Monitoring Insights

AWS CloudWatch Alarms in Slack

A Terraform Project

Photo by Charles Deluvio on Unsplash

Send CloudWatch alarms to Slack - really?

AWS CloudWatch is often used for monitoring the health of your cloud resources. The alarms can be submitted to an SNS topic for further distribution. Subscribers to the SNS topic receive the delivered messages.

This is the target picture:

Let’s have a look at the steps in detail:

The EC2 instance (1) sends an alert to CloudWatch.

The CloudWatch alert (2) triggers an SNS notification.

The Lambda function subscribed (3) to the SNS receives the CloudWatch event and processes it towards the Slack channel (4).

Let’s have a look at the Terraform code.

First some definitions:

locals {
  region                  = "eu-central-1"
  availability_zone_count = 2
  vpc_cidr_block          = "10.10.0.0/16"
  tags = {
    "Environment" = "sns2slack"
  }
}

A VPC is required for EC2 to work:

module "vpc" {
  source         = "./modules/vpc"
  subnet_count   = local.availability_zone_count
  vpc_cidr_block = local.vpc_cidr_block
  name           = "main-vpc"
}

At least one security group:

resource "aws_security_group" "allow-ping" {
  vpc_id      = module.vpc.vpc_id
  name        = "allow-icmp"
  description = "security group that allows icmp and all egress traffic"
  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }

  ingress {
    from_port   = -1
    to_port     = -1
    protocol    = "icmp"
    cidr_blocks = ["0.0.0.0/0"]
  }
}

The EC2 instance (1) is defined by a module:

module "ec2" {
  source         = "./modules/ec2-ux"
  name           = "ec2-ubuntu"
  ubuntu_version = "ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server*"
  subnet_id      = module.vpc.private_subnet_ids.0
  securitygroups = [
    aws_security_group.allow-ping.id
  ]…