Hi there I'm creating an alarm which I want to post to an SNS topic which triggers a lambda. I do not want the alarm to email anyone. However, i am repeatedly getting errors such as the following:
(Warning: this alarm is not configured to notify. Please modify this alarm and add an email address.)
Do I have to specify an email address?
This might be related to the way that the Alarm was created on the Scaling Policy.
When an Amazon SNS topic already exists and an Alarm is created on a Scaling Policy, the UI looks like this:
This allows an existing SNS topic to be selected.
However, when there is no SNS topic and the user clicks create topic, the UI looks like this:
It is possible that the interface is using the 2nd configuration and the "with these recipients" field is empty.
If so, you can cancel that selection and choose the SNS topic from the drop-down list.
Related
I'm pretty new to AWS but I did some research about my issue and I couldn't find an answer anywhere so hopefully someone can help me with this.
I would like to be notified on Slack whenever someone logs in with a Root account on any of my AWS accounts. I have set up Cloudtrail at the Organisation level to monitor cloudtrail logs on all my AWS account. I have set up a Cloudwatch alarm to trigger whenever a root account is used, the alarm is then sent to a SNS topic that sends it to a Lambda that triggers a message to Slack.
All of this is working fine. However, the message I receive from SNS is basically the following: The alarm (root_login) has been trigerred
Ideally I would want to receive the Cloudwatch event that shows me more information like the IP Address of the user, the AWS account where it occured, etc...
Basically I would like to receive the Cloudwatch event log to the lambda instead of the Cloudwatch alarm trigger. Is that something that is possible?
Thanks
Yes that is possible. Here are some instructions from the AWS site on the aws-sns-to-slack-publisher. The page contains the steps you need to take to deploy .
Here is an example of publishing a health event to slack.
You will ofcourse need to modify the code to meet your requirements.
We have created different config rules for different resources in our AWS account. We have enabled the SNS subscription for the alerts. However, I want to add a filter policy to the subscription that it should give the alerts only for one specific configRule.
Can you please help me how to add filter policy for one specific configRule
Sadly you can't do this from SNS subscription level. This is because filter policies work only on message attributes, not message body.
The way around this, is to subscribe a lambda function to your SNS topic. The lambda would get the messages from the AWS Config, parse them, and distribute to other msg specific topics or other resources. Since its lambda function, you could program it to do pretty much anything what you want, including rising some alarms.
I am new with AWS and I m trying to find a way to get alarms from cloud watch. I set up an SNS topic and set a server endpoint but I relize that this needs confirmation of subscription.Do you know how to set up the webhook or if there is a call for getting alarms?
Go to CloudWatch
Choose Alarms from the left menu
Create Alarm
Select your metric
Specify metric and conditions then next
In the Configure actions part you may select an SNS Topic from the dropdown list.
Fill name, description on the next step
Preview and create.
Edit:
For subscription part; i've created a topic and a lambda for it's subscription which will get SNS event and send it to slack. There are other options such as http(s) calls, email, sms etc.
I am trying to get lambda in another account to get it invoked by RDS instance event notifications.
RDS event subscription is set to invoke SNS topic which triggers lambda in other account.
I have setup an entire stack using cloudformation. Things I achieved so far are
RDS events are able to invoke SNS topic, I have tested it using creating email subscription to SNS topic
SNS topic is able to trigger lambda in another account. I have tested it using publish messages in SNS topic. I can see that is flowing through in cloudwatch logs.
Part I am not able to get working is, RDS events triggering SNS and then Lamba in other account. Its very strage as individual bits are working fine but not end to end. Other observation is status of the SNS subscription in RDS events is shown as Active and I can see subscription log in lambda but nothing happens after I reboot RDS instance to test.
Also, I see this bizzare behaviour that subscription status is set to Null.
I followed below links for reference
https://jimmythompson.co.uk/blog/sns-and-lambda/
https://medium.com/pablo-perez/infrastructure-as-a-code-should-not-be-imperative-43d9a64e3998
Is there something I am missing? Any help is much appreciated.
I am trying to create CloudWatch alarms in N. California region because that is where my EC2s are.
I want to send a notification to an SNS topic that supports both email and SMS, which n. california does not, so I created an SNS topic in Oregon instead which supports both.
The topic does not appear in the "Send Notification To:" dropdown, reading online it seems like i'm supposed to be able to click 'enter list' and put in an ARN from another region, however when I do this I get an error saying:
Error:
There was an error saving the alarm. Please try again.
Cross region SNS will not be available to be configured for CloudWatch alarm notifications.
Alternatively, the following steps will help you achieve the same though not a fancy way of doing.
Configure a SNS in the same region and configure CloudWatch to send alarm notifications to this SNS in the same region
Subscribe a Lambda as a consumer for this SNS to listen and process the events sent from CloudWatch
The Lambda will reside in the same region which will receive the event from local SNS and publish (literally forward) the message (using SNS publish method) to the SNS in a different region.
The SNS in other region can have SMS and/or email subscriptions.