Receive SNS Alerts when new resources are created in your AWS account

Receive SNS Alerts when new resources are created in your AWS account

“Empower Your AWS Management: Real-time Alerts for Enhanced Security and Control”

Introduction

In the dynamic and ever-evolving realm of AWS (Amazon Web Services), effective management and control over resources are essential for businesses seeking to optimize costs and maintain robust monitoring capabilities. One powerful tool for achieving this level of control is the utilization of SNS (Simple Notification Service) alerts.

By leveraging SNS alerts, AWS users can receive real-time notifications whenever new resources are created within their accounts. This introduction explores the significance of employing SNS alerts in AWS, highlighting their role in enhancing cost control and monitoring efforts.

Here’s a sample of the email notification that was received from SNS when a new resource has been created in the AWS account:

The above email body can be customized based on your choice. This can be achieved by configuring the input template in the input transformer in Eventbridge.

Architecture Diagram

The architecture diagram for the proposed setup is as below:

Procedure

Step-1: Enable AWS Config

Make sure to set the AWS Config recorder as “Recording is on” for your AWS account in which you are implementing this solution.

To check the status of your Config recorder, Go to the AWS Config console and navigate to the Settings page.

To enable the recording, click on Edit and choose the Enable recording checkbox and then click on Save.

Step-2: Create an SNS topic

To send the alerts through emails, we need to set up an SNS topic and also create subscriptions with Email as Protocol then add the desired recipient(s) emails where the alerts should be sent.

Note that after your subscription is created, you must confirm it.

You can refer to the following document to create an SNS topic and subscribe to it to an endpoint —
https://docs.aws.amazon.com/sns/latest/dg/sns-create-topic.html
docs.aws.amazon.com/sns/latest/dg/sns-creat..

Step-3: Create an EventBridge rule

We need to create an EventBridge rule with an event pattern that discovers when new resources are created in the account.

Choose the Rule type as Rule with an event pattern and click on Next.

You will navigate to Build event pattern section. Here choose the Event source as AWS events and select Custom pattern(JSON editor) for Creation method then choose Edit pattern and paste the event pattern.

Here is the sample event pattern if it configured to alert when a new S3 bucket is created:

{
  "detail": {
    "configurationItem": {
      "configurationItemStatus": ["ResourceDiscovered"],
      "resourceType": ["AWS::S3::Bucket"]
    },
    "messageType": ["ConfigurationItemChangeNotification"]
  },
  "detail-type": ["Config Configuration Item Change"],
  "source": ["aws.config"]
}

You can change the syntax value of “resourceType” for different resources.
Here are some of the syntax for major resources that may affect your billing.

"resourceType": ["AWS::EC2::Instance",
                 "AWS::EC2::Volume",
                 "AWS::RDS::DBInstance",
                 "AWS::RDS::DBCluster",
                 "AWS::S3::Bucket", 
                 "AWS::Redshift::Cluster",
                 "AWS::ElasticLoadBalancing::LoadBalancer",
                 "AWS::DynamoDB::Table",
                 "AWS::CodeBuild::Project",
                 "AWS::CloudFront::Distribution",
                 "AWS::Lambda::Function",
                 "AWS::KMS::Key",
                 "AWS::Backup::BackupPlan",
                 "AWS::ECR::Repository",
                 "AWS::ECS::Cluster",
                 "AWS::ECS::Service",
                 "AWS::EFS::FileSystem",
                 "AWS::EKS::Cluster",
                 "AWS::Kinesis::Stream",
                 "AWS::ECR::PublicRepository",
                 "AWS::DMS::ReplicationInstance",
                 "AWS::Glue::Job"]

Add the SNS topic as target to the eventbridge rule that is created and click on “Additional settings” then choose Input transformer under “Configure the target input” section.

Next click on “Configure input transformer” then under Input path load the JSON data that confines the reference values that you define in the template to get in the alert mails.

Here is a sample for the input path:

{"awsRegion":"$.detail.configurationItem.awsRegion","awsAccountId":"$.detail.configurationItem.awsAccountId","resource_type":"$.detail.configurationItem.resourceType","resource_ID":"$.detail.configurationItem.resourceId","configurationItemCaptureTime":"$.detail.configurationItem.configurationItemCaptureTime"}

Under Template section you can write the information that you want to pass to the target.

Here is a sample template:

"A new <resource_type> has been created with Id <resource_ID> on <configurationItemCaptureTime> in the account <awsAccountId> in the region <awsRegion>."

Then choose Confirm and Create the rule.

That’s it!

Congrats!! Now you have successfully completed the setup for utilizing SNS alerts in AWS. As a result, you will now be able to receive alert emails whenever new resources are created within your AWS account. This implementation empowers you with real-time visibility and timely notifications, allowing you to stay informed and take proactive measures in managing and optimizing your AWS resources effectively.

Authors

For further information or any inquiries, please feel free to reach out to us via:
~ Linkedin — sahith palika | LinkedIn , Jaya Sree Gundasu | LinkedIn
~ Email ID — sahithpalika25@gmail.com, gjayasree1919@gmail.com