Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Mimicking CloudWatch SNS notification in Opsgenie

Joel Bradley December 13, 2021

Is there a way to mimic a CloudWatch SNS notification when creating an alert so that it will be picked up by the CloudWatch API integration instead of the Default API?

I've tried posting SNSEvent JSON payloads and CloudWatch JSON payloads to both my Alerts API with Geniekey and my alerts https endpoint.

The server returns error 422 Unprocessable Entity.

Creating custom alerts otherwise works fine using the parameters listed in the Alerts API

CloudWatch JSON example:

{
    "Type": "Notification",
    "MessageId": "836fe1ec-79e0-56b8-827f-b66569e37e11",
    "TopicArn": "arn:aws:sns:us-east-1:498849832712:update-cherwell-cmdb",
    "Message": {  
        "AlarmName":"Saffron-Octopus-RDS",
        "AlarmDescription":null,  
        "AWSAccountId":"498849832712",  
        "NewStateValue":"ALARM",  
        "NewStateReason":"Threshold Crossed: 1 datapoint [2.1533759377604764 (20/07/20 21:07:00)] was greater than or equal to the threshold (0.0175).",  
        "StateChangeTime":"2020-07-20T21:12:01.544+0000",  
        "Region":"US East (N. Virginia)",  
        "AlarmArn":"arn:aws:cloudwatch:us-east-1:498849832712:alarm:Saffron-Octopus-RDS",  
        "OldStateValue":"INSUFFICIENT_DATA",  
        "Trigger":{      
            "MetricName":"CPUUtilization",      
            "Namespace":"AWS/RDS",      
            "StatisticType":"Statistic",      
            "Statistic":"AVERAGE",      
            "Unit":null,      
            "Dimensions":[{            
                "value":"sm16lm1jrrjf0rk",            
                "name":"DBInstanceIdentifier"        
                }],      
                "Period":300,      
                "EvaluationPeriods":1,      
                "ComparisonOperator":"GreaterThanOrEqualToThreshold",      
                "Threshold":0.0175,      
                "TreatMissingData":"",      
                "EvaluateLowSampleCountPercentile":""  
                }
            },
    "Timestamp": "2020-07-15T14:08:03.824Z",
    "SignatureVersion": "1",
    "Signature": "JNdxahPfT0tVsX8+ZVPeA23M09UcCbIQ8uar5AZ4VqscGhzqpMcy4v00mluwr3eyJuFsogxhv1RprFIHU0ZH4bNRWxDpzdVnFIGVSnSBZDVi075ynf+oxagTLhSs7aa9Aar38RcQicaYBc6kHiCg5FHIwwU1OXeehVjHavFKC1ymSegaxtD2pUG4jST30gC2P55I+qyFItPOj+Ih8ZqRBXc3H989mwDKU0Qa54/lQ0cFMC8YwZcQzqwSoZQwIvsrCzLjNR7l2IIEq4pk9d2thq9C/tySFNlXd4/HP/Vd6I9wuP08c0nspmmWxQY1X7CQOvwKway7V9WmKVpku3avxQ==",
  }
SNSEvent JSON Example:
{ "Records": [ { "EventVersion": "1.0", "EventSubscriptionArn": "arn:aws:sns:us-east-2:123456789012:sns-lambda:21be56ed-a058-49f5-8c98-aedd2564c486", "EventSource": "aws:sns", "Sns": { "SignatureVersion": "1", "Timestamp": "2019-01-02T12:45:07.000Z", "Signature": "tcc6faL2yUC6dgZdmrwh1Y4cGa/ebXEkAi6RibDsvpi+tE/1+82j...65r==", "SigningCertUrl": "https://sns.us-east-2.amazonaws.com/SimpleNotificationService-ac565b8b1a6c5d002d285f9598aa1d9b.pem", "MessageId": "95df01b4-ee98-5cb9-9903-4c221d41eb5e", "Message": "Hello from SNS!", "MessageAttributes": { "Test": { "Type": "String", "Value": "TestString" }, "TestBinary": { "Type": "Binary", "Value": "TestBinary" } }, "Type": "Notification", "UnsubscribeUrl": "https://sns.us-east-2.amazonaws.com/?Action=Unsubscribe&SubscriptionArn=arn:aws:sns:us-east-2:123456789012:test-lambda:21be56ed-a058-49f5-8c98-aedd2564c486", "TopicArn":"arn:aws:sns:us-east-2:123456789012:sns-lambda", "Subject": "TestInvoke" } } ] }

2 answers

1 accepted

2 votes
Answer accepted
Samir
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
December 14, 2021

Hi @Joel Bradley !

 

What you could do is take that payload that SNS is sending to Opsgenie, and make an API request to your Cloudwatch integration endpoint in Opsgenie

2021-12-14_15-37-58.png

 

You will want to ensure the payload you are sending in the POST request is in the same format that our Cloudwatch integration is expecting. An example of this payload is shown on our doc here. So you can take that payload, and just make a POST API request to the endpoint provided in your Cloudwatch integration in Opsgenie.

 

Hope that helps!

 

Thanks,

Samir

Joel Bradley December 14, 2021

Hi Samir,

 

Thanks for your reply.

 

I tried POSTing the sample payload from the link you provided both with and without escaped quotation marks to my Cloudwatch API endpoint. The server still returns error 422. Unfortunately it doesn't say which character tripped the serializer up.
I've had problems with some serializers being unable to handle the nested objects inside a Cloudwatch payload.

 

Sample Cloudwatch JSON payload with escape sequences:

{ "Type": "Notification", "MessageId": "1cf7a0eb-4179-4181-b15b-ea22c5aa0280", "TopicArn": "arn:aws:sns:us-east-1:08931xxxxxx:CloudWatchHTTPAlarms", "Subject": "ALARM: \"cpuUtilTest\" in US - N. Virginia", "Message": "{\"AlarmName\":\"cpuUtilTest\",\"AlarmDescription\":\"testing alarms for cpu utilization\",\"AWSAccountId\":\"08931xxxxxx\",\"NewStateValue\":\"ALARM\",\"OldStateValue\":\"OK\",\"NewStateReason\":\"Threshold Crossed: 1 datapoint (5.199) was greater than or equal to the threshold (5.0).\",\"StateChangeTime\":\"2012-08-05T22:31:25.524+0000\",\"Region\":\"US - N. Virginia\",\"Trigger\":{\"MetricName\":\"CPUUtilization\",\"Namespace\":\"AWS/EC2\",\"Statistic\":\"AVERAGE\",\"Unit\":null,\"Dimensions\":[{\"name\":\"InstanceId\",\"value\":\"i-39e64c5f\"}],\"Period\":900,\"EvaluationPeriods\":1,\"ComparisonOperator\":\"GreaterThanOrEqualToThreshold\",\"Threshold\":5.0}}", "Timestamp": "2012-08-05T22:31:30.673Z", "SignatureVersion": "1", "Signature": "XrsO2wtE0b+ofOl1ZxxxxxxxxlimTUg+rV4U9RmNSSBEdlmyWvtGgpjebsmNv1wkjUsBQOJZjZnpZp5FBn6quAn3twNdRMmMLf15lv6ESbYFxxxxxxxx0vmjj/ZLwiH9Pr/cxVYxxxxxxxYn8w6g=", "SigningCertURL": "https://sns.us-east-1.amazonaws.com/SimpleNotificationService-f3ecfb7224c72xxxxxxxxx6de52f.pem", "UnsubscribeURL": "https://sns.us-east-1.amazonaws.com/?Action=Unsubscribe&SubscriptionArn=arn:aws:sns:us-east-1:08931xxxxxxxx:CloudWatchHTTPAlarms:1841c5ca-ddda-450e-bbfb-xxxxxxxxx" }

 

Sample Cloudwatch JSON payload without escape sequences:

{
"Type": "Notification",
"MessageId": "1cf7a0eb-4179-4181-b15b-ea22c5aa0280",
"TopicArn": "arn:aws:sns:us-east-1:08931xxxxxx:CloudWatchHTTPAlarms",
"Subject": "ALARM: "cpuUtilTest" in US - N. Virginia",
"Message": "{"AlarmName":"cpuUtilTest","AlarmDescription":"testing alarms for cpu utilization","AWSAccountId":"08931xxxxxx","NewStateValue":"ALARM","OldStateValue":"OK","NewStateReason":"Threshold Crossed: 1 datapoint (5.199) was greater than or equal to the threshold (5.0).","StateChangeTime":"2012-08-05T22:31:25.524+0000","Region":"US - N. Virginia","Trigger":{"MetricName":"CPUUtilization","Namespace":"AWS/EC2","Statistic":"AVERAGE","Unit":null,"Dimensions":[{"name":"InstanceId","value":"i-39e64c5f"}],"Period":900,"EvaluationPeriods":1,"ComparisonOperator":"GreaterThanOrEqualToThreshold","Threshold":5.0}}",
"Timestamp": "2012-08-05T22:31:30.673Z",
"SignatureVersion": "1",
"Signature": "XrsO2wtE0b+ofOl1ZxxxxxxxxlimTUg+rV4U9RmNSSBEdlmyWvtGgpjebsmNv1wkjUsBQOJZjZnpZp5FBn6quAn3twNdRMmMLf15lv6ESbYFxxxxxxxx0vmjj/ZLwiH9Pr/cxVYxxxxxxxYn8w6g=",
"SigningCertURL": "https://sns.us-east-1.amazonaws.com/SimpleNotificationService-f3ecfb7224c72xxxxxxxxx6de52f.pem",
"UnsubscribeURL": "https://sns.us-east-1.amazonaws.com/?Action=Unsubscribe&SubscriptionArn=arn:aws:sns:us-east-1:08931xxxxxxxx:CloudWatchHTTPAlarms:1841c5ca-ddda-450e-bbfb-xxxxxxxxx"
}

Samir
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
December 15, 2021

Hi @Joel Bradley ,

 

You need to include the following 2 Headers as well...

Content-Type: text/plain; charset=UTF-8

x-amz-sns-message-type: Notification

2021-12-15_09-06-57.png

Joel Bradley December 15, 2021

Hi Samir,

 

That's exactly what I was looking for.

Thanks very much!

0 votes
Jacobs_ Zachary
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
February 22, 2024

There is a even easier solution to this issue. Simply use the "Incoming Amazon SNS" integration. The CloudWatch integration didn't work for us either, it seems like the json payload sent from the SNS topic in AWS is not setup to be received properly on the Opsgenie side. As far as I know, an SNS topic is the only way to send alerts from CloudWatch and therefore the SNS integration is the correct configuration.image.png

 

 

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events