Monitoring the health of your workloads with User Notifications
This article explains how you can use AWS User Notifications to centralize public event notifications from multiple AWS Regions.
Introduction
AWS Health is the authoritative data source for events and changes that affect your AWS cloud resources. AWS Health notifies you about service events, planned changes, and account notifications to help you manage and take actions. You can sign in to your AWS Health Dashboard to view account-specific health information or receive AWS Health event updates through Amazon EventBridge. You can also access AWS Health programmatically through the AWS Health API that’s available with AWS Premium Support.
AWS handles two types of AWS Health events:
- Account-specific events: These are events that affect resources in your account, such as scheduled events on your Amazon Elastic Compute Cloud (Amazon EC2) instances.
- Public events: These events provide information about the regional availability of an AWS service and aren’t specific to an AWS account.
Account-specific events are typically managed by account owners and don’t require immediate action. However, public events require swift notification to customers' operations teams. To minimize noise and concentrate on potentially impactful events, you might prefer to receive notifications only for Regions that host your workloads. That way, operations teams can quickly evaluate the event's scope and make decisions to mitigate impact.
With User Notifications, you can centrally configure and view these notifications in a consistent and human-friendly format. You can configure delivery channels, such as email, AWS Chatbot, and the AWS Console Mobile Application, to view AWS Health events across different AWS services and Regions. These notifications include URLs to resources on the AWS Management Console, where you can take additional actions.
In this article, you will learn how to set up User Notifications to automate alerting for public events in the Regions where your workloads run. You will also learn how to include notifications for AWS global services and configure backup notifications for better resilience. The User Notifications service is available to you at no additional cost.
Note: If you operate multiple AWS accounts, then choose one account to implement the suggested settings. Because AWS public events are the same for every account, you can configure the settings once per team.
Prerequisites
- Check if User Notifications is supported in your Region.
- If the AWS account is a member of AWS Organizations that uses a Service Control Policy (SCP), then make sure that you have permissions to create User Notifications. The SCP must allow the following actions:
- "notifications:*"
- "notifications-contacts:*"
- To get administrator access to the Notifications Center, make sure that you attach the following AWS Identity and Access Management (IAM) permissions policy to your IAM user or role. You can attach different IAM policies depending on your use case.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"notifications:*",
"notifications-contacts:*"
],
"Resource": "*"
}
]
}
Set up notifications
- Open AWS User Notifications in the AWS Management Console.
Note: AWS User Notifications is a “global” service. - In the navigation pane, under Notifications Center, choose Notifications configurations. Then, choose Create notification configuration.
- Skip the optional Quick setup section.
- For Name, enter a unique name for your notification configuration.
- For Description, enter a description for your notification configuration.
- Under Event rules, for AWS Service name, select Health.
- For Event type, select Specific Health events.
- For Regions, select your primary Regions to receive notifications for public events. Then, select US East (N. Virginia) to receive notifications for events from global services, such as IAM and Amazon CloudFront. Then, select US West (Oregon) as the backup Region for when your primary Region is impacted by a public event. Oregon is the backup Region for all AWS commercial Regions. If you selected Oregon as your primary Region, then select US East (N. Virginia) as your backup Region.
- Expand Advanced filter, and then enter the following script to filter public events:
{
"detail": {
"eventTypeCategory": [
"issue"
],
"eventScopeCode": [
"PUBLIC"
]
}
}
- For Aggregation settings, select your desired choice based on how frequently you want to receive the notifications.
- For Delivery channels, select the contact channel where you want to receive the notifications. For more information on how to configure the delivery channel, see the section Configure delivery channels.
- For Notification hubs selection, select up to three notification hubs. If this is the first notification configuration that you’re setting up for your account, then you must configure an AWS Region to be the notification hub. A notification hub is an account-level setting that identifies the Regions where you store, process, and replicate notifications. You must select at least one notification hub before you create any notification configurations.
- Choose Create notification configuration.
Your notification configuration is created.
For more information, see Configuring AWS User Notifications.
Note:
- User Notifications automatically create EventBridge rules in each of the Regions that you selected for Event rules.
- If your primary Region is neither US East (N. Virginia) nor US West (Oregon), then it’s a best practice to select both of these Regions under Event rules. This configuration improves the resiliency of your event notifications. When you do so, User Notifications creates EventBridge rules in these Regions, and you receive notifications for the following events:
- Global events that originate from US East (N. Virginia)
- Public events from your primary Region that are routed through US West (Oregon) as a backup Region when your primary Region is unavailable
- Non-global events from both Regions
- When you select US East (N. Virginia) to receive notifications for global events and US West (Oregon) as a backup Region, you will receive updates for non-global events from both Regions, even if you don’t have workloads in these Regions. To receive the notifications for only global events and public events from your primary Region, enter the following JSON script for **Advanced **filter. Replace eu-west-1 in the script with the Region code of your primary Region.
{
"detail": {
"eventTypeCategory": [
"issue"
],
"eventScopeCode": [
"PUBLIC"
],
"eventRegion": [
"global",
"eu-west-1"
]
}
}
Configure delivery channels
When you set up notifications, you can select one or more delivery channels based on where you want to receive the notifications. This section provides further details on how you can configure your delivery channels in step 11 in the Set up notifications section.
Follow these steps to configure email as your contact channel:
Note: Because the sender of these emails is from the @aws.com domain, you don’t need SCPs to allow Amazon Simple Email Service (Amazon SES) in AWS Organizations.
- For Delivery channels, select Email.
- For Recipient, enter or select a valid email address.
- For Name, enter a name that’s associated with the email address. It’s a best practice to use a distribution list to make sure that the notification is received by a team instead of an individual.
After you create the notification configuration, you will get a verification email in the email address that you provided. Be sure to choose Verify email to verify the email address that you configured.
AWS Console Mobile App
Follow these steps to select AWS Console Mobile App as the delivery channel:
- For Delivery channels, select AWS Console Mobile App.
- Scan the QR code to download the AWS Console Mobile Application to your iOS or Android mobile device.
- Turn on push notifications from the application on your mobile device.
- On the User Notifications console, for Device, select the mobile device that you configured.
Chat channels
You can configure Slack, Amazon Chime, or Microsoft Teams as chat channels. For more information, see the following links:
- Tutorial: Get started (Slack)
- Tutorial: Get started (Amazon Chime)
- Tutorial: Get started (Microsoft Teams)
After you configure the channel, follow these steps in the User Notifications console:
- For Delivery channels, select Chat channels.
- For Chat channels, select the chatbot that you created.
Cleanup
-
To stop receiving notifications, delete the notification configuration.
-
You can remove delivery channels from notification configurations in a delivery channel’s detail view.
Pricing
You can configure and view notifications in the Notifications Center at no additional cost. User Notifications creates EventBridge rules in all the Regions that are specified in the configuration. Because EventBridge rules are configured to monitor AWS Health events that are free of charge by default, you don’t incur any EventBridge costs. Also, you don’t incur additional costs to send emails through User Notifications delivery channels, use the AWS Chatbot, or download the AWS Console Mobile App.
Conclusion
This article explains how you can use User Notifications to centralize public events from multiple Regions. With this solution, application, platform, and operations teams can get real-time notifications of these events to correlate with issues that they might experience. AWS Support engineers and Technical Account Managers (TAMs) can help you with general guidance, best practices, troubleshooting, and operational support on AWS. To learn more about our plans and offerings, see AWS Support.
About the authors
Adrian Bernardez Curra
Adrian is a TAM who works for the Energy industry at AWS and helps customers from the operational standpoint. He has 3 years of experience and is a subject matter expert on Amazon Relational Database Service (Amazon RDS), where he helps customers on their database journey while achieving a number of AWS certifications. In his free time, Adrian enjoys making music, playing video games, reading, and traveling.
Ketan Kumar
Ketan is a Senior TAM at AWS based out of Dublin, Ireland. In his role, he provides strategic technical guidance to help customers use AWS best practices to plan and build solutions. He’s dedicated to empower customers to develop scalable, resilient, and cost-effective architectures. In his free time, Ketan enjoys spending time with his wife and family, traveling, playing video games, and watching movies.
Relevant content
- AWS OFFICIALUpdated 22 days ago
- asked a year agolg...
- asked 2 months agolg...
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 3 years ago