chanciturnervgt2

Amazon IXD – VGT2 Las Vegas

by

VGT2 Las Vegas
in

Deliver Real-Time Amazon CloudWatch Alarm Notifications to Amazon Chime

Amazon IXD - VGT2 Las VegasMore Info

This post was authored by Jessica Lee, a Solutions Architect for Amazon Web Services (AWS) based in Las Vegas, Nevada. The post was also peer-reviewed by David Thompson, Senior Solutions Architect for AWS.

Overview

When developing, deploying, and maintaining mission-critical applications, timely notifications are vital for ensuring your services operate smoothly for customers. If your team collaborates using Amazon Chime, you may want to receive essential system alerts directly in your team chat rooms. This can be achieved through the Amazon Chime incoming webhooks feature.

By utilizing Amazon CloudWatch alarms, you can set metric thresholds and send alerts to Amazon Simple Notification Service (SNS). SNS can deliver notifications via e-mail, HTTP(S) endpoints, and SMS messages to mobile devices, and it can even initiate a Lambda function.

Since SNS does not currently support sending messages directly to Amazon Chime chat rooms, we will implement a Lambda function as an intermediary. This function will be triggered by SNS, allowing it to process event data from the CloudWatch alarm and create a user-friendly message before sending it to Amazon Chime.

Here’s a simple architectural diagram that illustrates how the various components will work together. You can refer back to this diagram as you navigate the rest of this article.

Assumptions

For this article, we assume the following:

  • You have set up an Amazon EC2 instance running Ubuntu Linux.
  • Detailed CloudWatch monitoring is enabled for this EC2 instance.
  • Amazon Chime is already configured and accessible to you.
  • You have installed PowerShell Core or can run it within a Docker container.
  • You have installed and set up IAM credentials for the AWS Tools for PowerShell.
  • Python 3.6 and pip3 are installed on your development machine.

NOTE: There is an additional cost associated with capturing detailed CloudWatch metrics for EC2 instances, detailed here.

Set up Amazon Chime

Before you can implement your backend application code, there are a few steps to perform within Amazon Chime. To set up your incoming webhook, you first need to create a new Amazon Chime chat room since webhooks are created as a resource in the context of the chat room. As of this writing, Chime Webhooks must be created using the native Amazon Chime client for Microsoft Windows or Apple MacOS.

Create an Amazon Chime chat room

Begin by creating a new chat room in Amazon Chime. You will use this chat room for testing, and once you understand and successfully implement this solution, you can replicate it in your live chat rooms.

  1. Open Amazon Chime.
  2. Click on the Rooms button.
  3. Click on the New room button.
  4. Name the chat room and then select the Create button.

Create an Amazon Chime incoming webhook

Once your chat room is created, you need to generate a webhook URL. This URL will authorize your application to send messages to the chat room, so ensure you handle it with the same level of security as any other sensitive information.

In the Amazon Chime chat room, click the gear icon, then select the Manage Webhooks menu item. In the webhook management window, click the New button and name it “CriticalAlerts.” Click the Copy webhook URL link and paste it into a temporary notepad as we will need to configure this URL on our Lambda function later on.

Create an SNS topic

Next, you will create a Simple Notification Service (SNS) topic that will be triggered by a CloudWatch alarm when the configured metric threshold is breached. You can name the SNS topic whatever you prefer; for this example, we’ll use “chimewebhook.”

Creating the SNS topic before the CloudWatch alarm minimizes context switching between services. Use the following PowerShell command to create the SNS topic and store the resulting topic Amazon Resource Name (ARN) in a variable named $Topic. Keep your PowerShell session open, as you will need it later.

$TopicArn = New-SNSTopic -Name chimewebhook -Region us-west-2

Create a CloudWatch alarm

In this section, you will create an Amazon CloudWatch alarm configured to trigger when the CPU usage of your EC2 instance exceeds 10%. Alarms can have zero or more actions; here, you will set a single action to notify the previously created SNS topic.

  1. Navigate to the CloudWatch alarms feature in the AWS Management Console.
  2. Click the blue Create Alarm button.
  3. Search for your EC2 instance ID.
  4. Select the CPUUtilization metric for your EC2 instance.
  5. On the next screen, give the alarm a name and a meaningful description.
  6. Set the CPUUtilization threshold to 10%, ensuring the Period is set to 1 minute.
  7. In the Actions section, select your SNS topic.
  8. Save the CloudWatch alarm.

If you prefer a PowerShell script to deploy the CloudWatch alarm, use the following example script, ensuring you specify the correct parameters for your environment:

Create a CloudWatch dimension object for the correct EC2 instance ID:

$MetricDimension = [Amazon.CloudWatch.Model.Dimension]::new()
$MetricDimension.Name = 'InstanceId'
$MetricDimension.Value = 'i-04043befbbfcdc51e'

Set up parameters to create the CloudWatch alarm in a PowerShell HashTable:

$Alarm = @{
  AlarmName = 'EC2 instance exceeded 10% CPU'
  ActionsEnabled = $true
  AlarmAction = $TopicArn
  ComparisonOperator = ([Amazon.CloudWatch.ComparisonOperator]::GreaterThanOrEqualToThreshold)
  Threshold = 10
  Namespace = 'AWS/EC2'
  MetricName = 'CPUUtilization'
  Dimension = $MetricDimension
  Period = 60
  EvaluationPeriod = 1
  Statistic = [Amazon.CloudWatch.Statistic]::Maximum
  Region = 'us-west-2'
}
Write-CWMetricAlarm @Alarm

Set up AWS Lambda

Now, you will create an AWS Lambda function in Python 3 that will be triggered by the previously created SNS topic. This Lambda function will parse some fields from the message forwarded from CloudWatch to SNS.

Create the Lambda Function

To successfully invoke an Amazon Chime webhook, your HTTP invocation must meet the following criteria:

  • The Webhook URL is predefined by Amazon Chime.
  • The request is sent using the HTTP POST method.
  • The Content-Type HTTP header must be application/json.
  • The HTTP body must contain a JSON object with a Content property.

We will leverage the open-source Python requests library to invoke the Amazon Chime webhook, as it provides a simple development interface. Due to the need to include an external library, you must author your Lambda function locally, package it into a ZIP archive, and then deploy this ZIP file to Lambda.

Start by creating the following three files in a working directory:

  • index.py
'''
This file contains the AWS Lambda function that is invoked when a CloudWatch alarm is triggered.
'''
import os
import boto3
import requests

By following these steps, you can effectively set up a system that sends real-time notifications from Amazon CloudWatch alarms to your Amazon Chime chat rooms. This integration keeps your team informed and enhances collaboration during critical incidents. For further insights, you can check out another blog post here. Also, if you’re looking for expert resources, this site provides valuable information on the topic. Additionally, for community-driven insights, this Reddit thread is an excellent resource.

Location: Amazon IXD – VGT2, 6401 E Howdy Wells Ave, Las Vegas, NV 89115

Related Topics:

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *