the workflow and get the url
Add the above Url as subscription of the SNS You will see the subscription URL in the
slack channel
Follow the URl and complete the subscription
Come back to the work flow and change the "SubscribeURL" variable to "Message"
The publish the
message in SNS. you will see the message in the slack channel.
It doesn't look like there is a way to confirm an SNS subscription to a Slack endpoint (email, webhook, whatever). If you want to use SNS as a decoupling layer, you'll need to add a lambda into the system, which can handle the confirmation process.
Lambda -> webhook -> SNS -> Lambda -> webhook -> Slack
Confirming AWS SNS Topic Subscription for Slack Webhook has some more information about this.
I would recommend just using the Lambda to send a message to slack, either calling another dedicated lambda, or just internally to the original one. There's a good tutorial here. If you really want to use SNS, then you could use your original lambda to trigger SNS, then have a new slack-dedicated lambda subscribe to the SNS topic.

Confirming AWS SNS Topic Subscription for Slack Webhook

I am integrating SNS and Slack. I have created a slack app with incoming webhook enabled. I have got the webhook URL. I created a subscription for a SNS Topic with HTTPS protocol and set the Endpoint the webhookURL. Now the subscription is PendingConfirmation. I didnot receive any confirmation message, not in the destined channel.
How do I confirm the subscription?
You don't need to create a lambda function or create an HTTPS subscription with Slack.
On your slack channel, add the "email integration" app. Once done, Slack will provide you an email address with slack.com domain.
Emails sent to this address will be imported into your slack channel.
Then, on SNS create an email subscription and provide the slack email above.
The reason you're not seeing it in Slack is because the default JSON format for SNS messages doesn't conform to the format required by Slack:
You have two options for sending data to the Webhook URL above:
Send a JSON string as the payload parameter in a POST request
Send a JSON string as the body of a POST request
For a simple message, your JSON payload could contain a text property at minimum. This is the text that will be posted to the channel.
As another user suggested you can use an AWS Lambda function to facilitate this. There are free, public solutions available already, such as this one (which I did not author, and have not used...only including as a reference point).
You can confirm the subscription WITHOUT lambda. It is easy.
I found a way to integrate AWS SNS with slack WITHOUT AWS Lambda or AWS chatbot.
Follow the video which show all the step clearly.
https://www.youtube.com/watch?v=CszzQcPAqNM
Steps to follow:
Create slack channel or use existing channel
Create a work flow with selecting Webhook
Create a variable name as SubscribeURL. The name is very important
Add the above variable in the message body of the workflow
Publish the workflow and get the url
Add the above Url as subscription of the SNS
You will see the subscription URL in the slack channel
Follow the URl and complete the subscription
Come back to the work flow and change the variable to Message
The publish the message in SNS. you will see the message in the slack channel.
You have create a lambda function that receives SNS feedback and POST it to your webhook URL.
When you create a subscription to your lambda topic you choose AWS Lambda as protocol and select the lambda that you just created.
More info about it here: https://medium.com/cohealo-engineering/how-set-up-a-slack-channel-to-be-an-aws-sns-subscriber-63b4d57ad3ea
I might be late on this topic but you can configure AWS Chatbot (slack application) to send all the notifications to your slack.
More info here : https://aws.amazon.com/chatbot/

How do I Create a CloudWatch Email Alert With Custom Content?

I am trying to edit an AWS CloudWatch alert that sends an email to my team such that custom content is sent in the email. Currently, all email alerts contain only auto-generated content. The email content contains the reason for the alert, a link to the alarm in the AWS console, and sections for Alarm Details, Threshold, and Monitored Metric. However, I want to add custom content listing likely causes of the alert and procedures to execute when receiving the alert. Does anybody know how custom content can be added to a CloudWatch alert email?
I have read existing AWS CloudWatch Alarm documentation such as How to Create/Edit a CloudWatch Alarm, and How to create a CPU Usage Alarm that Sends an Email. I have also tried various Google searches and searches for existing questions here on SO but to no avail. Any help/advice would be greatly appreciated.
You can setup a Lambda trigger to the alarm and send an email using AWS SES SMTP credentials, creating a formatted email content with alarm trigger event data.
You can flow the document you mentioned above: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/US_AlarmAtThresholdEC2.html
Choose existing SNS topic or create new one, after that enter slack email and when have any alarms will be sent to Slack channel that was integrated Email app by you
xxxxxxxxxx#x.slack.com you can use add Email App in Slack like icon below

AWS - Send Scheduled Events notifications with text message or HipChat message

I know that the AWS sends emails about any EC2 instances with Scheduled Events, but I would also like to have these notifications sent through HipChat and text message as well. Is there a default way of selecting a setting that can do this in AWS? Or would I have to create a more custom solution to achieve this?
With Scheduled Events in EC2 being manual tool for monitoring health of instances as of right now, there isn't many options. From the design point of view on AWS platform, this could be one possible solution:
Create AWS SES mailbox and enable it to receive emails,
Create a forwarding rule in your original e-mail inbox where you receive those e-mail notifications from AWS about Scheduled Events to forward e-mails of this type (based on filter you define) to the previously created AWS SES mailbox,
In your AWS SES mailbox create "Receipt Rule" with SNS Action, that will basically publish entire content of the e-mail to the SNS Topic using AWS SNS. (The SNS topic you choose must be in the same AWS region as the Amazon SES endpoint you use to receive email)
Once that e-mail content lands in AWS SNS Topic as an event, you can use AWS Lambda subscribed to your SNS topic as a handler of the event, parse what you need and forward customized notification to any of your third-party (outside of AWS) alerting tools (such as PagerDuty, Slack channel, HipChat, or whatever you use for SMS notifications).
This design does have one week point: relying onto your external mailbox forwarding system (if you are receiving Scheduled Events e-mails in inbox not based on AWS SES).
Ideally you could try to see in your AWS Account settings if it is possible to use AWS SES mailbox for Scheduled Events notifications, but I haven't tried that.
You can receive text messages as notification by setting alarm for that ec2 instance e.g if CPU usages goes above 80% then create an alarm and eventually you can set it to get emails or text messages. Thanks