How can I receive custom email notifications when a resource is created in my AWS account using AWS Config service?

Last updated: 2019-11-19

I created an Amazon CloudWatch Events rule to trigger on service event types when new AWS resources are created, but the responses are in JSON format. How can I receive an email response with a custom notification?  

Short Description

Use a custom event pattern with the CloudWatch Events rule to match an AWS Config supported resource type. Then, route the response to an Amazon Simple Notification Service (Amazon SNS) topic.

Resolution

In the following example, SNS notifications are received when a new Amazon Elastic Compute Cloud (Amazon EC2) instance is created using the AWS::EC2::Instance resource type.

Note: You can replace the resource type for your specific AWS service.

1.    If you haven't already created an Amazon SNS topic, follow the instructions for Getting Started with Amazon SNS.

Note: The Amazon SNS topic must be in the same Region as your AWS Config service.

2.    Open the CloudWatch console.

3.    In the navigation pane, choose Rules, and then choose Create rule.

4.    In Event Source, choose Event Pattern.

5.    In the Build event pattern to match events by service drop-down menu, choose Custom event pattern.

6.    In the Build custom event pattern preview pane, copy and paste the following example event pattern:

Note: You can replace the EC2::Instance resource type with other resources. For a list of available resource types, see the resourceType section in AWS Config data types.

{
  "source": [
    "aws.config"
  ],
  "detail-type": [
    "Config Configuration Item Change"
  ],
  "detail": {
    "messageType": [
      "ConfigurationItemChangeNotification"
    ],
    "configurationItem": {
      "resourceType": [
        "AWS::EC2::Instance"
      ],
      "configurationItemStatus": [
        "ResourceDiscovered"
      ]
    }
  }
}

7.    In Targets, choose Add target.

8.    Choose the target drop-down menu, and then choose SNS topic.

9.    In Topic, choose your SNS topic.

10.   Expand Configure input, and then choose Input Transformer.

11.   In the Input Path text box, copy and paste the following example path:

{
    "awsRegion": "$.detail.configurationItem.awsRegion",
    "awsAccountId": "$.detail.configurationItem.awsAccountId",
    "resource_type": "$.detail.configurationItem.resourceType",
    "resource_ID": "$.detail.configurationItem.resourceId",
    "configurationItemCaptureTime": "$.detail.configurationItem.configurationItemCaptureTime"
}

12.   In the Input Template text box, copy and paste the following example template:  

"On <configurationItemCaptureTime> AWS Config service recorded a creation of a new <resource_type> with Id <resource_ID> in the account <awsAccountId> region <awsRegion>. For more details open the AWS Config console at https://console.aws.amazon.com/config/home?region=<awsRegion>#/timeline/<resource_type>/<resource_ID>/configuration"

13.   In Name, enter a name for your rule, and then choose Create rule.

14.    If an event type is triggered, you receive an SNS email notification with the custom fields populated from step 12 similar to the following:

"On ExampleTime AWS Config service recorded a creation of a new AWS::EC2::Instance with Id ExampleID in the account AccountID region ExampleRegion. For more details open the AWS Config console at https://console.aws.amazon.com/config/home?region=*ExampleRegion*#/timeline/AWS::EC2::Instance/*ExampleID*/configuration"