Developing Real-time resource monitoring via email on AWS using Terraform | by krishna dutt | Feb, 2022

Save the price of monitoring utilizing this system

Key parts to construct the infrastructure

  1. Occasion Bridge
  2. SNS
  3. Electronic mail subscription
{“model”:”1.0",”timestamp”:”2022–02–01T12:58:45.181Z”,”requestContext”:“requestId”:”a4ac706f-1aea-4b1d-a6d2–5e6bb58c4f3e”,”functionArn”:”arn:aws:lambda:ap-south-1:498830417177:operate:gggg:$LATEST”,”situation”:”Success”,”approximateInvokeCount”:1,”requestPayload”:{“Data”:[“eventVersion”:”2.1",”eventSource”:”aws:s3",”awsRegion”:”ap-south-1",”eventTime”:”2022–02–01T12:58:43.330Z”,”eventName”:”ObjectCreated:Put”,”userIdentity”:“principalId”:”A341B33DQLH0UH”,”requestParameters”:“sourceIPAddress”:”43.241.67.169",”responseElements”:“x-amz-request-id”:”GX86AGXCNXB5ZYVQ”,”x-amz-id-2":”CPVpR8MNcPsNBzxcF8nOFqXbAIU60/zQlNC6njLp+wNFtC/ZnZF0SFhfMuhLOSpEqMFvvPqLA+tyvaXJSYMXAByR5EuDM0VF”,”s3":“s3SchemaVersion”:”1.0",”configurationId”:”09dae0eb-9352–4d8a-964f-1026c76a5dcc”,”bucket”:“name”:”sddsdsbbb”,”ownerIdentity”:“principalId”:”A341B33DQLH0UH”,”arn”:”arn:aws:s3:::sddsdsbbb”,”object”:“key”:”variables.tf”,”size”:402,”eTag”:”09ba37f25be43729dc12f2b01a32b8e8",”sequencer”:”0061F92E834A4ECD4B”]},”responseContext”:“statusCode”:200,”executedVersion”:”$LATEST”,”responsePayload”:”binary/octet-stream”}
  1. Our occasion bridge will gather all of the logs from all of the occasions from the AWS account, utilizing occasion filter.
Occasion sample for the Eventbridge rule
Enter transformer and enter templete for occasion bridge rule
Creating SNS service
Electronic mail subscription to SNS service
Electronic mail Notification Screenshot
terraform 
required_providers
aws =
supply = "hashicorp/aws"
model = "~> 3.0"


# Configure the AWS Supplier
supplier "aws"
area = "ap-south-1" #insert your area code
useful resource "aws_cloudwatch_event_rule" "eventtosns"
identify = "eventtosns"
event_pattern = jsonencode(

account = [
var.account,#insert your account number
]

)
useful resource "aws_cloudwatch_event_target" "eventtosns" # arn of the goal and rule id of the eventrule
arn = aws_sns_topic.eventtosns.arn
rule = aws_cloudwatch_event_rule.eventtosns.id
input_transformer
input_paths =
Supply = "$.supply",
detail-type = "$.detail-type",
assets = "$.assets",
state = "$.element.state",
standing = "$.element.standing"

input_template = ""Useful resource identify : <Supply> , Motion identify : <detail-type>,
particulars : <standing> <state>, Arn : <assets>""

useful resource "aws_sns_topic" "eventtosns"
identify = "eventtosns"
useful resource "aws_sns_topic_subscription" "snstoemail_email-target"
topic_arn = aws_sns_topic.eventtosns.arn
protocol = "e-mail"
endpoint = var.e-mail
# aws_sns_topic_policy.eventtosns:
useful resource "aws_sns_topic_policy" "eventtosns"
arn = aws_sns_topic.eventtosns.arn
coverage = jsonencode(

Id = "default_policy_ID"
Assertion = [

Action = [
"SNS:GetTopicAttributes",
"SNS:SetTopicAttributes",
"SNS:AddPermission",
"SNS:RemovePermission",
"SNS:DeleteTopic",
"SNS:Subscribe",
"SNS:ListSubscriptionsByTopic",
"SNS:Publish",
"SNS:Receive",
]
situation =
check = "StringEquals"
variable = "AWS:SourceOwner"
values = [
var.account,
]
Impact = "Enable"
Principal =
AWS = "*"

Useful resource = aws_sns_topic.eventtosns.arn
Sid = "__default_statement_ID"
,

Motion = "sns:Publish"
Impact = "Enable"
Principal =
Service = "occasions.amazonaws.com"

Useful resource = aws_sns_topic.eventtosns.arn
Sid = "AWSEvents_lambdaless_Idcb618e86-b782-4e67-b507-8d10aaca5f09"
,
]
Model = "2008-10-17"

)

More Posts