Monitor and automate AWS End User Computing (EUC) with AWS Chatbot
The blogpost teaches you how to deploy AWS Chatbot to your AWS account using the CloudFormation template. You learn how to configure the Chatbot to monitor and automate your AWS End User Compute (EUC) deployments.
Customers are always looking at new ways to interact with systems. Amazon EUC administrators may need to be notified on important metrics such as capacity, performance, availability and run workflows many times a day. This Chatbot aims to save time and make it easier for them to get notified of critical events, run commands and launch common workflows.
AWS Chatbot receives notifications and alarms from AWS services using Amazon SNS. Microsoft Teams and Slack administrators can approve AWS Chatbot support for the workspace or tenant. Once approved, anyone in the workspace or team can add AWS Chatbot to their chat channels. This allows you to receive notifications, and interact with the configured AWS Services.
In this blogpost you learn how to deploy Chatbot to your AWS account using the CloudFormation template, and configure it for common daily operations.
There are four main components to the cost of the solution. The costs vary depending on the number of alarms configured, and workflows launched.
The following is an example of configuring 100 standard resolution alarms. It costs approximately $10.
- AWS Chatbot – There is no additional charge for AWS Chatbot. You only pay for the underlying services.
- Amazon CloudWatch –
- Standard Metrics – First 10,000 metrics (US-East Pricing) = $0.3
- Alarms – 100 standard resolution alarm = $0.1 * 100= $10
- Amazon SNS – 1 million Amazon SNS requests per month are free
- AWS Lambda – Free tier includes one million free requests per month and 400,000 GB-seconds of compute time per month.
Refer to the README for pre-requisites, setup process, and guidance on setup permissions for the CloudFormation stack. Once the CloudFormation stack is successfully setup, proceed to setup notifications and automation for your account.
Set up notifications and automation
CloudWatch Alarms are configured to alert an SNS topic which gets forwarded to the ChatOps channel. The following are recommended events to invoke notifications. You can add your own based on your specific needs.
Step 1- Setup AWS account notifications
- Current WorkSpaces and AppStream 2.0 charges – Using AWS Command Line Interface(AWS CLI), create an alias to fetch the current charges by changing the following command. In the command, change the Lambda function name to the one in your account, and change the region. Refer to the Resources section in the CloudFormation stack.
- Budget alerts – Create a budget, configure the alerts to the SNS topic that is created using the CloudFormation template.
- AWS Directory Service notifications – Configure AWS Directory Service alerts to SNS.
- (optional) Notifications for VPN tunnel health – Configure VPN tunnels monitoring.
- (optional) Notifications for AWS Direct Connect connections – Configure AWS Direct Connect monitoring.
Step 2- Configure Amazon WorkSpaces notifications
In this step you create CloudWatch Alarms that to alert on
- Unhealthy WorkSpace – Create a CloudWatch Alarm to alert when there is an “Unhealthy” WorkSpace.
a) Launch the CloudWatch console
b) Navigate to the “Create Alarm” page. Select the “Select metric” button.
c) In the “Browse” tab, choose “WorkSpaces” in the “AWS Namespaces” section.
d) Choose the option ‘By Organization’. Select the metric ‘Unhealthy’ under the appropriate DirectoryId. Select the desired metric for monitoring WorkSpaces health.Choose the statistic “Sum” and the period “5 mins”. In the Conditions Section, choose “Static” and “Greater/Equal”.To check the presence of any Unhealthy WorkSpaces in your account, launch the Lambda function. Create an alias using the AWS CLI. Change the Lambda function name to the one in your account. For the Lambda function name, refer to the Resources section in the CloudFormation stack.
- WorkSpaces In session latency > 60 ms – Create a CloudWatch alarm. Choose the metric ‘InSessionLatency’ with the statistic “Average” and the period “5 mins”. In the Conditions Section, choose “Static” and “Greater/Equal”. Set the value to 60.
(optional) Using AWS CLI, create an alias to check for latency of WorkSpaces in your account. Change the Lambda function name to the one in your account. For the Lambda function name, refer to the Resources section in the CloudFormation stack.
- WorkSpaces launch time greater than 60 seconds – Create a CloudWatch alarm. Choose the metric ‘SessionLaunchTime’ with the statistic “Average” and the period “5 mins”. In the Conditions Section, choose “Static” and “Greater/Equal”. Set the value to 60. Using AWS CLI, create an alias to check for session launch time of WorkSpaces in your account. Change the Lambda function name to the one in your account. Refer to the Resources section in the CloudFormation stack.
Step 3- Setup alerts for AppStream 2.0
Create CloudWatch alarms for AppStream Fleet metrics such as the following:
Testing AWS Chatbot with Amazon EUC
The chatbot provides three important capabilities:
- Launch commands in the chat channels: You launch AWS commands in the chat channels, which returns the output without requiring you to access the AWS Console or CLI.
- Notifications: Notifies critical CloudWatch alarms.
- Automate: Allows you to automate tasks using Lambda, and provides the output in the chat channel. The Lambda commands can be assigned aliases for ease of use.
Test using the chatbot to launch commands
In the chat client, open the channel that you have configured for AWS Chatbot to run the following command.