Overview
Stay updated with your Amazon EC2 and EBS events directly through your Slack channel. This guide will walk you through the process of setting up a system that sends a Slack notifications for the following events:
- Creation of an AMI: Notifies when an Amazon Machine Image (AMI) is being created from an EC2 instance. This is represented by the
CreateImageevent. - Rebooting of an EC2 Instance: Alerts when an instance is undergoing a reboot.
- Stopping of an EC2 Instance: Informs when an instance is entering a stopping state.
- Stopped State of an EC2 Instance: Confirms when an instance has reached a stopped state.
- Modification of an EC2 Instance: Reports any changes made to the instance’s configuration.
- Pending State of an EC2 Instance: Announces when an instance is in a pending state.
- Running State of an EC2 Instance: Verifies when an instance is fully operational.
- Creation of a Manual EBS Snapshot for Volume: Details when a manual snapshot for a specific volume is taken.
- Creation of a Manual EBS Snapshot for Instance: Specifies when a manual snapshot for an instance is created.
- Triggering of an Automated EBS Snapshot: Indicates when an automated snapshot is initiated.
Before we delve into the implementation steps, it’s crucial to understand why real-time notifications for Amazon EC2 and EBS events are important.
In today’s fast-paced digital world, staying updated with the latest changes and events in your cloud infrastructure is key to maintaining a robust and efficient system. Real-time notifications allow you to monitor your AWS resources closely, enabling you to respond quickly to any changes or potential issues.
Here are some situations where these notifications can be particularly helpful:
- Incident Response: If an EC2 instance goes down or an EBS volume fails, immediate notifications allow your team to start troubleshooting and recovery procedures right away, minimizing downtime.
- Resource Management: Notifications about the creation of new AMIs or changes to EC2 instances can help you keep track of your resources and manage costs effectively.
- Security: Real-time alerts about modifications to EC2 instances can help you detect unauthorized changes or potential security threats.
By integrating these notifications with Slack, you can have all this crucial information right at your fingertips, improving your ability to manage and secure your AWS environment.
Now, let’s continue with the discussion on how we can implement this automation.
Setting Up the Lambda Function
First, we need to create a Lambda function. Make sure that you deploy it in the same region as your EC2 instance.
- Function name:
ec2-ebs-events-slack-notif - Runtime: Python 3.11
For the Lambda function code, you can use the one provided.
Configuring the Triggers
Trigger 1: EC2 Instance Events via CloudTrail
We will use EventBridge (CloudWatch Events) to create a new rule.
- Rule name:
ec2-instance-events-cloudtrail - Rule type: Event pattern
- Service Name: EC2
- Event Type: AWS API call via CloudTrail
Input the following operations:
CreateImageRebootInstancesModifyInstanceAttributeCreateSnapshotCreateSnapshots
Note: The CreateSnapshots API call is not directly recognizable by CloudTrail when setting up CloudWatch Events. However, this doesn’t mean you can’t use CreateSnapshots as a trigger. Once you’ve set up your event rule in CloudWatch Events, you can manually add CreateSnapshots to the event pattern.
After creating the rule, open the created trigger – ec2-instance-events-cloudtrail. Click Edit to edit the event pattern, then manually add the CreateSnapshots event name. Click Next, then update the rule.
Trigger 2: EC2 Instance State-Change Notification
Go back to the Lambda Configuration > Triggers > Add Trigger.
- Rule name:
ec2-instance-state - Rule type: Event pattern
- Service Name: EC2
- Event Type: EC2 instance state-change notification
Click Add.
And that’s it! You have now set up your system to receive Slack notifications for specific Amazon EC2 and EBS events. Stay informed and react quickly to your AWS environment.