Streamlining cloud operations: How Repsol optimized AWS managed notifications at enterprise scale

Introduction

Repsol, a global multi-energy company that’s leading the energy transition, faced a common challenge in their organization’s cloud operations. They needed to manage the growing volume of AWS Health notifications across their organization of approximately 200 AWS accounts. To do this, they moved from a self-managed notification system to an optimized AWS managed notifications implementation. Their journey offers valuable insights for enterprises that operate at scale in AWS.

Solution overview

To address this challenge, Repsol worked with AWS to develop a solution that used native aggregation capabilities within AWS managed notifications. AWS and Repsol used these capabilities to standardize account contacts, such as root user and alternate contacts, across Repsol's organization. Repsol implemented consistent contact patterns and used plus addressing for root accounts, such as user+tag@repsol-example. com. Through these changes, Repsol transformed their notification management from an overwhelming stream of individual alerts to a streamlined system of consolidated notifications.

Previous implementation challenges

Before Repsol adopted AWS managed notifications, they relied on a centralized Amazon EventBridge event bus to manage AWS Health events across their organization. When this bus received a health event notification, an email trigger would notify the relevant end user or team through Amazon Simple Notification Service (Amazon SNS).

Repsol's teams received separate email notifications for each event across multiple accounts. These notifications comprised dense, compacted JSON messages that made it difficult for operations teams to quickly identify critical alerts within the redundant information and duplicate notifications. Additionally, the system didn’t have a native mechanism to aggregate related events that affected multiple accounts.

AWS Health RAW JSON notification.

Prerequisites:

To use this solution, Repsol needed to complete the following prerequisites:

• Turn on trusted access to AWS Organizations: If you use AWS Organizations, then turn on the AWS User Notifications integration option to aggregate and deduplicate your managed notifications.

• To get administrator access to AWS User Notifications, you must attach the appropriate AWS Identity and Access Management (IAM) permissions policy to your IAM user or role.

Strategic implementation

Deduplication in AWS managed notifications works when account contacts match between management and member accounts, including plus addressing. Repsol implemented a standardized email strategy to update root account email addresses across their AWS organization and use distribution lists as alternate contacts.

Repsol email strategy.

To streamline notification management, distribution lists centralize communications. Rather than configure separate paths for each notification rule, direct all alerts to a single list. Team members can then manage their own subscriptions based on roles and needs from this list. This consolidation offered the following benefits for Repsol:

• Reduced the need to update individual settings when teams changed and reduced administrative overhead.

• Saved configuration time while delivering consistent information delivery.

• Maintained operational flexibility.

"Distribution lists aligns with operational and governance practices at Repsol, it allows for clear accountability, improves response times, and adapts efficiently as we grow in AWS," said Werner Diers, Cloud Operations Specialist at Repsol.

Results and benefits

Through AWS managed notifications, Repsol now receives well-formatted, human-readable consolidated events from health@aws. com, where previously they received separate notifications for each affected account.

AWS Health event aggregated notification.

Operational improvements

Repsol notification volume reduced by 97%, and now is in the form of single aggregated notifications. For an example, Repsol received a notification for an AWS Trusted Advisor feature deprecation. The solution aggregated notifications from 174 accounts across the organization into a single notification that provided the management account with oversight into affected accounts. Because of the consistent format across different notification types and improved email formatting, Repsol streamlined escalation procedures and enhanced team efficiency.

Overcoming challenges

When Repsol first turned on AWS managed notifications, the feature included default notification configurations. These default configurations conflicted with Repsol’s infrastructure as code approach and created issues with existing resource deployments.

To resolve this challenge, Repsol developed an AWS Lambda-based solution. This solution assumed cross-account roles for all accounts in the organization and programmatically configured notifications. This automated approach created consistency across the organization and reduced manual console work.

Next steps

Building on this successful implementation, Repsol is exploring other initiatives to help improve notifications at the organization:

• Targeted Amazon Elastic Kubernetes Service (Amazon EKS) notifications by Organizational Unit (OU): Because of the release of the integration of AWS User Notifications with AWS Organizations, Repsol can now create custom notification configurations. These configurations can target the specific OU that contains the Amazon EKS workloads and make sure that platform teams receive only relevant Amazon EKS events.

• Service-specific maintenance alerts: To configure notifications for specific service maintenance events, Repsol is using the advanced JSON filters feature in User Notifications. Repsol can configure notifications for services, such as Amazon Relational Database Service (Amazon RDS) or Amazon Elastic Compute Cloud (Amazon EC2), and route the notifications to dedicated teams responsible for those services.

• Integration with Microsoft Teams for operational efficiency: Repsol is implementing direct delivery of notifications to Microsoft Teams channels. This integration creates interactive response capabilities within Repsol’s primary communication platform.

• Unified notification management: Repsol is consolidating AWS managed notifications with user-configured notifications to create a centralized notification framework of both platform-initiated and custom monitoring events.

Conclusion

Repsol's strategic approach to AWS managed notifications demonstrates how thoughtful implementation of AWS features can transform operational efficiency at enterprise scale. Their success in reducing notification noise while maintaining comprehensive coverage provides a valuable blueprint for organizations that face similar challenges. To learn more about how AWS Support plans and offerings can help you optimize your AWS environment, contact AWS Support.

About the authors

Adrian Bernardez Curra

Adrian is a Technical Account Manager (TAM) who works for the Energy industry at AWS and helps customers from the operational standpoint. He has 3 years of experience and is a subject matter expert on Amazon RDS, where he helps customers on their database journey. He has achieved multiple AWS certifications. In his free time, Adrian enjoys making music, playing video games, reading, and traveling.

Gonzalo Guerrero León

Gonzalo is a TAM at AWS who empowers enterprise customers through strategic technical guidance. Throughout his diverse 9-year tenure at Amazon, he’s contributed to multiple cornerstone divisions, including Human Resources, IT, Alexa, Amazon Business, and AWS, to gain insight into the technology landscape. Outside of work, Gonzalo enjoys playing volleyball with his wife and exploring the world alongside their adventurous Boston Terrier, Tigre.

Javier Román Carrillo

Javier is a Cloud Architect at Repsol, currently focused on cloud governance projects. With more than 15 years of experience across networking, big data, and cloud technologies, Javier brings deep technical expertise to the projects he participates in. Outside of work, Javier enjoys attending concerts of all music genres and playing tennis.

Werner Diers

Werner is a Senior Cloud Engineer with strong expertise in AWS, focused on designing and building scalable, secure, and automated cloud infrastructures. He is passionate about infrastructure as code, automating everything, and maintaining operational excellence. Outside of work, he enjoys hiking, traveling, and playing basketball.