-
Notifications
You must be signed in to change notification settings - Fork 7
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #7 from abdullahkhawer/improve-alert-message-forma…
…tting feat!: Update code to use AWS Lambda function to send alerts on Slack to improve alert message formatting, change the solution name to aws-alerts, do some code refactoring and update README.md accordingly.
- Loading branch information
Showing
11 changed files
with
957 additions
and
3,718 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -4,15 +4,15 @@ | |
|
|
||
| ## Introduction | ||
|
|
||
| AWS Alerts is a solution for AWS cloud to monitor resources for various AWS services and alert for failures, errors, warnings and terminations on Slack. | ||
| AWS Alerts is a solution for AWS cloud to monitor resources for various 30+ AWS services and send alerts for failures, errors, warnings and terminations on Slack. | ||
|
|
||
| You can update provided variable values to enable or disable notification resources for different AWS services. | ||
| You can update provided variable values to enable or disable alerts for different AWS services. | ||
|
|
||
| By default, all AWS services are disabled and you have to choose which one to enable. | ||
|
|
||
| ❓ Why did I develop this solution? | ||
|
|
||
| 👉🏻 Because sometimes some infrastructure level alerts can be missed which can be collected more efficiently using AWS CloudWatch events (AWS EventBridge), AWS CloudWatch alarms and AWS service specific event subscriptions. | ||
| Because sometimes infrastructure level alerts can be missed which can be collected more efficiently using AWS CloudWatch events (AWS EventBridge), AWS CloudWatch alarms and AWS service specific event subscriptions but manually creating all the required resources to enable all those alerts can take a lot of time and effort. | ||
|
|
||
| ## Supported IaC (Infrastructure as Code) Tools: | ||
|
|
||
|
|
@@ -21,10 +21,9 @@ By default, all AWS services are disabled and you have to choose which one to en | |
|
|
||
| ## Supported AWS Services: | ||
|
|
||
| Following are the AWS services for which you can enable notifications for failures, errors, warnings and terminations: | ||
| Following are the 30+ AWS services for which you can enable alerts for failures, errors, warnings and terminations notifications: | ||
|
|
||
| - `AWS Batch` | ||
| - `AWS CloudFormation (CF)` | ||
| - `AWS CodeBuild (CB)` | ||
| - `AWS CodeDeploy (CD)` | ||
| - `AWS CodePipeline (CP)` | ||
|
|
@@ -56,65 +55,73 @@ Following are the AWS services for which you can enable notifications for failur | |
| - `AWS Transcribe` | ||
| - `AWS Trusted Advisor (TA)` | ||
|
|
||
| ### Any contributions, improvements and suggestions will be highly appreciated. | ||
|
|
||
| ## Components Used | ||
|
|
||
| Following are the components used in this solution: | ||
|
|
||
| - Terraform templates for all of the resources deployment in case you don't want to use AWS CloudFormation templates. | ||
| - AWS CloudFormation templates (both in JSON and YAML) for all of the resources deployment as stack in case you don't want to use Terraform templates. | ||
| - Python script having the logic to manage AWS CloudFormation failures developed in Python 3.9. | ||
| - Terraform template for all of the resources deployment in case you don't want to use AWS CloudFormation template. | ||
| - AWS CloudFormation template for all of the resources deployment as stack in case you don't want to use Terraform template. | ||
| - Python script developed in Python 3.12 having the logic to send formatted AWS Alerts to Slack. | ||
| - Boto3 for AWS resources access in Python. | ||
| - AWS Lambda function to execute the above mentioned Python script. | ||
| - AWS IAM role used by the Lambda function with least privileges. | ||
| - AWS Lambda Invoke Permission for AWS SNS topic. | ||
| - AWS CloudWatch events for the failures, errors, warnings and terminations notifications of various AWS services triggered upon events. | ||
| - AWS CloudWatch events for the failures, errors, warnings and terminations alerts of various AWS services triggered upon events. | ||
| - AWS CloudWatch alarms for the failures of AWS Lambda functions. | ||
| - AWS RDS and DMS event subscriptions for the failures, errors, warnings and terminations of AWS RDS and DMS resources respectively. | ||
| - AWS SNS topic for receiving and sending notifications to the subscribed endpoint for AWS CloudFormation notifications. | ||
| - AWS SNS topic for receiving and sending notifications to the subscribed endpoint for failures, errors, warnings and terminations notifications of various AWS services. | ||
| - AWS SNS topic policies for the above mentioned AWS SNS topics with sufficient permissions to allow publishing of messages on these AWS SNS topics. | ||
| - AWS SNS topic for receiving and sending alerts to Slack for failures, errors, warnings and terminations alerts of various AWS services. | ||
| - AWS SNS topic policy for the above mentioned AWS SNS topic with sufficient permissions to allow publishing of messages on this AWS SNS topic. | ||
|
|
||
| ## Prerequisites | ||
|
|
||
| Following are the prerequisites to be met once before you begin: | ||
|
|
||
| - Following tools should be installed on your system: | ||
| - Git | ||
| - AWS CLI | ||
| - Terraform | ||
| - Python 3.12 with `pip` | ||
| - A Slack Webhook URL is created for the channel where you want to receive the alerts either using general incoming webhook or app incoming webhook. | ||
| - A parameter should be created on AWS SSM Parameter Store with the name of your choice and it should have the Slack Webhook URL as its value. | ||
|
|
||
| ## Deployment and Usage Notes | ||
|
|
||
| ### Using Terraform: | ||
|
|
||
| Following are the steps to successfully deploy and use this solution: | ||
| - Fork this repository from the master branch. | ||
| - If you want to enable AWS CloudFormation failures notifications, change default value to `true` for `enable_cloudformation_failure_notification` variable. | ||
| - Similarly, for any AWS service you want to enable failures, errors, warnings and terminations notifications, change default value to `true` for that AWS service's variable that is starting with `enable_...` | ||
| - If `enable_lambda_failure_notification` variable is set to to `true` for AWS Lambda functions failure notifications, you can set a list of specific AWS Lambda functions to enable monitoring only for those using `lambda_function_names` variable. Otherwise, it will fetch all AWS Lambda function names. | ||
| - Configure AWS CLI and then run `terraform init` and then `terraform apply` within the `/terraform` directory and provide protocol (e.g., `email` or `https`) and endpoint (e.g., `[email protected]`) by providing values for `failure_error_warning_termination_notification_sns_topic_protocol` and `failure_error_warning_termination_notification_sns_topic_endpoint` respectively. | ||
| - Use `terraform-usage-example.tf` file to create `main.tf` file for your infrastructure as needed. | ||
| - Set the value for the `slack_webhook_url_aws_ssm_parameter_name` variable to the name of the AWS SSM Parameter name from the Parameter Store which is having Slack Webhook URL. | ||
| - For any AWS service that you want to enable alerts for failures, errors, warnings and/or terminations notifications, set the value to `true` for its variable that is starting with the prefix `enable_...` (e.g., `enable_rds_failure_warning_alerts`). By default, all are set to `false`. | ||
| - If `enable_lambda_failure_alerts` variable is set to to `true` for AWS Lambda functions' failure alerts, you can set a list of specific AWS Lambda functions to enable monitoring only for them by using `lambda_function_names` variable. Otherwise, it will fetch all the AWS Lambda function names. | ||
| - Configure AWS CLI and then run `terraform init` and then `terraform apply`. | ||
| - If the Terraform change plan looks good, enter `yes` to create the resources. | ||
| - Wait for the Terraform to finish creating all the resources. | ||
| - Confirm the subscription of the endpoint to the AWS SNS topic. The method depends on the protocol selected. | ||
|
|
||
| ### Using AWS CloudFormation: | ||
|
|
||
| Following are the steps to successfully deploy and use this solution: | ||
| - Fork this repository from the master branch. | ||
| - Compress `/function/aws_cloudformation_failure_notification.py` file in zip format and put it on AWS S3 bucket. | ||
| - Login to AWS console with IAM user credentials having the required admin privileges to create resources via AWS CloudFormation. | ||
| - Go to AWS CloudFormation and choose to `Create Stack`. | ||
| - Under `Choose a template`, either upload `aws_failure_error_warning_termination_notification_framework_cft.json` or `aws_failure_error_warning_termination_notification_framework_cft.yaml` from here or put it on AWS S3 bucket and enter AWS S3 URL for that file. | ||
| - Enter any suitable `Stack Name`. | ||
| - Enter `FailureErrorWarningTerminationNotificationSNSTopicEndpoint` which is the endpoint where you receive all notifications from AWS SNS topic. (e.g., `[email protected]`). | ||
| - Enter `FailureErrorWarningTerminationNotificationSNSTopicProtocol` which is the protocol used by the endpoint where you receive all notifications from AWS SNS topic. (e.g., `email` or `https`). | ||
| - If you want to enable AWS CloudFormation failures notifications, select `YES` for `EnableCloudFormationFailureNotification` and then specify the following: | ||
| - Enter `CloudFormationFailureLambdaCodeS3Bucket` which is an AWS S3 Bucket Name having AWS CloudFormation Failure Notification AWS Lambda Function Code. (e.g., my-bucket). | ||
| - Enter `CloudFormationFailureLambdaCodeS3Key` which is an AWS S3 Bucket Key having AWS CloudFormation Failure Notification AWS Lambda Function Code (e.g., lambda/code/aws_cloudformation_failure_notification.zip). | ||
| - Similarly, for any AWS service you want to enable failures, errors, warnings and terminations notifications, select `YES` for that AWS service's variable that is starting with `Enable...` | ||
| - Enter suitable `Tags` if required. | ||
| - Under `Review`, select `I acknowledge that AWS CloudFormation might create IAM resources with custom names.` and click create. | ||
| - Run the following command to install the Python libraries: `pip3 install -r ./function/requirements.txt -t ./function --no-cache-dir --upgrade` | ||
| - Compress whatever is inside the `function` directory into a `.zip` file and put it on an AWS S3 bucket. | ||
| - Login to AWS console with IAM user credentials having the required permissions to create resources via AWS CloudFormation. | ||
| - Go to AWS CloudFormation and click on `Create Stack` button and then select `With new resources (standard)` option. | ||
| - Under `Choose a template`, either upload `aws_alerts_cft.yaml` file from the `cloudformation` directory or upload it on an AWS S3 bucket and enter its AWS S3 object URL. | ||
| - Enter any suitable value for `Stack Name`. | ||
| - Enter value for `SlackWebhookURLAWSSSMParameterName` which is the name of the AWS SSM Parameter Name from the Parameter Store which is having Slack Webhook URL. | ||
| - Enter value for `AWSAlertsLambdaCodeS3Bucket` which is an AWS S3 Bucket Name having AWS Alerts Lambda Function Code. (e.g., `my-bucket`). | ||
| - Enter value for `AWSAlertsLambdaCodeS3ObjectKey` which is an AWS S3 Bucket Object Key having AWS Alerts Lambda Function Code (e.g., `lambda/code/aws_alerts.zip`). | ||
| - For any AWS service that you want to enable alerts for failures, errors, warnings and/or terminations notifications, select `YES` for its variable that is starting with the prefix `Enable...` (e.g., `EnableCloudFormationFailureAlerts`). By default, all have `YES` selected. | ||
| - Enter any suitable value for `Tags` if required. | ||
| - Change extra configurations if required. | ||
| - Under `Review`, select `I acknowledge that AWS CloudFormation might create IAM resources with custom names.` and click `Create`. | ||
| - Wait for the stack to change its `Status` to `CREATE_COMPLETE`. | ||
| - Confirm the subscription of the endpoint to the AWS SNS topic. The method depends on the protocol selected. | ||
|
|
||
| Voila, you are done and everything is now up and running. | ||
| Note: You can subscribe other endpoints to the AWS SNS topic created for alerts if needed. | ||
|
|
||
| ## Troubleshooting Notes | ||
|
|
||
| - In case of no notifications are received or the AWS CloudWatch alarm isn't working, try resubscribing to the AWS SNS topic or updating the notification action in AWS CloudWatch alarm. | ||
| - If no notifications are received or the AWS CloudWatch alarm isn't working, try resubscribing to the AWS SNS topic or updating the notification action in AWS CloudWatch alarm. | ||
| - If some other issue occurs, kindly create an issue on this GitHub repository for its resolution or any help. | ||
|
|
||
| ### Warning: You will be billed for the AWS resources created by this solution. | ||
| ### Any contributions, improvements and suggestions will be highly appreciated. | ||
Oops, something went wrong.