This is an AWS Lambda function written in Go, used to create notifications from events generated by AWS Cloudwatch and AWS SNS.
It currently accepts the following types of events, which it forwards to Slack:
- Cloudwatch Alarms via SNS
- RDS Event notifications via SNS
- Generic SNS messages
- Cloudwatch EC2 state change events
- Cloudwatch Autoscaling Events
- Generic handler for all other Cloudwatch Events (simply forwards "detail" JSON to Slack for now)
It also generates a Pagerduty Incident via the API for Cloudwatch Alarm events with status ALARM.
This lambda function expects the following to be passed in via environment variables:
slack_webhook: The web hook URL for triggering Slack notificationspagerduty_key: The service key used for calling the Pagerduty Incident creation API
It's not recommended to store these in plain text in your Lambda configuration. Instead, you should make use of the KMS encryption support built into AWS Lambda: Environment Variable Encryption
First, you'll need to install Go (duh!) - on Mac OS you can do this via Homebrew:
brew install go --with-cc-common
Note the --with-cc-common part - this enables cross-compilation support.
Next, you'll need to check this Git repo out in your Go workspace, under $GOPATH/src/github.com/motns/aws-notifier.
Finally, you need to install Glide, a dependency manager for Go packages. On Mac OS, you can do this via Homebrew:
brew install glide
Dependencies are defined inside glide.yaml, with installed versions locked down in glide.lock.
Run glide install inside the source root to fetch these dependencies into /vendor.
The application needs to be built for Linux in order to run on AWS Lambda:
GOOS=linux GOARCH=amd64 go build -vThen just package the built executable into a Zip file:
zip deploy.zip aws-notifierThe resulting Zip file can be uploaded directly to Lambda either via the AWS Management Console, or the API.
Once your Lambda function has been set up, you can use the following payload to test both the Slack and Pagerduty integrations:
{
"Records": [
{
"EventSource": "aws:sns",
"EventVersion": "1.0",
"EventSubscriptionArn": "arn:aws:sns:eu-west-1:000000000000:cloudwatch-alarms:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"Sns": {
"Type": "Notification",
"MessageId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"TopicArn": "arn:aws:sns:eu-west-1:000000000000:cloudwatch-alarms",
"Subject": "ALARM: \"Example alarm name\" in EU - Ireland",
"Message": "{\"AlarmName\":\"Example alarm name\",\"AlarmDescription\":\"Example alarm description.\",\"AWSAccountId\":\"000000000000\",\"NewStateValue\":\"ALARM\",\"NewStateReason\":\"Threshold Crossed: 1 datapoint (10.0) was greater than or equal to the threshold (1.0).\",\"StateChangeTime\":\"2017-01-12T16:30:42.236+0000\",\"Region\":\"EU - Ireland\",\"OldStateValue\":\"OK\",\"Trigger\":{\"MetricName\":\"DeliveryErrors\",\"Namespace\":\"ExampleNamespace\",\"Statistic\":\"SUM\",\"Unit\":null,\"Dimensions\":[],\"Period\":300,\"EvaluationPeriods\":1,\"ComparisonOperator\":\"GreaterThanOrEqualToThreshold\",\"Threshold\":1.0}}",
"Timestamp": "2017-01-12T16:30:42.318Z",
"SignatureVersion": "1",
"Signature": "Cg==",
"SigningCertUrl": "https://sns.eu-west-1.amazonaws.com/SimpleNotificationService-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.pem",
"UnsubscribeUrl": "https://sns.eu-west-1.amazonaws.com/?Action=Unsubscribe&SubscriptionArn=arn:aws:sns:eu-west-1:000000000000:cloudwatch-alarms:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"MessageAttributes": {}
}
}
]
}This is a payload for a fake Cloudwatch Alarm, and should generate an error message (red) in Slack, and also trigger a Pagerduty Incident.