aws-cdk-examples icon indicating copy to clipboard operation
aws-cdk-examples copied to clipboard

Published 20 hours ago verified publisher icon aws-samples

An Ec2 Alarm that when triggered will create an SSM OpsItem

Open alekasw opened this issue 4 years ago • 1 comments

:rocket: Feature Request

General Information

  • [x] :wave: I may be able to implement this feature request
  • [ ] :warning: This feature might incur a breaking change

Description

This example shows how you can use the cdk to automate attaching an alarm to an ec2 instance at launch time, then when the alarm is triggered how it can create an systems manager opsitem with an associated run book.

Proposed Solution

Koi-Demo-Architecture

The workflow of this solution is as follows: When an EC2 instance is launched it will trigger an Eventbridge rule that kicks off a lambda function. The lambda function determines if the EC2 instance already has a matching alarm. If it does not then it will create and attach a "StatusCheckFailed" metric alarm and tag the instance so next time it is launched it will skip the Alarm creation logic.

The solution also deploys an SSM automation run command document that can be used to easily trigger the alarm via a bash shell script that executes the set-alarm-state aws cli command.

Once the alarm is triggered another Eventbridge rule will kick-off the second lambda function that creates an SSM OpsItem with an associated runbook.

Clean-up: cdk destroy then delete any Alarms that were created

Environment

  • CDK CLI Version: 1.121.0
  • Example: Automate EC2 alarm creation that triggers an OpsItem when in "ALARM" state
  • Example Version: 1.0
  • OS: Amazon Linux 2
  • Language: Python

Other information

The cdk stack deploys the following resources:

  • IAM Policies and Roles
  • IAM Instance Profile
  • EC2 Instance
  • SNS Topic and Subscription
  • Lambda Functions (Two)
  • Eventbridge Rules (Two)
  • SSM Document

alekasw avatar Sep 04 '21 01:09 alekasw

Hey @alekasw 👋🏻

Thanks for opening this feature request.

Marking this as p2 which means that we are unable to work on this immediately. We use +1s to help us prioritize our work, and as always we are happy to take contributions if anyone is interested to pick this up and submit a PR (please make sure to follow our contribution guidelines.) :pray:

ryparker avatar Sep 28 '21 19:09 ryparker