aws-samples/aws-health-aware aws-samples/aws-health-aware

  • Stars
    star
    250
  • Rank 157,139 (Top 4 %)
  • Language
    Python
  • License
    MIT No Attribution
  • Created about 3 years ago
  • Updated about 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
aws-samples/aws-health-aware
github

aws-samples

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

AHA is an incident management & communication framework to provide real-time alert customers when there are active AWS event(s). For customers with AWS Organizations, customers can get aggregated active account level events of all the accounts in the Organization. Customers not using AWS Organizations still benefit alerting at the account level.

Table of Contents

Introduction

AWS Health Aware (AHA) is an automated notification tool for sending well-formatted AWS Health Alerts to Amazon Chime, Slack, Microsoft Teams, E-mail or an AWS Eventbridge compatible endpoint as long as you have Business or Enterprise Support.

What's New

Release 2.2 introduces an updated schema for Health events delivered to an EventBridge bus. This allows simplified matching of events which you can then consume with other AWS services or SaaS solutions. Read more about the new feature and how to filter events using EventBridge.

Architecture

Single Region

Multi Region

Created AWS Resources

Resource Description
DynamoDBTable DynamoDB Table used to store Event ARNs, updates and TTL
ChimeChannelSecret Webhook URL for Amazon Chime stored in AWS Secrets Manager
EventBusNameSecret EventBus ARN for Amazon EventBridge stored in AWS Secrets Manager
LambdaExecutionRole IAM role used for LambdaFunction
LambdaFunction Main Lambda function that reads from AWS Health API, sends to endpoints and writes to DynamoDB
LambdaSchedule Amazon EventBridge rule that runs every min to invoke LambdaFunction
LambdaSchedulePermission IAM Role used for LambdaSchedule
MicrosoftChannelSecret Webhook URL for Microsoft Teams stored in AWS Secrets Manager
SlackChannelSecret Webhook URL for Slack stored in AWS Secrets Manager

Configuring an Endpoint

AHA can send to multiple endpoints (webhook URLs, Email or EventBridge). To use any of these you'll need to set it up before-hand as some of these are done on 3rd party websites. We'll go over some of the common ones here.

Creating a Amazon Chime Webhook URL

You will need to have access to create a Amazon Chime room and manage webhooks.

  1. Create a new chat room for events (i.e. aws_events).
  2. In the chat room created in step 1, click on the gear icon and click manage webhooks and bots.
  3. Click Add webhook.
  4. Type a name for the bot (e.g. AWS Health Bot) and click Create.
  5. Click Copy URL, we will need it for the deployment.

Creating a Slack Webhook URL

You will need to have access to add a new channel and app to your Slack Workspace.

Webhook

  1. Create a new channel for events (i.e. aws_events)
  2. In your browser go to: workspace-name.slack.com/apps where workspace-name is the name of your Slack Workspace.
  3. In the search bar, search for: Incoming Webhooks and click on it.
  4. Click on Add to Slack.
  5. From the dropdown click on the channel your created in step 1 and click Add Incoming Webhooks integration.
  6. From this page you can change the name of the webhook (i.e. AWS Bot), the icon/emoji to use, etc.
  7. For the deployment we will need the Webhook URL.

Workflow

  1. Create a new channel for events (i.e. aws_events)
  2. Within Slack click on your workspace name drop down arrow in the upper left. click on Tools > Workflow Builder
  3. Click Create in the upper right hand corner of the Workflow Builder and give your workflow a name click next.
  4. Click on select next to Webhook and then click add variable add the following variables one at a time in the Key section. All data type will be text:
    -text
    -accounts
    -resources
    -service
    -region
    -status
    -start_time
    -event_arn
    -updates
  5. When done you should have 9 variables, double check them as they are case sensitive and will be referenced. When checked click on done and next.
  6. Click on add step and then on the add a workflow step click add next to send a message.
  7. Under send this message to: select the channel you created in Step 1 in message text you can should recreate this following:
  8. Click save and the click publish
  9. For the deployment we will need the Webhook URL.

Creating a Microsoft Teams Webhook URL

You will need to have access to add a new channel and app to your Microsoft Teams channel.

  1. Create a new channel for events (i.e. aws_events)
  2. Within your Microsoft Team go to Apps
  3. In the search bar, search for: Incoming Webhook and click on it.
  4. Click on Add to team.
  5. Type in the name of your on the channel your created in step 1 and click Set up a connector.
  6. From this page you can change the name of the webhook (i.e. AWS Bot), the icon/emoji to use, etc. Click Create when done.
  7. For the deployment we will need the webhook URL that is presented.

Configuring an Email

  1. You'll be able to send email alerts to one or many addresses. However, you must first verify the email(s) in the Simple Email Service (SES) console.
  2. AHA utilizes Amazon SES so all you need is to enter in a To: address and a From: address.
  3. You may have to allow a rule in your environment so that the emails don't get labeled as SPAM. This will be something you have to congfigure on your own.

Creating a Amazon EventBridge Ingestion ARN

Only required if you are going to be using EventBridge, you can create new with the instructions below or use an existing one.

  1. In the AWS Console, search for Amazon EventBridge.
  2. On the left hand side, click Event buses.
  3. Under Custom event bus click Create event bus
  4. Give your Event bus a name and click Create.
  5. For the deployment we will need the Name of the Event bus (not the ARN, e.g. aha-eb01).

Deployment Options

CloudFormation

There are 3 available ways to deploy AHA, all are done via the same CloudFormation template to make deployment as easy as possible.

The 3 deployment methods for AHA are:

  1. AHA for users WITHOUT AWS Organizations: Users NOT using AWS Organizations.
  2. AHA for users WITH AWS Organizations (Management Account): Users who ARE using AWS Organizations and deploying in the top-level management account.
  3. AHA for users WITH AWS Organizations (Member Account): Users who ARE using AWS Organizations and deploying in a member account in the organization to assume a role in the top-level management account.

AHA Without AWS Organizations using CloudFormation

Prerequisites

  1. Have at least 1 endpoint configured (you can have multiple)
  2. Have access to deploy Cloudformation Templates with the following resources: AWS IAM policies, Amazon DynamoDB Tables, AWS Lambda, Amazon EventBridge and AWS Secrets Manager.
  3. If using Multi-Region, you must deploy the following 2 CloudFormation templates to allow the Stackset deployment to deploy resources even if you have full administrator privileges, you still need to follow these steps.

Deployment

  1. Clone the AHA package that from this repository. If you're not familiar with the process, here is some documentation. The URL to clone is in the upper right-hand corner labeled Clone uri
  2. In the root of this package you'll have two files; handler.py and messagegenerator.py. Use your tool of choice to zip them both up and name them with a unique name (e.g. aha-v1.8.zip). Note: Putting the version number in the name will make upgrading AHA seamless.
  3. Upload the .zip you created in Step 1 to an S3 in the same region you plan to deploy this in.
  4. In your AWS console go to CloudFormation.
  5. In the CloudFormation console click Create stack > With new resources (standard).
  6. Under Template Source click Upload a template file and click Choose file and select CFN_DEPLOY_AHA.yml Click Next.
  • In Stack name type a stack name (i.e. AHA-Deployment).
  • In AWSOrganizationsEnabled leave it set to default which is No. If you do have AWS Organizations enabled and you want to aggregate across all your accounts, you should be following the step for AHA for users who ARE using AWS Organizations
  • In AWSOrganizationsEnabled leave it set to default which is No. If you do have AWS Organizations enabled and you want to aggregate across all your accounts, you should be following the steps for AHA for users who ARE using AWS Organizations (Management Account) or AHA for users WITH AWS Organizations (Member Account)
  • In AWSHealthEventType select whether you want to receive all event types or only issues.
  • In S3Bucket type just the bucket name of the S3 bucket used in step 3 (e.g. my-aha-bucket).
  • In S3Key type just the name of the .zip file you created in Step 2 (e.g. aha-v1.8.zip).
  • In the Communications Channels section enter the URLs, Emails and/or ARN of the endpoints you configured previously.
  • In the Email Setup section enter the From and To Email addresses as well as the Email subject. If you aren't configuring email, just leave it as is.
  • In EventSearchBack enter in the amount of hours you want to search back for events. Default is 1 hour.
  • In Regions enter in the regions you want to search for events in. Default is all regions. You can filter for up to 10, comma separated (e.g. us-east-1, us-east-2).
  • In ARN of the AWS Organizations Management Account assume role leave it set to default None as this is only for customers using AWS Organizations.
  • In Deploy in secondary region? select another region to deploy AHA in. Otherwise leave to default No.
  1. Scroll to the bottom and click Next.
  2. Scroll to the bottom and click Next again.
  3. Scroll to the bottom and click the checkbox and click Create stack.
  4. Wait until Status changes to CREATE_COMPLETE (roughly 2-4 minutes or if deploying in a secondary region, it can take up to 30 minutes).

AHA With AWS Organizations on Management Account using CloudFormation

Prerequisites

  1. Enable Health Organizational View from the console, so that you can aggregate all Personal Health Dashboard (PHD) events for all accounts in your AWS Organization.
  2. Have at least 1 endpoint configured (you can have multiple)
  3. Have access to deploy Cloudformation Templates with the following resources: AWS IAM policies, Amazon DynamoDB Tables, AWS Lambda, Amazon EventBridge and AWS Secrets Manager in the AWS Organizations Master Account.
  4. If using Multi-Region, you must deploy the following 2 CloudFormation templates to allow the Stackset deployment to deploy resources even if you have full administrator privileges, you still need to follow these steps.

Deployment

  1. Clone the AHA package that from this repository. If you're not familiar with the process, here is some documentation. The URL to clone is in the upper right-hand corner labeled Clone uri
  2. In the root of this package you'll have two files; handler.py and messagegenerator.py. Use your tool of choice to zip them both up and name them with a unique name (e.g. aha-v1.8.zip). Note: Putting the version number in the name will make upgrading AHA seamless.
  3. Upload the .zip you created in Step 1 to an S3 in the same region you plan to deploy this in.
  4. In your AWS console go to CloudFormation.
  5. In the CloudFormation console click Create stack > With new resources (standard).
  6. Under Template Source click Upload a template file and click Choose file and select CFN_DEPLOY_AHA.yml Click Next.
  • In Stack name type a stack name (i.e. AHA-Deployment).
  • In AWSOrganizationsEnabled change the dropdown to Yes. If you do NOT have AWS Organizations enabled you should be following the steps for AHA for users who are NOT using AWS Organizations
  • In AWSHealthEventType select whether you want to receive all event types or only issues.
  • In S3Bucket type just the bucket name of the S3 bucket used in step 3 (e.g. my-aha-bucket).
  • In S3Key type just the name of the .zip file you created in Step 2 (e.g. aha-v1.8.zip).
  • In the Communications Channels section enter the URLs, Emails and/or ARN of the endpoints you configured previously.
  • In the Email Setup section enter the From and To Email addresses as well as the Email subject. If you aren't configuring email, just leave it as is.
  • In EventSearchBack enter in the amount of hours you want to search back for events. Default is 1 hour.
  • In Regions enter in the regions you want to search for events in. Default is all regions. You can filter for up to 10, comma separated with (e.g. us-east-1, us-east-2).
  • In ARN of the AWS Organizations Management Account assume role leave it set to default None.
  • In Deploy in secondary region? select another region to deploy AHA in. Otherwise leave to default No.
  1. Scroll to the bottom and click Next.
  2. Scroll to the bottom and click Next again.
  3. Scroll to the bottom and click the checkbox and click Create stack.
  4. Wait until Status changes to CREATE_COMPLETE (roughly 2-4 minutes or if deploying in a secondary region, it can take up to 30 minutes).

AHA With AWS Organizations on Member Account using CloudFormation

Prerequisites

  1. Enable Health Organizational View from the console, so that you can aggregate all Personal Health Dashboard (PHD) events for all accounts in your AWS Organization.
  2. Have at least 1 endpoint configured (you can have multiple)
  3. Have access to deploy Cloudformation Templates with the following resource: AWS IAM policies in the AWS Organizations Master Account.
  4. If using Multi-Region, you must deploy the following 2 CloudFormation templates in the Member Account to allow the Stackset deployment to deploy resources even if you have full administrator privileges, you still need to follow these steps.

Deployment

  1. Clone the AHA package that from this repository. If you're not familiar with the process, here is some documentation. The URL to clone is in the upper right-hand corner labeled Clone uri
  2. In your top-level management account AWS console go to CloudFormation
  3. In the CloudFormation console click Create stack > With new resources (standard).
  4. Under Template Source click Upload a template file and click Choose file and select CFN_MGMT_ROLE.yml Click Next.
  • In Stack name type a stack name (i.e. aha-assume-role).
  • In OrgMemberAccountId put in the account id of the member account you plan to run AHA in (e.g. 000123456789).
  1. Scroll to the bottom and click Next.
  2. Scroll to the bottom and click Next again.
  3. Scroll to the bottom and click the checkbox and click Create stack.
  4. Wait until Status changes to CREATE_COMPLETE (roughly 1-2 minutes). This will create an IAM role with the necessary AWS Organizations and AWS Health API permissions for the member account to assume.
  5. In the Outputs tab, there will be a value for AWSHealthAwareRoleForPHDEventsArn (e.g. arn:aws:iam::000123456789:role/aha-org-role-AWSHealthAwareRoleForPHDEvents-ABCSDE12201), copy that down as you will need it for step 16.
  6. Back In the root of the package you downloaded/cloned you'll have two files; handler.py and messagegenerator.py. Use your tool of choice to zip them both up and name them with a unique name (e.g. aha-v1.8.zip). Note: Putting the version number in the name will make upgrading AHA seamless.
  7. Upload the .zip you created in Step 11 to an S3 in the same region you plan to deploy this in.
  8. Login to the member account you plan to deploy this in and in your AWS console go to CloudFormation.
  9. In the CloudFormation console click Create stack > With new resources (standard).
  10. Under Template Source click Upload a template file and click Choose file and select CFN_DEPLOY_AHA.yml Click Next.
  • In Stack name type a stack name (i.e. AHA-Deployment).
  • In AWSOrganizationsEnabled change the dropdown to Yes. If you do NOT have AWS Organizations enabled you should be following the steps for AHA for users who are NOT using AWS Organizations
  • In AWSHealthEventType select whether you want to receive all event types or only issues.
  • In S3Bucket type just the bucket name of the S3 bucket used in step 12 (e.g. my-aha-bucket).
  • In S3Key type just the name of the .zip file you created in Step 11 (e.g. aha-v1.8.zip).
  • In the Communications Channels section enter the URLs, Emails and/or ARN of the endpoints you configured previously.
  • In the Email Setup section enter the From and To Email addresses as well as the Email subject. If you aren't configuring email, just leave it as is.
  • In EventSearchBack enter in the amount of hours you want to search back for events. Default is 1 hour.
  • In Regions enter in the regions you want to search for events in. Default is all regions. You can filter for up to 10, comma separated with (e.g. us-east-1, us-east-2).
  • In ManagementAccountRoleArn enter in the full IAM arn from step 10 (e.g. arn:aws:iam::000123456789:role/aha-org-role-AWSHealthAwareRoleForPHDEvents-ABCSDE12201)
  • In Deploy in secondary region? select another region to deploy AHA in. Otherwise leave to default No.
  1. Scroll to the bottom and click Next.
  2. Scroll to the bottom and click Next again.
  3. Scroll to the bottom and click the checkbox and click Create stack.
  4. Wait until Status changes to CREATE_COMPLETE (roughly 2-4 minutes or if deploying in a secondary region, it can take up to 30 minutes).

Terraform

There are 3 available ways to deploy AHA, all are done via the same Terraform template to make deployment as easy as possible.

**NOTE: ** AHA code is tested with Terraform version v1.0.9, please make sure to have minimum terraform verson of v1.0.9 installed.

The 3 deployment methods for AHA are:

  1. AHA for users NOT using AWS Organizations using Terraform: Users NOT using AWS Organizations.
  2. AHA for users WITH AWS Organizations using Terraform (Management Account): Users who ARE using AWS Organizations and deploying in the top-level management account.
  3. AHA for users WITH AWS Organizations using Terraform (Member Account): Users who ARE using AWS Organizations and deploying in a member account in the organization to assume a role in the top-level management account.

AHA Without AWS Organizations using Terraform

Prerequisites

  1. Have at least 1 endpoint configured (you can have multiple)
  2. Have access to deploy Terraform Templates with the following resources: AWS IAM policies, Amazon DynamoDB Tables, AWS Lambda, Amazon EventBridge and AWS Secrets Manager.

**NOTE: ** For Multi region deployment, DynamoDB table will be created with PAY_PER_REQUEST billing mode insted of PROVISIONED due to limitation with terraform.

Deployment - Terraform

  1. Clone the AHA package that from this repository. If you're not familiar with the process, here is some documentation. The URL to clone is in the upper right-hand corner labeled Clone uri
$ git clone https://github.com/aws-samples/aws-health-aware.git
$ cd aws-health-aware/terraform/Terraform_DEPLOY_AHA
  1. Update parameters file terraform.tfvars as below
  • aha_primary_region - change to region where you want to deploy AHA solution
  • aha_secondary_region - Required if needed to deploy in AHA solution in multiple regions, change to another region (Secondary) where you want to deploy AHA solution, Otherwise leave to default empty value.
  • AWSOrganizationsEnabled - Leave it to default which is No. If you do have AWS Organizations enabled and you want to aggregate across all your accounts, you should be following the steps for AHA for users who ARE using AWS Organizations (Management Account)] or AHA for users WITH AWS Organizations (Member Account)
  • AWSHealthEventType - select whether you want to receive all event types or only issues.
  • Communications Channels section - enter the URLs, Emails and/or ARN of the endpoints you configured previously.
  • Email Setup section - enter the From and To Email addresses as well as the Email subject. If you aren't configuring email, just leave it as is.
  • EventSearchBack - enter in the amount of hours you want to search back for events. Default is 1 hour.
  • Regions - enter in the regions you want to search for events in. Default is all regions. You can filter for up to 10, comma separated (e.g. us-east-1, us-east-2).
  • ManagementAccountRoleArn - Leave it default empty value
  • ExcludeAccountIDs - type just the name of the .csv file you want to upload if needed to exclude accounts from monitoring, else leave it to empty.
  • ManagementAccountRoleArn - In ARN of the AWS Organizations Management Account assume role leave it set to default None as this is only for customers using AWS Organizations.
  1. Deploy the solution using terraform commands below.
$ terraform init
$ terraform plan
$ terraform apply

AHA WITH AWS Organizations on Management Account using Terraform

  1. Enable Health Organizational View from the console, so that you can aggregate all Personal Health Dashboard (PHD) events for all accounts in your AWS Organization.
  2. Have at least 1 endpoint configured (you can have multiple)

**NOTE: ** For Multi region deployment, DynamoDB table will be created with PAY_PER_REQUEST billing mode insted of PROVISIONED due to limitation with terraform.

Deployment - Terraform

  1. Clone the AHA package that from this repository. If you're not familiar with the process, here is some documentation. The URL to clone is in the upper right-hand corner labeled Clone uri
$ git clone https://github.com/aws-samples/aws-health-aware.git
$ cd aws-health-aware/terraform/Terraform_DEPLOY_AHA
  1. Update parameters file terraform.tfvars as below
  • aha_primary_region - change to region where you want to deploy AHA solution
  • aha_secondary_region - Required if needed to deploy in AHA solution in multiple regions, change to another region (Secondary) where you want to deploy AHA solution, Otherwise leave to default empty value.
  • AWSOrganizationsEnabled - change the value to Yes. If you do NOT have AWS Organizations enabled you should be following the steps for AHA for users who are NOT using AWS Organizations
  • AWSHealthEventType - select whether you want to receive all event types or only issues.
  • Communications Channels section - enter the URLs, Emails and/or ARN of the endpoints you configured previously.
  • Email Setup section - enter the From and To Email addresses as well as the Email subject. If you aren't configuring email, just leave it as is.
  • EventSearchBack - enter in the amount of hours you want to search back for events. Default is 1 hour.
  • Regions enter in the regions you want to search for events in. Default is all regions. You can filter for up to 10, comma separated (e.g. us-east-1, us-east-2).
  • ManagementAccountRoleArn - Leave it default empty value
  • S3Bucket - type just the name of the S3 bucket where exclude file .csv you upload. leave it empty if exclude Account feature is not used.
  • ExcludeAccountIDs - type just the name of the .csv file you want to upload if needed to exclude accounts from monitoring, else leave it to empty.
  • ManagementAccountRoleArn - In ARN of the AWS Organizations Management Account assume role leave it set to default None, unless you are using a member account instead of the management account. Instructions for this configuration are in the next section.
  1. Deploy the solution using terraform commands below.
$ terraform init
$ terraform plan
$ terraform apply

AHA WITH AWS Organizations on Member Account using Terraform

  1. Enable Health Organizational View from the console, so that you can aggregate all Personal Health Dashboard (PHD) events for all accounts in your AWS Organization.
  2. Have at least 1 endpoint configured (you can have multiple)

**NOTE: ** For Multi region deployment, DynamoDB table will be created with PAY_PER_REQUEST billing mode insted of PROVISIONED due to limitation with terraform.

Deployment - Terraform

  1. Clone the AHA package that from this repository. If you're not familiar with the process, here is some documentation. The URL to clone is in the upper right-hand corner labeled Clone uri
$ git clone https://github.com/aws-samples/aws-health-aware.git
  1. In your top-level management account deploy terraform module Terraform_MGMT_ROLE.tf to create Cross-Account Role for PHD access
$ cd aws-health-aware/terraform/Terraform_MGMT_ROLE
$ terraform init
$ terraform plan
$ terraform apply
 Input *OrgMemberAccountId*  Enter the account id of the member account you plan to run AHA in (e.g. 000123456789).
  1. Wait for deployment to complete. This will create an IAM role with the necessary AWS Organizations and AWS Health API permissions for the member account to assume. and note the AWSHealthAwareRoleForPHDEventsArn role name, this will be used during deploying solution in member account
  2. In the Outputs section, there will be a value for AWSHealthAwareRoleForPHDEventsArn (e.g. arn:aws:iam::000123456789:role/aha-org-role-AWSHealthAwareRoleForPHDEvents-ABCSDE12201), copy that down as you will need to update params file (variable ManagementAccountRoleArn).
  3. Change directory to terraform/Terraform_DEPLOY_AHA to deploy the solution
  4. Update parameters file terraform.tfvars as below
  • aha_primary_region - change to region where you want to deploy AHA solution
  • aha_secondary_region - Required if needed to deploy in AHA solution in multiple regions, change to another region (Secondary) where you want to deploy AHA solution, Otherwise leave to default empty value.
  • AWSOrganizationsEnabled - change the value to Yes. If you do NOT have AWS Organizations enabled you should be following the steps for AHA for users who are NOT using AWS Organizations
  • AWSHealthEventType - select whether you want to receive all event types or only issues.
  • Communications Channels section - enter the URLs, Emails and/or ARN of the endpoints you configured previously.
  • Email Setup section - enter the From and To Email addresses as well as the Email subject. If you aren't configuring email, just leave it as is.
  • EventSearchBack - enter in the amount of hours you want to search back for events. Default is 1 hour.
  • Regions enter in the regions you want to search for events in. Default is all regions. You can filter for up to 10, comma separated (e.g. us-east-1, us-east-2).
  • ManagementAccountRoleArn - Enter in the full IAM arn from step 10 (e.g. arn:aws:iam::000123456789:role/aha-org-role-AWSHealthAwareRoleForPHDEvents-ABCSDE12201)
  • S3Bucket - type just the name of the S3 bucket where exclude file .csv you upload. leave it empty if exclude Account feature is not used.
  • ExcludeAccountIDs - type just the name of the .csv file you want to upload if needed to exclude accounts from monitoring, else leave it to empty.
  1. Deploy the solution using terraform commands below.
$ terraform init
$ terraform plan
$ terraform apply

Updating using CloudFormation

Until this project is migrated to the AWS Serverless Application Model (SAM), updates will have to be done as described below:

  1. Download the updated CloudFormation Template .yml file and 2 .py files.
  2. Zip up the 2 .py files and name the .zip with a different version number than before (e.g. if the .zip you originally uploaded is aha-v1.8.zip the new one should be aha-v1.9.zip)
  3. In the AWS CloudFormation console click on the name of your stack, then click Update.
  4. In the Prepare template section click Replace current template, click Upload a template file, click Choose file, select the newer CFN_DEPLOY_AHA.yml file you downloaded and finally click Next.
  5. In the S3Key text box change the version number in the name of the .zip to match name of the .zip you uploaded in Step 2 (The name of the .zip has to be different for CloudFormation to recognize a change). Click Next.
  6. At the next screen click Next and finally click Update stack. This will now upgrade your environment to the latest version you downloaded.

If for some reason, you still have issues after updating, you can easily just delete the stack and redeploy. The infrastructure can be destroyed and rebuilt within minutes through CloudFormation.

Updating using Terraform

Until this project is migrated to the AWS Serverless Application Model (SAM), updates will have to be done as described below:

  1. Pull the latest code from git repository for AHA.
  2. Update the parameters file terraform.tfvars per your requirement
  3. Copy the terraform template files to directory where your previous state exists
  4. Deploy the templates as below
$ cd aws-health-aware
$ git pull https://github.com/aws-samples/aws-health-aware.git
$ cd terraform/Terraform_DEPLOY_AHA
$ terraform init
$ terraform plan - This command should show any difference existing config and latest code.
$ terraform apply

If for some reason, you still have issues after updating, you can easily just delete the stack and redeploy. The infrastructure can be destroyed and rebuilt within minutes through Terraform.

New Features

We are happy to announce the launch of new enhancements to AHA. Please try them out and keep sending us your feedback!

  1. A revised schema for AHA events sent to EventBridge which enables new filtering and routing options. See the new AHA event schema readme for more detail.
  2. Multi-region deployment option
  3. Updated file names for improved clarity
  4. Ability to filter accounts (Refer to AccountIDs CFN parameter for more info on how to exclude accounts from AHA notifications)
  5. Ability to view Account Names for a given Account ID in the PHD alerts
  6. If you are running AHA with the Non-Org mode, AHA will send the Account #' and resource(s) impacts if applicable for a given alert
  7. Ability to deploy AHA with the Org mode on a member account
  8. Support for a new Health Event Type - "Investigation"
  9. Terraform support to deploy the solution

Troubleshooting

  • If for whatever reason you need to update the Webhook URL; just update the CloudFormation or terraform Template with the new Webhook URL.
  • If you are expecting an event and it did not show up it may be an oddly formed event. Take a look at CloudWatch > Log groups and search for the name of your Lambda function. See what the error is and reach out to us email for help.
  • If for any errors related to duplicate secrets during deployment, try deleting manually and redeploy the solution. Example command to delete SlackChannelID secret in us-east-1 region.
$ aws secretsmanager delete-secret --secret-id SlackChannelID --force-delete-without-recovery --region us-east-1

More Repositories

1

aws-cdk-examples

Example projects using the AWS CDK
Python
4,121
star
2

aws-serverless-workshops

Code and walkthrough labs to set up serverless applications for Wild Rydes workshops
JavaScript
3,977
star
3

aws-workshop-for-kubernetes

AWS Workshop for Kubernetes
Shell
2,618
star
4

aws-machine-learning-university-accelerated-nlp

Machine Learning University: Accelerated Natural Language Processing Class
Jupyter Notebook
2,080
star
5

aws-serverless-airline-booking

Airline Booking is a sample web application that provides Flight Search, Flight Payment, Flight Booking and Loyalty points including end-to-end testing, GraphQL and CI/CD. This web application was the theme of Build on Serverless Season 2 on AWS Twitch running from April 24th until end of August in 2019.
Vue
1,967
star
6

ecs-refarch-cloudformation

A reference architecture for deploying containerized microservices with Amazon ECS and AWS CloudFormation (YAML)
Makefile
1,673
star
7

lambda-refarch-webapp

The Web Application reference architecture is a general-purpose, event-driven, web application back-end that uses AWS Lambda, Amazon API Gateway for its business logic. It also uses Amazon DynamoDB as its database and Amazon Cognito for user management. All static content is hosted using AWS Amplify Console.
JavaScript
1,561
star
8

aws-modern-application-workshop

A tutorial for developers that want to learn about how to build modern applications on top of AWS. You will build a sample website that leverages infrastructure as code, containers, serverless code functions, CI/CD, and more.
1,445
star
9

aws-machine-learning-university-accelerated-cv

Machine Learning University: Accelerated Computer Vision Class
Jupyter Notebook
1,409
star
10

aws-glue-samples

AWS Glue code samples
Python
1,277
star
11

aws-deepracer-workshops

DeepRacer workshop content
Jupyter Notebook
1,086
star
12

serverless-patterns

Serverless patterns. Learn more at the website: https://serverlessland.com/patterns.
Python
1,036
star
13

aws-refarch-wordpress

This reference architecture provides best practices and a set of YAML CloudFormation templates for deploying WordPress on AWS.
PHP
1,001
star
14

aws-machine-learning-university-accelerated-tab

Machine Learning University: Accelerated Tabular Data Class
Jupyter Notebook
955
star
15

aws-serverless-ecommerce-platform

Serverless Ecommerce Platform is a sample implementation of a serverless backend for an e-commerce website. This sample is not meant to be used as an e-commerce platform as-is, but as an inspiration on how to build event-driven serverless microservices on AWS.
Python
947
star
16

aws-big-data-blog

Java
897
star
17

machine-learning-samples

Sample applications built using AWS' Amazon Machine Learning.
Python
867
star
18

eks-workshop

AWS Workshop for Learning EKS
CSS
777
star
19

startup-kit-templates

CloudFormation templates to accelerate getting started on AWS.
Python
760
star
20

aws-incident-response-playbooks

756
star
21

aws-genai-llm-chatbot

A modular and comprehensive solution to deploy a Multi-LLM and Multi-RAG powered chatbot (Amazon Bedrock, Anthropic, HuggingFace, OpenAI, Meta, AI21, Cohere) using AWS CDK on AWS
TypeScript
736
star
22

aws-security-reference-architecture-examples

Example solutions demonstrating how to implement patterns within the AWS Security Reference Architecture guide using CloudFormation and Customizations for AWS Control Tower.
Python
731
star
23

lambda-refarch-imagerecognition

The Image Recognition and Processing Backend reference architecture demonstrates how to use AWS Step Functions to orchestrate a serverless processing workflow using AWS Lambda, Amazon S3, Amazon DynamoDB and Amazon Rekognition.
JavaScript
662
star
24

aws-secure-environment-accelerator

The AWS Secure Environment Accelerator is a tool designed to help deploy and operate secure multi-account, multi-region AWS environments on an ongoing basis. The power of the solution is the configuration file which enables the completely automated deployment of customizable architectures within AWS without changing a single line of code.
HTML
653
star
25

simple-websockets-chat-app

This SAM application provides the Lambda functions, DynamoDB table, and roles to allow you to build a simple chat application based on API Gateway's new WebSocket-based API feature.
JavaScript
632
star
26

aws-codedeploy-samples

Samples and template scenarios for AWS CodeDeploy
Shell
627
star
27

emr-bootstrap-actions

This repository hold the Amazon Elastic MapReduce sample bootstrap actions
Shell
612
star
28

aws-lex-web-ui

Sample Amazon Lex chat bot web interface
JavaScript
607
star
29

hardeneks

Runs checks to see if an EKS cluster follows EKS Best Practices.
Python
603
star
30

aws-bookstore-demo-app

AWS Bookstore Demo App is a full-stack sample web application that creates a storefront (and backend) for customers to shop for fictitious books. The entire application can be created with a single template. Built on AWS Full-Stack Template.
TypeScript
591
star
31

lambda-refarch-mobilebackend

Serverless Reference Architecture for creating a Mobile Backend
Objective-C
584
star
32

retail-demo-store

AWS Retail Demo Store is a sample retail web application and workshop platform demonstrating how AWS infrastructure and services can be used to build compelling customer experiences for eCommerce, retail, and digital marketing use-cases
Jupyter Notebook
579
star
33

kubernetes-for-java-developers

A Day in Java Developerโ€™s Life, with a taste of Kubernetes
Java
562
star
34

aws-serverless-workshop-innovator-island

Welcome to the Innovator Island serverless workshop! This repo contains all the instructions and code you need to complete the workshop. Questions? Contact @jbesw.
JavaScript
552
star
35

amazon-personalize-samples

Notebooks and examples on how to onboard and use various features of Amazon Personalize
Jupyter Notebook
551
star
36

aws-iot-chat-example

๐Ÿ’ฌ Chat application using AWS IoT platform via MQTT over the WebSocket protocol
JavaScript
534
star
37

aws-amplify-graphql

Sample using AWS Amplify and AWS AppSync together for user login and authorization when making GraphQL queries and mutations. Also includes complex objects for uploading and downloading data to and from S3 with a React app.
JavaScript
521
star
38

aws-mobile-appsync-chat-starter-angular

GraphQL starter progressive web application (PWA) with Realtime and Offline functionality using AWS AppSync
TypeScript
520
star
39

aws-dynamodb-examples

DynamoDB Examples
Java
511
star
40

aws-serverless-security-workshop

In this workshop, you will learn techniques to secure a serverless application built with AWS Lambda, Amazon API Gateway and RDS Aurora. We will cover AWS services and features you can leverage to improve the security of a serverless applications in 5 domains: identity & access management, code, data, infrastructure, logging & monitoring.
JavaScript
505
star
41

amazon-forecast-samples

Notebooks and examples on how to onboard and use various features of Amazon Forecast.
Jupyter Notebook
471
star
42

lambda-refarch-fileprocessing

Serverless Reference Architecture for Real-time File Processing
Python
450
star
43

ecs-blue-green-deployment

Reference architecture for doing blue green deployments on ECS.
Python
442
star
44

cloudfront-authorization-at-edge

Protect downloads of your content hosted on CloudFront with Cognito authentication using cookies and Lambda@Edge
TypeScript
439
star
45

aws-service-catalog-reference-architectures

Sample CloudFormation templates and architecture for AWS Service Catalog
JavaScript
423
star
46

siem-on-amazon-opensearch-service

A solution for collecting, correlating and visualizing multiple types of logs to help investigate security incidents.
Python
409
star
47

aws-microservices-deploy-options

This repo contains a simple application that consists of three microservices. Each application is deployed using different Compute options on AWS.
Jsonnet
407
star
48

aws-cost-explorer-report

Python SAM Lambda module for generating an Excel cost report with graphs, including month on month cost changes. Uses the AWS Cost Explorer API for data.
Python
406
star
49

aws-security-workshops

A collection of the latest AWS Security workshops
Jupyter Notebook
401
star
50

aws-sam-java-rest

A sample REST application built on SAM and DynamoDB that demonstrates testing with DynamoDB Local.
Java
400
star
51

amazon-elasticsearch-lambda-samples

Data ingestion for Amazon Elasticsearch Service from S3 and Amazon Kinesis, using AWS Lambda: Sample code
JavaScript
393
star
52

amazon-cloudfront-functions

JavaScript
388
star
53

aws-saas-factory-bootcamp

SaaS on AWS Bootcamp - Building SaaS Solutions on AWS
JavaScript
376
star
54

aws-lambda-extensions

A collection of sample extensions to help you get started with AWS Lambda Extensions
Go
376
star
55

amazon-sagemaker-notebook-instance-lifecycle-config-samples

A collection of sample scripts to customize Amazon SageMaker Notebook Instances using Lifecycle Configurations
Shell
366
star
56

non-profit-blockchain

Builds a blockchain network and application to track donations to non-profit organizations, using Amazon Managed Blockchain
SCSS
360
star
57

amazon-textract-code-samples

Amazon Textract Code Samples
Jupyter Notebook
355
star
58

lambda-refarch-streamprocessing

Serverless Reference Architecture for Real-time Stream Processing
JavaScript
349
star
59

amazon-neptune-samples

Samples and documentation for using the Amazon Neptune graph database service
JavaScript
348
star
60

amazon-ecs-java-microservices

This is a reference architecture for java microservice on Amazon ECS
Java
345
star
61

sessions-with-aws-sam

This repo contains all the SAM templates created in the Twitch series #SessionsWithSAM. The show is every Thursday on Twitch at 10 AM PDT.
JavaScript
343
star
62

amazon-rekognition-video-analyzer

A working prototype for capturing frames off of a live MJPEG video stream, identifying objects in near real-time using deep learning, and triggering actions based on an objects watch list.
JavaScript
343
star
63

amazon-textract-textractor

Analyze documents with Amazon Textract and generate output in multiple formats.
Jupyter Notebook
341
star
64

aws-eks-accelerator-for-terraform

The AWS EKS Accelerator for Terraform is a framework designed to help deploy and operate secure multi-account, multi-region AWS environments. The power of the solution is the configuration file which enables the users to provide a unique terraform state for each cluster and manage multiple clusters from one repository. This code base allows users to deploy EKS add-ons using Helm charts.
HCL
338
star
65

aws-deepcomposer-samples

Jupyter Notebook
336
star
66

aws-iot-examples

Examples using AWS IoT (Internet of Things). Deprecated. See README for updated guidance.
JavaScript
331
star
67

amazon-ecs-mythicalmysfits-workshop

A tutorial for developers who want to learn about how to containerized applications on top of AWS using AWS Fargate. You will build a sample website that leverages infrastructure as code, containers, CI/CD, and more! If you're planning on running this, let us know @ [email protected]. At re:Invent 2018, these sessions were run as CON214/CON321/CON322.
HTML
329
star
68

aws-media-services-simple-vod-workflow

Lab that covers video conversion workflow for Video On Demand using AWS MediaConvert.
Python
328
star
69

php-examples-for-aws-lambda

Demo serverless applications, examples code snippets and resources for PHP
PHP
324
star
70

aws-serverless-cicd-workshop

Learn how to build a CI/CD pipeline for SAM-based applications
CSS
319
star
71

create-react-app-auth-amplify

Implements a basic authentication flow for signing up/signing in users as well as protected client side routing using AWS Amplify.
JavaScript
314
star
72

api-gateway-secure-pet-store

Amazon API Gateway sample using Amazon Cognito credentials through AWS Lambda
Objective-C
309
star
73

aws-etl-orchestrator

A serverless architecture for orchestrating ETL jobs in arbitrarily-complex workflows using AWS Step Functions and AWS Lambda.
Python
307
star
74

amazon-textract-serverless-large-scale-document-processing

Process documents at scale using Amazon Textract
Python
302
star
75

lambda-go-samples

An example of using AWS Lambda with Go
Go
302
star
76

amazon-cloudfront-secure-static-site

Create a secure static website with CloudFront for your registered domain.
JavaScript
300
star
77

aws-nodejs-sample

Sample project to demonstrate usage of the AWS SDK for Node.js
JavaScript
299
star
78

aws-cognito-apigw-angular-auth

A simple/sample AngularV4-based web app that demonstrates different API authentication options using Amazon Cognito and API Gateway with an AWS Lambda and Amazon DynamoDB backend that stores user details in a complete end to end Serverless fashion.
JavaScript
297
star
79

lambda-ecs-worker-pattern

This example code illustrates how to extend AWS Lambda functionality using Amazon SQS and the Amazon EC2 Container Service (ECS).
POV-Ray SDL
291
star
80

aws-lambda-fanout

A sample AWS Lambda function that accepts messages from an Amazon Kinesis Stream and transfers the messages to another data transport.
JavaScript
289
star
81

aws-saas-factory-ref-solution-serverless-saas

Python
286
star
82

aws-mlu-explain

Visual, Interactive Articles About Machine Learning: https://mlu-explain.github.io/
JavaScript
285
star
83

aws-serverless-shopping-cart

Serverless Shopping Cart is a sample implementation of a serverless shopping cart for an e-commerce website.
Python
282
star
84

aws-serverless-samfarm

This repo is full CI/CD Serverless example which was used in the What's New with AWS Lambda presentation at Re:Invent 2016.
JavaScript
280
star
85

eb-node-express-sample

Sample Express application for AWS Elastic Beanstalk
EJS
279
star
86

amazon-ecs-firelens-examples

Sample logging architectures for FireLens on Amazon ECS and AWS Fargate.
274
star
87

eb-py-flask-signup

HTML
270
star
88

codepipeline-nested-cfn

CloudFormation templates, CodeBuild build specification & Python scripts to perform unit tests of a nested CloudFormation template.
Python
269
star
89

aws-amplify-auth-starters

Starter projects for developers looking to build web & mobile applications that have Authentication & protected routing
269
star
90

aws-proton-cloudformation-sample-templates

Sample templates for AWS Proton
262
star
91

aws2tf

aws2tf - automates the importing of existing AWS resources into Terraform and outputs the Terraform HCL code.
Shell
261
star
92

aws-containers-task-definitions

Task Definitions for running common applications Amazon ECS
261
star
93

aws-cdk-changelogs-demo

This is a demo application that uses modern serverless architecture to crawl changelogs from open source projects, parse them, and provide an API and website for viewing them.
JavaScript
260
star
94

designing-cloud-native-microservices-on-aws

Introduce a fluent way to design cloud native microservices via EventStorming workshop, this is a hands-on workshop. Contains such topics: DDD, Event storming, Specification by example. Including the AWS product : Serverless Lambda , DynamoDB, Fargate, CloudWatch.
Java
257
star
95

aws-secrets-manager-rotation-lambdas

Contains Lambda functions to be used for automatic rotation of secrets stored in AWS Secrets Manager
Python
256
star
96

lambda-refarch-iotbackend

Serverless Reference Architecture for creating an IoT Backend
Python
251
star
97

amazon-cognito-example-for-external-idp

An example for using Amazon Cognito together with an external IdP
TypeScript
247
star
98

mlops-amazon-sagemaker

Workshop content for applying DevOps practices to Machine Learning workloads using Amazon SageMaker
Jupyter Notebook
247
star
99

generative-ai-use-cases-jp

Generative AI ใ‚’ๆดป็”จใ—ใŸใƒ“ใ‚ธใƒใ‚นใƒฆใƒผใ‚นใ‚ฑใƒผใ‚นใฎใƒ‡ใƒขใƒณใ‚นใƒˆใƒฌใƒผใ‚ทใƒงใƒณ
TypeScript
245
star
100

serverless-test-samples

This repository is designed to provide guidance for implementing comprehensive test suites for serverless applications.
C#
244
star