'How do I build a aws cloud monitoring which alerts when any new resource (ec2 or rds or s3) is launched

We have individual teams that are launching ec2/rds/s3 instances and they are not choosing right instances or leaving instances running for long time, so how do I build a simple alert system that tells me what was launched?

I am trying to looking into building something on top of cloudwatch but I have to use SNS to do it. Is this the right approach?



Solution 1:[1]

they are not choosing right instances or leaving instances running for long time

  • You can simply introduce an IAM policy that will restrict the instance launch with specific Instance types
  • Long-running Servers: you can make use of CW metrics and take necessary action

For RDS, S3 and other resources, I would recommend AWS Config so that you can keep track of all of your resources.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Shivkumar Mallesappa

Related Questions

Terraform update Route53 DOMAIN NameServers

Terraform update Route53 DOMAIN NameServers

Terraform update Route53 DOMAIN NameServers

Amazon AWS S3 to Force Download Mp3 File instead of Stream It

How to enable terraform module only with a specific workspace

AWS RDS Postgres: WAL_LEVEL not set to 'logical' after changing rds.logical_replication = 1

Use terraform to set up a lambda function triggered by a scheduled event source

Use terraform to set up a lambda function triggered by a scheduled event source

Self stopping EC2 once task complete?

AWS - SWF - Asynchronous method

Why my cloudformation template is over 1 MB?

AWS elastic beanstalk - WARN install EACCES: permission denied, access '/tmp/.npm'

Aws step functions - Resume from failed step function activity instead of starting a new execution

Redirect Elastic Beanstalk URL to domain name

node-lambda - TypeError: handler is not a function