1. Introduction
Hello! We are a writer team from Definer Inc.
In this issue, you are wondering how to implement alert detection to Slack with CloudWatch, SNS and Chatbot.
Let's take a look at the actual screens and resources to explain in detail.
2. Purpose/Use Cases
There are various situations in which you might want to receive alerts from AWS to Slack. Here are a few common scenarios:
1. Infrastructure Monitoring: You can set up alerts to notify you about the health and performance of your AWS resources. For example, you might want to receive an alert when CPU utilization on an EC2 instance exceeds a certain threshold or when an RDS database goes offline.
2. Application Monitoring: If you have applications running on AWS, you can configure alerts to monitor their behavior. This could include metrics like response time, error rates, or availability. When an issue is detected, you can receive an alert in Slack to investigate and take appropriate actions.
3. Security Monitoring: Alerts can be set up to notify you of potential security breaches or suspicious activities within your AWS environment. For instance, you might want to receive an alert when unauthorized access attempts are detected or when there is a sudden surge in network traffic.
4. Cost Management: AWS offers services to help you track and manage your costs. You can set up alerts to notify you when your spending exceeds a predefined budget or when there are significant cost fluctuations.
To receive these alerts in Slack, you can use AWS services like Amazon CloudWatch, AWS Lambda, or AWS Simple Notification Service (SNS). These services allow you to configure event triggers and send notifications to various endpoints, including Slack, when specific conditions are met.
This article provides helpful information and practices for sending alerts to Slack using CloudWatch, SNS, and Chatbot.
3. AWS CloudWatch, SNS and Chatbot Introduction
First, let's understand the simple concept of AWS Cloudwatch, SNS and Chatbot.
CloudWatch:
AWS CloudWatch is a monitoring and observability service provided by Amazon Web Services (AWS). It enables you to collect and track metrics, collect and monitor log files, and set alarms to notify you of specific events or threshold breaches. CloudWatch provides valuable insights into your AWS resources, applications, and services, helping you monitor their performance, troubleshoot issues, and optimize resource utilization.
AWS Simple Notification Service (SNS):
AWS SNS (Simple Notification Service) is a flexible and fully managed messaging service provided by Amazon Web Services (AWS). It enables you to send notifications and messages to a variety of endpoints, including email, SMS text messages, mobile push notifications, and other AWS services.
AWS Chatbot:
AWS Chatbot is a service provided by Amazon Web Services (AWS) that integrates with popular chat platforms like Slack and Amazon Chime. It allows you to receive notifications and interact with AWS resources, services, and operational events directly within your preferred chat application.
Now, let's follow the below steps.
4. Step 1: SNS/CloudWatch construction
The whole idea of alert detection to Slack is that CloudWatch detects anomalies and Chatbot sends notifications to Slack via SNS, which is a queue.
We will immediately build resources for alert detection.
(1) Creating an SNS topic
Create an SNS topic using the "aws sns create-topic" command (Or you absolute can create it on AWS console).
If TopicArn is returned, the topic has been created successfully.
## Command to create an SNS topic
$ aws sns create-topic --name test_sns
{
"TopicArn": "arn:aws:sns:ap-northeast-1:xxxxxxxxx:test_sns"
}
(2) Creating CloudWatch alarm
Next, create a CloudWatch alarm using the "aws cloudwatch put-metric-alarm" command.
This time, as a sample, we created an alarm that is fired when the CPU usage of EC2 exceeds 90%.
Next, create a CloudWatch alarm using the "aws cloudwatch put-metric-alarm" command.
This time, as a sample, we created an alarm that is fired when the CPU usage of EC2 exceeds 90%.
## Command to create Cloudwatch alarm
$ aws cloudwatch put-metric-alarm \
--alarm-name "ec2cpuAlart" \
--alarm-description "EC2 CPU usage has exceeded 90%" \
--alarm-actions ${ARN for the SNS you just created} \
--ok-actions ${ARN for the SNS you just created} \
--namespace AWS/EC2 \
--dimensions "Name=InstanceId,Value=${EC2 instance ID}" \
--metric-name CPUUtilization \
--threshold 90 \
--comparison-operator GreaterThanOrEqualToThreshold \
--period 300 \
--evaluation-periods 1 \
--datapoints-to-alarm 1 \
--statistic Average \
--treat-missing-data missing
5. Step 2: Setup Chatbot
Next, we will create a Chatbot that works with Slack.
(1) Chat client settings
Access the AWS Chatbot console and select the chat client "Slack" → "Configure Client".
You'll be redirected to Slack's authorization page to request permission for AWS Chatbot to access your Slack workspace.
There's no limit to the number of workspaces that you can set up for AWS Chatbot, but you can set up only one at a time.
This completes the integration with Slack.
(2) Creating Chatbot
From the AWS Chatbot console, click "Create New Channel".
Under "Slack Channels," select where to send notifications.
This time, I specified the public channel "random".
I left IAM and other permissions as default.
In the "Notification" section, specify the SNS you just created, and click "Configure" to complete the setup.
(3) Test notification to Slack
Let's try actually firing the CloudWatch alarm.
The notification was successfully sent to Slack.
6. Cited/Referenced Articles
7. About the proprietary solution "PrismScaler"
・PrismScaler is a web service that enables the construction of multi-cloud infrastructures such as AWS, Azure, and GCP in just three steps, without requiring development and operation.
・PrismScaler is a web service that enables multi-cloud infrastructure construction such as AWS, Azure, GCP, etc. in just 3 steps without development and operation.
・The solution is designed for a wide range of usage scenarios such as cloud infrastructure construction/cloud migration, cloud maintenance and operation, and cost optimization, and can easily realize more than several hundred high-quality general-purpose cloud infrastructures by appropriately combining IaaS and PaaS.
8. Contact us
This article provides useful introductory information free of charge. For consultation and inquiries, please contact "Definer Inc".
9. Regarding Definer
・Definer Inc. provides one-stop solutions from upstream to downstream of IT.
・We are committed to providing integrated support for advanced IT technologies such as AI and cloud IT infrastructure, from consulting to requirement definition/design development/implementation, and maintenance and operation.
・We are committed to providing integrated support for advanced IT technologies such as AI and cloud IT infrastructure, from consulting to requirement definition, design development, implementation, maintenance, and operation.
・PrismScaler is a high-quality, rapid, "auto-configuration," "auto-monitoring," "problem detection," and "configuration visualization" for multi-cloud/IT infrastructure such as AWS, Azure, and GCP.