stackoom
  简体   繁体   中英

Sending alerts when an instance is created inside AWS

 原文  2017-03-10 08:05:56       amazon-web-services/ amazon-s3/ amazon-ec2/ cloud/ amazon-cloudwatch

Question

Need to receive emails when someone creates an EC2 instance in AWS. I have tried using cloudwatch but that doesn't seem to work for me. It says insufficient data. Is there a better way to do it?

Creating CloudWatch Alarms for CloudTrail Events

1 answers

solution1
 0  2019-09-11 11:39:30

Step1 : Create a Cloud watch Rule to notifiy the creation . As per the lifecycle of EC2 Instance when lauch button is pressed . Instance goes from Pending state to Running state . So create the Rule for Pending state

Create a Cloud watch Rule as specified in the image screenshot

Step2 : Create a Step function . Because cloud Trail logs all the event in the account with a delay of atleast 20 min . This step function is usefull if you want the name of user who has created the instance . 

{
  "StartAt": "Wait",
  "States": {
    "Wait": {
      "Type": "Wait",
      "Seconds": 1800,
      "Next": "Ec2-Alert"
    },
   "Ec2-Alert":{
     "Type": "Task",
     "Resource":"arn:aws:lambda:ap-south-1:321039853697:function:EC2-Creation-Alert",
     "End": true  

  }
  }
}

Step3 : Create a SNS topic for notification

Step4 : Write a lambda function to fetch the log from cloud trail and get the user name who has created the instance . 

import json
import os
import subprocess
import boto3


def lambda_handler(event, context):

    client = boto3.client('cloudtrail')
    client1 = boto3.client('sns')
    Instance=event["detail"]["instance-id"]     
    response = client.lookup_events(
    LookupAttributes=[
        {
            'AttributeKey': 'ResourceName',
            'AttributeValue': Instance
        },
    ],
    MaxResults=1)

    test=response['Events']

    st="".join(str(x) for x in test)
    print(st)
    user=st.split("Username")[1]
    finalname=user.split(",")
    Creator=finalname[0]
    #print(st[st.find("Username")])

    Email= "Hi All ,\n\n\n The User%s has created new EC2-Instance in QA account and the Instance id is %s \n\n\n Thank you \n\n\n Regard's lamda"%(Creator,Instance)



    response = client1.publish(
    TopicArn='arn:aws:sns:ap-south-1:321039853697:Ec2-Creation-Alert',
    Message=Email

)

    # TODO implement
    return {

        'statusCode': 200,
    }

Note: This code trigger an notification if the instance is changed from stop state to running state.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question sending alerts to slack when aws codepipeline is running Is it possible to determine a time for sending alerts on the cloudwatch aws? Terraform AWS, instance not created Aws instance created by autoscale event or not How to pass the EC2 instance ID created by an aws_instance resource into a file and place it inside an EC2 instance using Terraform? How to assign an AWS Elastic IP to a newly created EC2 instance with Terraform without it getting reassigned when another instance is created? problem sending mail with PHPMailer on AWS AMI instance Programmatically change hostname of a newly created AWS instance How do I give an instance a name when created with the aws sdk for ruby? Connecting to a MySQL db created in an Ubuntu AWS instance
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM