Amazon-Cloudwatch [SOLVED]: Cloudwatch alert on any instance creation?

Amazon-Cloudwatch [SOLVED]: Cloudwatch alert on any instance creation?

Home Forums Amazon Web Services Amazon Cloudwatch Amazon-Cloudwatch [SOLVED]: Cloudwatch alert on any instance creation?

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #166023

    Cloudy Point
    Keymaster

    QuestionQuestion

    I would like to send out alerts and create logs any time an instance is created within an aws account. The instances in the account are mostly static and are rarely changed, so an alert should go off when an unauthorized change is made.

    How can I create a cloudwatch alarm that can do this?

    #166024

    Cloudy Point
    Keymaster

    Accepted AnswerAnswer

    I can think of 2 options:

    Option 1 – You write code

    • Enable CloudTrail
    • Have S3 trigger a Lambda function for PutObject (gets triggered whenever CloudTrail delivers events)
    • Write a Lambda function that reads the passed S3 object, looks for RunInstances event and sends a mail including instance name, instance id, who launched the instance etc., using AWS SES
    • You pay for CloudTrail+S3 only (SES cost is negligible)

    Option 2 – Let AWS do everything

    • Enable CloudTrail

    • Have CloudTrail logs delivered to CloudWatch

    • Add an alarm in CloudWatch to send you an alert using SNS when CloudWatch detects RunInstances

    • You pay for CloudTrail+S3+CloudWatch

    • More info: Sending Events to CloudWatch Logs

    Source: https://stackoverflow.com/questions/45449053/cloudwatch-alert-on-any-instance-creation
    Author: helloV
    Creative Commons License
    This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.