elastalert icon indicating copy to clipboard operation
elastalert copied to clipboard

Published 20 hours ago verified publisher icon Yelp

Add support for AWS SES

Open nqv opened this issue 6 years ago • 8 comments

ElastAlert already depends on AWS sdk for SNS so this PR does not bring any additional dependencies.

I guess I need to add automated tests but not sure how to do it with AWS.

nqv avatar Mar 08 '18 05:03 nqv

ruletypes.rst

Some of the item names below are implementation-dependent. aws_access_key, aws_secret_key, profile. In the implementation, alerts.py has aws_access_key_id, aws_secret_access_key, and aws_profile. You may have referred to the SNS material, but the description is incorrect. I forgot to mention aws_session_token. Since there is the same item name as other settings, it is better to add "ses_" at the beginning if it is a setting only for ses.

alerts.py

It is implemented as follows, but when using profile, The only parameter is profile.

session = boto3.Session(
  aws_access_key_id=self.rule.get('aws_access_key_id'),
  aws_secret_access_key=self.rule.get('aws_secret_access_key'),
  aws_session_token=self.rule.get('aws_session_token'),
  region_name=self.rule.get('aws_region'),
  profile_name=self.rule.get('aws_profile'),
)

Profile creation example

In the following example, "defalut" is specified as the profile name.

# Create ~/.aws/credentials

[default]
aws_access_key_id = xxxxxxxxxxxxxxxxxxxx
aws_secret_access_key = yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
aws_session_token = zzzzzzzzzzzzzzzzzz

# Create ~/.aws/config

[default]
region = us-east-1

It is necessary to branch the processing depending on whether the profile is specified or not. https://boto3.amazonaws.com/v1/documentation/api/latest/guide/configuration.html

When no profile is specified

session = boto3.Session(
  aws_access_key_id=self.rule.get('ses_aws_access_key_id'),
  aws_secret_access_key=self.rule.get('ses_aws_secret_access_key'),
  aws_session_token=self.rule.get('aws_session_token'),
  region_name=self.rule.get('aws_region')
)

When a profile is specified

session = boto3.Session(profile_name=self.profile)

elastalert/config.py

"'Ses': alerts.SesAlerter," is added, It seems that it will be added to "elastalert/loaders.py" in the current latest version.

nsano-rururu avatar May 13 '20 11:05 nsano-rururu

Can you resolve conflicts please :)

nsano-rururu avatar Jan 16 '21 12:01 nsano-rururu

Any update on this PR?

peimanja avatar May 06 '21 17:05 peimanja

@peimanja

elastalert2 is compatible with AWS SES. https://github.com/jertel/elastalert2

nsano-rururu avatar May 12 '21 02:05 nsano-rururu

@peimanja

elastalert2 is compatible with AWS SES. jertel/elastalert2

Thanks, I will wait for the new release then which has the SES support

peimanja avatar May 12 '21 21:05 peimanja

@peimanja

Elastalert 2 with ses support has been released https://github.com/jertel/elastalert2/releases/tag/2.1.0

nsano-rururu avatar May 19 '21 02:05 nsano-rururu

any update on this PR? or we have to switch to other?

teochenglim avatar Jan 13 '22 03:01 teochenglim

@teochenglim

elastalert will no longer be updated.

nsano-rururu avatar Jan 13 '22 13:01 nsano-rururu