AWS Beanstalk - SNS notification to Lambda when new environment gets created - amazon-web-services

I use a CF Template to create Beanstalk environments. I would like to trigger a Lambda code via SNS when an environment gets created so I can use the lambda to trigger a jenkins job with integration tests for the new environment.
Is there a way to send an SNS message after an env gets successfully created in Beanstalk? I already defined a topic the lambda code is subscribed to.
The beanstalk API allows you to define a notification endpoint.
http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/using-features.managing.sns.html
But what is this for if I can only specify an email address and I have to confirm subscription? How can I use it to trigger an SNS message automatically?
{
"OptionName": "Notification Endpoint",
"Namespace": "aws:elasticbeanstalk:sns:topics",
"Value": "no-reply#example.com"
},
{
"OptionName": "Notification Protocol",
"Namespace": "aws:elasticbeanstalk:sns:topics",
"Value": "email"
},
A workaround I found is a bit hacky. I create an EC2 instance at the end of the stack creation process and run some AWS commands to send an SNS notification via UserData shell. Is this the only way?

I'm answering my own question. I managed to figure out how to use SNS to trigger lambda code after a new Beanstalk env gets created.
I created an sns topic service-configurator
and added its ARN and name to the template.
{
"OptionName": "Notification Topic ARN",
"Namespace": "aws:elasticbeanstalk:sns:topics",
"Value": "arn:aws:sns:us-east-1:273218181234:service-configurator"
},
{
"OptionName": "Notification Topic Name",
"Namespace": "aws:elasticbeanstalk:sns:topics",
"Value": "service-configurator"
}
Next, I set the sns topic to be an event source for my lambda code.
Now, lambda gets triggered every time something happens to an environment ( instances added/removed, env created etc.)

While Configuring Notifications with Elastic Beanstalk does not provide a specific example for sending Amazon SNS notifications, email is simply the default for the resp. AWS Elastic Beanstalk option setting and you can also create subscriptions for most/all other protocols, see option aws:elasticbeanstalk:sns:topics:
Valid Values: http https email email-json sqs
Obviously AWS Lambda is not referenced there yet, but it is just another SNS protocol, so I would assume/hope that the table has simply not been updated yet and something like the following should just work accordingly (haven't tried it myself yet though):
{
"OptionName": "Notification Endpoint",
"Namespace": "aws:elasticbeanstalk:sns:topics",
"Value": "<Your Lambda function ARN>"
},
{
"OptionName": "Notification Protocol",
"Namespace": "aws:elasticbeanstalk:sns:topics",
"Value": "lambda"
},

Related

How to trigger a notification in AWS OpenSearch

I have created a Lambda which is triggered by an EventBridge rule that I created.
The purpose is for the Lambda to send a slack notification when an OpenSearch Service Upgrade is available.
I've tested the Lambda manually with a sample event and it works well, but I want to test it "for real" by getting a real OpenSearch instance to send a notification.
The OpenSearch domain I created is not sending notifications like I would expect it to.
I've created a new OpenSearch domain and used an old version of OpenSearch (1.0).
When I look at the OpenSearch domain I created in the AWS console, it shows the Version is OpenSearch 1.0 and there is an Upgrade Available (to 1.3).
However, this did not trigger a notification.
How do notifications get triggered? Would a notification only get triggered if a new Upgrade becomes available (e.g. 1.4) when my OpenSearch domain is already up and running?
Is there any way to force OpenSearch to trigger the notification?
I want OpenSearch to trigger a notification, which in turn is captured by EventBridge, and triggers my Lambda with an event like:
`
{
"version": "0",
"id": "01234567-0123-0123-0123-012345678901",
"detail-type": "Amazon OpenSearch Service Software Update Notification",
"source": "aws.es",
"account": "123456789012",
"time": "2016-11-01T13:12:22Z",
"region": "us-east-1",
"resources": [
"arn:aws:es:us-east-1:123456789012:domain/test-domain"
],
"detail": {
"event": "Service Software Update",
"status": "Available",
"severity": "Informational",
"description": "Service software update [R20200330-p1] available."
}
}
`

Edit AWS SNS message sent to Lambda

In my pipeline I have an event notification on an S3 bucket which triggers an SNS topic. That SNS topic in turn has a lambda function subscribed to it. I need the SNS topic to send a hard coded message body to the lambda because it get's used in that function.
Since the SNS topic publishes the message automatically when the S3 event notification is set off I am wondering if and how I can edit the message that gets sent to lambda?
To be clear: I want the same message sent every time. The goal is for lambda to get a variable which is only dependent on which topic the lambda was triggered from.
Currently I am building this through the UI but will eventually code it in terraform for production.
When Amazon SNS triggers an AWS Lambda function, the information it sends includes SNS TopicArn.
You could use that ARN to determine which SNS Topic triggered the Lambda function, and therefore which action it should process.
{
"Records": [
{
"EventSource": "aws:sns",
"EventVersion": "1.0",
"EventSubscriptionArn": "arn:aws:sns:us-east-1:{{{accountId}}}:ExampleTopic",
"Sns": {
"Type": "Notification",
"MessageId": "95df01b4-ee98-5cb9-9903-4c221d41eb5e",
"TopicArn": "arn:aws:sns:us-east-1:123456789012:ExampleTopic",
"Subject": "example subject",
"Message": "example message",
"Timestamp": "1970-01-01T00:00:00.000Z",
"SignatureVersion": "1",
"Signature": "EXAMPLE",
"SigningCertUrl": "EXAMPLE",
"UnsubscribeUrl": "EXAMPLE",
"MessageAttributes": {
"Test": {
"Type": "String",
"Value": "TestString"
},
"TestBinary": {
"Type": "Binary",
"Value": "TestBinary"
}
}
}
}
]
}
Rather than having Amazon S3 send a message to Amazon SNS directly, you might be able to configure an Amazon CloudWatch Events rule that triggers on object creation and sends a Constant as part of the message to Amazon SNS, like this:
If large files are being uploaded, you might also need to trigger it on CompleteMultipartUpload.\
You could also have the rule trigger the AWS Lambda function directly (without going via Amazon SNS), depending upon your use-case. A Constant can also be specified for this.

AWS Automated DBSnapshot (System) in CloudTrail event

I'm looking at triggering a lambda when a new automated DB Snapshot is available in RDS (System ones instead of Manual ones). Although after digging in CloudTrail, I don't see any events marked as follow (AWS Sample):
{
"version": "0",
"id": "844e2571-85d4-695f-b930-0153b71dcb42",
"detail-type": "RDS DB Snapshot Event",
"source": "aws.rds",
"account": "123456789012",
"time": "2018-10-06T12:26:13Z",
"region": "us-east-1",
"resources": ["arn:aws:rds:us-east-1:123456789012:db:mysql-instance-2018-10-06-12-24"],
"detail": {
"EventCategories": ["creation"],
"SourceType": "SNAPSHOT",
"SourceArn": "arn:aws:rds:us-east-1:123456789012:db:mysql-instance-2018-10-06-12-24",
"Date": "2018-10-06T12:26:13.882Z",
"SourceIdentifier": "rds:mysql-instance-2018-10-06-12-24",
"Message": "Automated snapshot created"
}
}
Thanks again if you know which AWS Events I should lookup for :)
Oli
Cloudtrail won't give you such information. I would go with the flow highlighted bellow
RDS (event notification) -> SNS -> Lambda
You need to have an SNS topic as source of your lambda, because RDS fans out its events to this service
Check what RDS document states
Amazon RDS uses the Amazon Simple Notification Service (Amazon SNS) to provide notification when an Amazon RDS event occurs
Regarding the notification itself, I could see that the DB snapshot event event bellow might be the one that you're looking for
Category
RDS event ID
Description
creation
RDS-EVENT-0091
An automated DB snapshot is being created.

AWS CodePipeline Notifications

I am trying to add some notifications to my Pipeline in AWS.
I have a build stage where I use AWS CodeBuild and I want to receive an email whenever the build fails.
I have followed the tutorial that amazon offers and it works fine to notify me about the failure, but I can't seem to find how to add the logs in the email.
I have created the following CloudWatch Event Rule, which monitors the execution of the entire Pipeline.
{
"source": [
"aws.codepipeline"
],
"detail-type": [
"CodePipeline Pipeline Execution State Change"
],
"detail": {
"state": [
"FAILED",
"SUCCEEDED",
"CANCELED"
],
"pipeline": [
"Pipeline_Trial"
]
}
}
Can anyone help me figure how to add the logs to this rule ?
The event from CodePipeline does not contain the CodeBuild logs so you can't pass this through to your email without something in the middle.
A solution could be to have your CloudWatch event target a Lambda function which looks up the logs via the CodeBuild / CloudWatch logs API. It can then generate the email including the logs and send the notification via SNS.

cloudwatch Alarm actions with multiple SNS topics usind cloudformation

HI im using below Resource using cloudformation
"SNSTopic1":{
"Default":"<prodteamarn>",
"Description":"ProdteamSNStopic",
"Type":"String"
},
"SNSTopic2":{
"Default":<featureteanarn>,
"Description":"featureteamSNStopic",
"Type":"String"
},
"Resources":{
"SpilloverCountAlarm":{
"Properties":{
"AlarmActions":[
{
"Ref":"SNSTopic1"
},
{
"Ref":"SNSTopic2" //can i use multiple SNS topics
}
],
"AlarmDescription":"Spillover is Too Large",
"ComparisonOperator":"GreaterThanThreshold",
"Dimensions":[
{
"Name":"LoadBalancerName",
"Value":{
"Ref":"xyz"
}
}
],
"EvaluationPeriods":"2",
"MetricName":"SpilloverCount",
"Namespace":"AWS/ELB",
"Period":"100",
"Statistic":"Sum",
"Threshold":"3"
},
"Type":"AWS::CloudWatch::Alarm"
}
So the question is can i use multiple SNS topics in Alarmactions??? as i need to send notifications to both prod and feature teams as they have different Arn for SNS topics.
Yes, according to the CloudFormation documentation for Alarm, the property AlarmActions is a List of actions to be performed. This means you should be able to notify multiple SNS Topics without issue.
You can verify this by looking at the AWS Console UI for setting up an Alarm. The section for Actions is also a List that allows for the configuration of multiple actions to be configured.