Sending Amazon CloudWatch alerts to existing monitoring tools via AWS Direct Connect
What is the best way to import Amazon CloudWatch alerts into an existing monitoring tool? There is a documented process for Netcool to receive these alerts via HTTPS. The problem is the log solution is an isolated on-prem system behind a DMZ. The traffic needs to remain internal and not traverse the internet. Is there a way to have Amazon Simple Notification Service (SNS) send an alert without traversing the internet? I don't think so since this is an abstracted service that doesn't live within a customers VPC. I don't think a VPC endpoint will help as that just solves the problem between alerts getting from CloudWatch to SNS, but once SNS sends an HTTP alert there is no way to use the VPC connectivity. Looking for options to recommend the to the customer.
Option 1: Open ports so the existing tool can receive HTTS traffic via the internet. Option 2: Could we create an AWS Lambda function that would receive a CloudWatch event then generate an HTTPS message that could use routing to keep the HTTPS traffic internal?
- 최신
- 최다 투표
- 가장 많은 댓글
To your second option:
Yes, you could create a Lambda function that receives the event; make sure that Lambda function is attached to a VPC; have a Direct Connect or a site-to-site VPN connection to on-premises; then have the Lambda function call the on-premises server.
There would be additional charges for Lambda; for Direct Connect/VPN and traffic charges (which they are probably already paying). But it would be a "private" connection.
관련 콘텐츠
AWS 공식업데이트됨 일 년 전- AWS 공식업데이트됨 일 년 전
