AWS Public Sector Blog
Simplify AWS health notifications management for higher education
University central IT teams serve as the backbone of campus-wide technology operations, managing critical infrastructure, services, and security that power both academic and administrative functions. These teams are responsible for orchestrating complex cloud environments across multiple Amazon Web Services (AWS) accounts, making sure they meet institutional standards while enabling innovation across the campus community.
Managing hundreds of AWS accounts across campus presents a challenge for university IT teams, who must sift through thousands of daily notifications. Critical alerts get buried among routine updates, risking delayed responses to important issues. AWS User Notifications offers a comprehensive solution by centralizing notifications across accounts and Regions, providing granular control over notification content and enabling customized delivery to specific teams.
Currently, universities receive AWS notifications to their primary account contacts and alternate contacts that are set up during account creation:
- Primary contact – A distribution list receives all updates by email
- Billing contact – Receives health events with billing implications by email
- Operations contact – Receives health events with operational implications by email
- Security contact – Receives health events with security implications by email
Although this method provides basic notification coverage at the individual account level, it presents several limitations for university IT environments, including alert fatigue, notification gaps, and limited service-level notification customization.
Key challenges in managing AWS notifications at universities
Managing AWS notifications in a university environment has become increasingly complex as institutions expand their cloud footprint. Picture a typical day in a university’s central IT department—alerts flooding in from hundreds of AWS accounts, each demanding attention, while specialized teams like database administrators or network administrators face challenges receiving the updates they need.
Central IT teams experience overwhelming amount of notifications from routine maintenance alerts to critical system updates—all with equal priority and delivered on the same channel. The team spends precious hours sifting through notifications, knowing they might miss crucial updates buried in the noise.
Many application development teams are not adequately informed about important API updates, as they are not included in the standard notification process. Similarly, database administrators often learn about maintenance updates for Amazon Relational Database Service (Amazon RDS) maintenance too late.
Overall, the existing notification and alert systems have limitations that prevent multiple teams within an organization from receiving the health notification in a timely manner. This make it challenging to ensure that applications and databases are up-to-date and functioning properly.
Solution: AWS User Notifications
AWS User Notifications is a centralized service that helps organizations manage and deliver AWS notifications across multiple accounts and organizational units. With User Notifications, you can manage two types of AWS notifications. First, there are the AWS managed notifications that are sourced from AWS Health and generated by default. Second, there are user-configured notifications that are generated based on notification configurations that you create. This service provides access to all the notifications through various delivery channels, including the Console Notifications Center (default).
The key benefits that university IT teams can realize by using AWS User Notifications include:
- User Notifications provides a unified console for managing all notifications across accounts and Regions. This centralization is particularly valuable for universities with multiple AWS accounts spanning different departments and research groups.
- User Notifications offers a process to aggregate notifications into a single notification in the management account referencing related events across accounts per region within an organization. Imagine an educational institution has 500 AWS accounts with workloads spread across two different AWS regions. In such a scenario with this feature, the central IT team would only receive two notification emails, one for each of the two regions notifying them of the impact of a health event on the AWS infrastructure—instead of receiving 1,000 separate notifications about the same health event.
- User Notifications provides a means to deduplicate notifications about related events across accounts.
- Through user-configured notifications, User Notifications allows configurations by service, and by event types. This filtering feature enables universities to configure precise rules to achieve aggregation and granularity and streamline notifications.
- User Notifications can send direct email notifications to team inboxes and distribution lists. This service can also send notifications to your Slack channels and Microsoft teams using Amazon Q Developer in chat applications. You can also set up push notifications using AWS Console Mobile Application. And user notification API allows you to view notifications and filter them to your specifications.
Prerequisites
To enable the managed notifications in the User Notifications service, you need the AWS Identity and Access Management (IAM) roles or users to have the following permissions:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [ "notifications:GetFeatureOptInStatus", "notifications:PutFeatureOptInStatus"
],
"Resource": "*"
}
]
}
Implementation guide for university IT teams
To get started with AWS User Notifications, follow these high-level steps:
- Enable AWS managed notifications in the management account
- Enable trusted access in User Notifications
- Add delivery channels for AWS managed notifications
- Manage subscription for account contacts and delivery channels
- Create user-configured notifications
- Validate notifications to your specifications
Enable AWS managed notifications in the management account
To enable AWS managed notifications, follow these steps:
- On the AWS User Notifications console in your AWS Organizations, in the navigation pane, choose AWS managed notifications subscriptions.
- Choose Enable AWS Health notifications.
- Repeat the steps 1 and 2 on all member accounts to deduplicate account contact notifications (optional).
It is important to note that AWS is migrating the email delivery of AWS Health notifications to the AWS User Notifications service. There is an opt-in period until September 14, 2025, after which AWS managed notifications will be enabled by default for all existing and new AWS accounts, with a brief window to enable or disable them until December 15, 2025.
Enable trusted access in User Notifications
Establishing trusted access between AWS Organizations and User Notifications will enable aggregation of AWS managed notifications across all member accounts and deduplication of AWS managed notifications across account contacts.
- On the AWS User Notifications console in your AWS Organizations management account, in the navigation pane, choose Organization settings. You can register up to five delegated administrators.
For more details, refer to Organizational Settings for AWS User Notifications and Aggregating and deduplicating AWS managed notifications in AWS User Notifications.
Add delivery channels for AWS managed notifications
Delivery channels are the destinations where you can send your notifications. You have the flexibility to send notifications to multiple channels, including email addresses, chat channels, and mobile devices.
- On the AWS User Notifications console in the navigation pane, choose Delivery channels.
- Choose Add emails.
- Specify Recipient (email distribution list) and Name (Team Name) to add email as Delivery channel.
- New email addresses added to the system receive a verification email, and the verification status is displayed next to the email address.
- Repeat these steps to add other emails. You can also add Mobile devices and Chat Channels as your Delivery channels.
Manage subscriptions for account contacts and delivery channels
To manage account contacts and delivery channels for AWS managed notifications in AWS User Notifications, follow these steps:
- On the AWS User Notifications console in the navigation pane, choose AWS managed notification subscriptions, as shown in the following screenshot.
- Choose Manage subscriptions for each notification type such as Security, Health Operations, Account-Specific Issues, and Billing Notifications.
- In the Account Contacts pane, add or remove existing contacts by turning them on or off.
- Click Add Delivery Channels as shown in screenshot below.
- Choose appropriate Recipients by selecting from the drop down and complete by clicking Add delivery channels.
Create User-configured notifications
User configured notifications allow configurations by Service and by Event types. This section will focus on how Specialized teams like database (DB) administrators receive detailed service-specific notifications.
- On the AWS User Notifications console in the navigation pane, choose Notification configurations and then create a new configuration.
- After adding a Name and Description for your configuration, you can create single or multiple event rules in the Event rules section by choosing AWS service name, Event type, and Regions from respective dropdowns.
- Aggregation settings can minimize the number of notifications by combining multiple events into fewer notifications. They are turned on by default. Choose appropriate Notification delivery time in Aggregation settings.
- Choose your Delivery channel and add Recipients by selecting from the drop down and complete by clicking create notification configuration.
- For Advanced filtering and pattern matching events, refer to Filtering event rules using customized JSON event patterns in AWS User Notifications.
Validate notifications to your specifications
Follow these steps to validate notifications setup:
- User Notifications by default are available in the Console Notification Center.
- On the User Notifications console, choose Notification center in the navigation pane and view all AWS Managed Notifications in the AWS Managed tab.
- On the AWS User Notifications console in the navigation pane, choose Notification center and view all user configured notifications in User configured tab.
- Use CloudWatch to monitor this service, learn more about Monitoring AWS User Notifications with Amazon CloudWatch.
- Ensure delivery channels are receiving notifications from AWS User Notification service.
- Gather feedback on notifications to refine rules and aggregation settings accordingly.
Tangible benefits for universities
Using AWS User Notifications to streamline notifications across university IT departments provides numerous real-world benefits:
- Improved operational efficiency – User notifications centralizes and automates the delivery of alerts and notifications across multiple AWS services.
- Reduced alert fatigue – Time-based aggregation and targeted delivery reduce notification volume, helping IT staff focus on critical issues.
- Enhanced cross-team collaboration – Shared notifications in Slack and Microsoft Teams promote visibility and improve collaboration across specialized IT teams.
- Cost optimization – Configuring and viewing notifications in the Console Notifications Center is offered at no additional cost, making this an economical solution for universities.
Conclusion
AWS User Notifications provides a centralized service for managing notifications across universities’ cloud environments. This service enables more efficient and responsive communications by ensuring critical alerts reach the appropriate teams in a timely manner—offering notable improvements over traditional notification methods.