AWS Cloudwatch V2 Integration Guide
Amazon CloudWatch is a monitoring and management service built for developers, system operators, site reliability engineers (SRE), and IT managers.
What can Zenduty do for AWS Cloudwatch V2 users?
With AWS Cloudwatch's Integration, Zenduty routes new Cloudwatch alarm alerts to the right team and notifies them based on on-call schedules via email, text messages(SMS), phone calls(Voice), Slack, Microsoft Teams and iOS & Android push notifications, and escalates alerts until the alert is acknowledged or closed. Zenduty provides your NOC, SRE and application engineers with detailed context around the Cloudwatch alert along with playbooks and a complete incident command framework to triage, remediate and resolve incidents with speed.
Whenever a Cloudwatch alarm is triggered(in the ALARM or INSUFFFICIENT states), Zenduty will create an incident. When that alarm returns to the OK state, Zenduty will auto-resolve the incident.
You can also use Alert Rules to custom route specific Cloudwatch alerts to specific users, teams or escalation policies, write suppression rules, auto add notes, responders and incident tasks.
What is the difference between the Cloudwatch(V1) and Cloudwatch V2 integrations?
The Cloudwatch V1 integrations uses TopicID as the alert deduplication key and clubs all alerts from the same topic within the same incident. Whereas, the Cloudwatch V2 integration uses AlarmId as the deduplication key and every Cloudwatch alarm will create a different incident on Zenduty.
To integrate AWS CloudWatch with Zenduty, complete the following steps:
In Zenduty:
-
To add a new AWS CloudWatch integration, go to Teams on Zenduty and click on the team you want to add the integration to.
-
Next, go to Services and click on the relevant Service.
-
Go to Integrations and then Add New Integration. Give it a name and select the application AWS CloudWatch from the dropdown menu.
-
Go to Configure under your integrations and copy the Webhook URL generated.
In AWS CloudWatch:
-
Login to your AWS account and go to your SNS dashboard. On the left panel, click on Topics. Click on Create topic. For topic and display names, enter Zenduty.
-
Go back to the SNS dashboard and click on Create Subscription.
-
In the Topic ARN, choose the topic created in Step 3. Select the protocol as HTTPS. In the endpoint field, paste the URL you copied earlier. [Important: Keep the Enable raw message delivery as unchecked.].
-
Click on Create Subscription to find a list of your subscriptions. Refresh this page to confirm.
-
To test the subscription navigate to topic which you created in previous step and click on Publish message. In Subject provide the test subject and in Message body to send to endpoint paste the below JSON payload and click on Publish message. It will create new incident on Zenduty.
{
"AlarmName": "Response_Time_Alert",
"AlarmDescription": "Cloudwatch alarm for response time Production",
"AWSAccountId": "11111111111",
"NewStateValue": "ALARM",
"NewStateReason": "Threshold Crossed:Response time greater than 10 sec was treated as [Breaching].",
"StateChangeTime": "2022-01-01T18:07:30.164+0000",
"Region": "US West (k.k)",
"AlarmArn": "arn:aws:cloudwatch:us-east-1:11111111111:alarm:Response_Time_Alert",
"OldStateValue": "OK",
"Trigger": {
"MetricName": "EnvironmentHealth",
"Namespace": "AWS/ElasticBeanstalk",
"StatisticType": "Statistic",
"Statistic": "AVERAGE",
"Unit": null,
"Dimensions": [{
"value": "production-ya-dev",
"name": "EnvironmentName"
}],
"Period": 60,
"EvaluationPeriods": 1,
"ComparisonOperator": "LessThanOrEqualToThreshold",
"Threshold": -1.0,
"TreatMissingData": "- TreatMissingData: breaching",
"Evile": ""
}
}
-
You can now create alarms to the topic.
-
While creating Alarm rules, choose the above created SNS topic for notifying in both the ALARM state and OK state as displayed in the screenshot below.
-
Zenduty will create an incident for each alarm and auto-resolve the incident when Cloudwatch sends the OK notification.