How can I receive custom email notifications when a resource is created in my AWS account using AWS Config service?

3 minute read
0

I created an Amazon EventBridge rule to initiate on service event types when new AWS resources are created. However, the responses are in JSON format. How can I receive an email response with a custom notification?

Resolution

You can use a custom event pattern with the EventBridge rule to match an AWS Config supported resource type. Then, route the response to an Amazon Simple Notification Service (Amazon SNS) topic.

In the following example, SNS notifications are received when a new Amazon Elastic Compute Cloud (Amazon EC2) instance is created using the AWS::EC2::Instance resource type.

Note: You can replace the resource type for your specific AWS service.

1.    If you haven't already created an Amazon SNS topic, then follow the instructions for Getting started with Amazon SNS.

Note: The Amazon SNS topic must be in the same Region as your AWS Config service.

2.    Open the EventBridge console, and then choose Rules from the navigation pane.

3.    Choose Create rule.

4.    For Name, enter a name for your rule. You can optionally enter a Description.

5.    For Rule type, choose Rule with an event pattern, then choose Next.

6.    For Event source, choose AWS events or EventBridge partner events.

7.    In the Event pattern pane, choose Custom patterns (JSON editor), and then paste the following example event pattern:

Note: You can replace the EC2::Instance resource type with other resources. For a list of available resource types, see the resourceType section in ResourceIdentifier.

{
  "source": [
    "aws.config"
  ],
  "detail-type": [
    "Config Configuration Item Change"
  ],
  "detail": {
    "messageType": [
      "ConfigurationItemChangeNotification"
    ],
    "configurationItem": {
      "resourceType": [
        "AWS::EC2::Instance"
      ],
      "configurationItemStatus": [
        "ResourceDiscovered"
      ]
    }
  }
}

8.    Choose Next.

9.    For Target types, select AWS service.

10.    For Select a target, choose SNS topic.

11.    For Topic, choose your SNS topic.

12.    Expand Additional settings. Then, for Configure target input, choose Input transformer.

13.    Choose Configure input transformer. Then, under Target input transformer for the Input Path text box, enter the following example path:

{
    "awsRegion": "$.detail.configurationItem.awsRegion",
    "awsAccountId": "$.detail.configurationItem.awsAccountId",
    "resource_type": "$.detail.configurationItem.resourceType",
    "resource_ID": "$.detail.configurationItem.resourceId",
    "configurationItemCaptureTime": "$.detail.configurationItem.configurationItemCaptureTime"
}

14.    For the Template text box, enter the following example template:

"On <configurationItemCaptureTime> AWS Config service recorded a creation of a new <resource_type> with Id <resource_ID> in the account <awsAccountId> region <awsRegion>. For more details open the AWS Config console at https://console.aws.amazon.com/config/home?region=<awsRegion>#/timeline/<resource_type>/<resource_ID>/configuration"

15.    Choose Confirm. Then, choose Next.

16.    Optionally, you can Add new tag. Then, choose Next.

17.    Choose Create rule.

18.    If an event type is initiated, then you receive an SNS email notification with the custom fields populated from step 13 similar to the following:

"On ExampleTime AWS Config service recorded a creation of a new AWS::EC2::Instance with Id ExampleID in the account AccountID region ExampleRegion. For more details open the AWS Config console at https://console.aws.amazon.com/config/home?region=*ExampleRegion*#/timeline/AWS::EC2::Instance/*ExampleID*/configuration"

Related information

How can I configure an EventBridge rule for GuardDuty to send custom SNS notifications if specific AWS service event types trigger?

How can I receive custom email notifications when a resource is deleted in my AWS account using AWS Config service?

AWS OFFICIAL
AWS OFFICIALUpdated a year ago