AWS SNS Notifications Admin Guide

How to add AWS SNS notifications to your policies in Metricly.

You can leverage AWS’s Simple Notification Service as one of your notification methods in Metricly. There are two ways to accomplish this: through an IAM Role or Access Key. It is recommended that you have first set up the AWS Integration and are familiar with terms such as ARN (Amazon Resource Names), which are needed to complete setup.


Inbound & Outbound

This guide tackles outbound SNS setup, however you can also ingest inbound SNS notifications. Check out how we leverage SNS to ingest CloudWatch logs for a great example of inbound useage.

Configuration Methods

IAM Role Setup Method

1. Add SNS Permissions to your AWS IAM Role

You must add SNS permissions to your AWS IAM Role in order to complete setup. Completing this section provides you with the required IAM Role ARN for section 4. Haven’t created an IAM Role? Complete our AWS setup documentation.

  1. In a separate tab from Metricly, log in to your AWS Identity & Access Management (IAM) Console.
  2. Once in the IAM dashboard, navigate to the Roles section.
  3. Search for your AWS Metricly IAM Role.
  4. Select your AWS Metricly IAM role.
  5. Click Attach Policy.
  6. For Attach Policy, search “sns”, then select AmazonSNSFullAccess.
  7. Click Attach Policy to add the policy.
  8. Return to step 2.5 in the previous section and input the IAM Role ARN.

2. Obtain Topic ARN 

You must have a Topic ARN set up in AWS to use SNS with Metricly. Completing this section provides you with that number.

  1. Navigate to the SNS console.
  2. Click Topics on the left-hand menu.
  3. Copy the ARN from the ARN column next to the desired topic. Paste the value into the Topic ARN field in the SNS Notification window in Metricly.
  4. Back in the SNS console, select the same topic, and then click Edit topic policy in the Actions menu.
  5. Under the Allow these users to publish messages to this topic section, select Only these AWS users and add the Account ID from Metricly to the field.
  6. Click Update Policy.
  7. Return to Metricly and optionally select Custom from the Payload drop-down menu. A text field will open after selecting Custom. Create a custom JSON payload in the textbox. You can use the following variables to make your notification more dynamic. To test your template, go here or visit the GitHub page.
  8. Click Save.
Variable Description
${eventCategory.name} The event category (  (Info),  (Warning), or  (Critical)).
${elementFqn} The Fully Qualified Name (FQN) of the element.
${elementId} The type of element (e.g., SERVER, ELB, EC2, RDS, etc.).
${elementLocation} The location of the element.
${elementName} The friendly name for the element.
${policyId} The policy identification number.
${policyName} The name of the policy.
${eventTimestamp} The time (in UTC) the event occurred.
${policyDescription} The description of the policy that generated the event.

Below is the default payload used in the SNS integration, but it’s a good starting place for creating a custom JSON payload.

{
  "timestamp": "${eventTimestamp}",
  "category": "${eventCategory}",
  "element": {
    "fqn": "${elementFqn}",
    "name": "${elementId}",
    "location": "${elementLocation}"
  },
  "policy": {
    "name": "${policyName}",
    "description": "${policyDescription}"
  }
}

3. Navigate to Integrations
  1. Click your UsernameNotifications.
  2. Click SNS.
  3. Click Add SNS.

4. Input Information
  1. Input a Name for the SNS notification.
  2. Ensure Enabled checkbox is selected.
  3. Provide a Topic ARN
  4. Select IAM Role for AWS Authentication.
  5. Provide existing IAM role ARN. (Or, skip to next section to create one).
  6. Choose a payload type (Default or Custom).
  7. Click Test and Save.
Access Key Setup Method
1. Create a User and Add SNS Permissions

You must have a user with SNS permissions to complete the setup of an SNS with Metricly. Completing this section provides you with the required Access key ID and Secret access key.

  1. In the AWS Console, navigate to Users.
  2. Click Add a User.
  3. Prove a Name and check Programmatic Access.
  4. Click Next: Permissions.
  5. Click Attach existing policies directly and select for AmazonSNSFullAccess.
  6. Click Next: Review.
  7. Click Create User.
  8. Copy the Access key ID and Secret access key.

2. Obtain Topic ARN 

You must have a Topic ARN set up in AWS to use SNS with Metricly. Completing this section provides you with that number.

  1. Navigate to the SNS console.
  2. Click Topics on the left-hand menu.
  3. Copy the ARN from the ARN column next to the desired topic. Paste the value into the Topic ARN field in the SNS Notification window in Metricly.
  4. Back in the SNS console, select the same topic, and then click Edit topic policy in the Actions menu.
  5. Under the Allow these users to publish messages to this topic section, select Only these AWS users and add the Account ID from Metricly to the field.
  6. Click Update Policy.
  7. Return to Metricly and optionally select Custom from the Payload drop-down menu. A text field will open after selecting Custom. Create a custom JSON payload in the textbox. You can use the following variables to make your notification more dynamic. To test your template, go here or visit the GitHub page.
  8. Click Save.
Variable Description
${eventCategory.name} The event category (  (Info),  (Warning), or  (Critical)).
${elementFqn} The Fully Qualified Name (FQN) of the element.
${elementId} The type of element (e.g., SERVER, ELB, EC2, RDS, etc.).
${elementLocation} The location of the element.
${elementName} The friendly name for the element.
${policyId} The policy identification number.
${policyName} The name of the policy.
${eventTimestamp} The time (in UTC) the event occurred.
${policyDescription} The description of the policy that generated the event.

Below is the default payload used in the SNS integration, but it’s a good starting place for creating a custom JSON payload.

{
  "timestamp": "${eventTimestamp}",
  "category": "${eventCategory}",
  "element": {
    "fqn": "${elementFqn}",
    "name": "${elementId}",
    "location": "${elementLocation}"
  },
  "policy": {
    "name": "${policyName}",
    "description": "${policyDescription}"
  }
}

3. Navigate to Integrations in Metricly
  1. Click your UsernameNotifications.
  2. Click SNS.
  3. Click Add SNS.

4. Input Information
  1. Input a Name for the SNS notification.
  2. Ensure Enabled checkbox is selected.
  3. Provide the Topic ARN from previous section. 
  4. Select IAM Role for AWS Authentication.
  5. Provide the  Access Key and Secret Key from previous section.
  6. Choose a payload type (Default or Custom).

More About Notifications

For more information about notifications, see them main Notifications page.

capterra

Join other DevOps who love Metricly!

Sign up for a free, fully featured, 21-day trial. No credit card required!