By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Get alerted anytime a prefix list gets changed

1

Trying to setup a cloudwatch alert, to go to SNS to email me when a prefix list gets changed. But can't get any data. This is how I had the rule setup:

{ "source": ["aws.ec2"], "detail-type": ["AWS API Call via CloudTrail"], "detail": { "eventSource": ["ec2.amazonaws.com"], "eventName": ["CreateManagedPrefixList", "ModifyManagedPrefixList", "DeleteManagedPrefixList"] } }

is that correct? I think SNS part working, used a test msg and got that email. Seeing "Events FailedInvocations" on the CW monitor

Topics
Networking & Content DeliveryManagement & GovernanceApplication Integration
Tags
Amazon VPCAmazon CloudWatchAmazon Simple Notification Service (SNS)
Language
English
rePost-User-4136916
asked 5 months ago220 views
1 Answer
0
Accepted Answer

Hello.

I believe what you configured is an EventBridge rule, not a CloudWatch alarm.
And the rules you set will react when "CreateManagedPrefixList", "ModifyManagedPrefixList", and "DeleteManagedPrefixList" occur in CloudTrail.
I tried it in my environment and was able to confirm that emails were sent via SNS.
I think it will take some time for the monitoring of EventBridge rules to be reflected.
https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-rule.html

Try actually creating or deleting a prefix list and recording the API history in CloudTrail.

profile picture
EXPERT
Riku_Kobayashi
answered 5 months ago
profile picture
EXPERT
Gary Mclean
reviewed 5 months ago
  • rePost-User-4136916
    5 months ago

    oh yes, correct it is a evertbridge rule. Will it still work? I checked the cloudtrail logs event history and do see the events when searching for ModifyManagedPrefixList. I tried increasing/decreasing prefix size of an SG.

  • rePost-User-4136916
    5 months ago

    For your test, did u just create a CW alarm or EB? If CW, how did you set it up?

  • Riku_Kobayashi EXPERT
    5 months ago

    I created an EventBridge rule with the rule you shared. I haven't created any CloudWatch alarms. You can send emails using just EventBridge rules and SNS topics.

  • Riku_Kobayashi EXPERT
    5 months ago

    If you look at the actual EventBridge rule screen, the settings will look like the following. a
    b
    c

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content