Overview
This solution helps you proactively track your resource usage and sends email or Slack notifications when you approach quotas. Tracking your usage against AWS service quotas helps you plan for requesting a quota increase before you exceed it. This solution leverages AWS Trusted Advisor and Service Quotas to monitor AWS resource usage and raise alerts. You can use this solution in any AWS Region, including AWS GovCloud (US) Regions.
Benefits
Provision the services necessary to proactively track resource usage and send notifications when you approach quotas.
Receive notifications through email or your existing Slack channel, allowing you to request quota increases or shut down resources before you reach the quota.
Technical details
Quota Monitor for AWS includes a hub template that you deploy in your monitoring account. Additionally, the solution provides a Service Quotas spoke template and a Trusted Advisor spoke template. You must deploy each of these templates in the accounts that need quota monitoring.
Step 1 (hub template)
Reporting – This workflow provisions an Amazon Simple Notification Service (Amazon SNS) topic, Amazon Simple Queue Service (Amazon SQS) queue, AWS Lambda function summarizer, and Amazon DynamoDB table. The queue receives usage events from all monitored accounts. The Lambda function puts all usage data on the DynamoDB table.
Step 2 (hub template)
Centralized event collection – The workflow provisions a custom Amazon EventBridge bus, Amazon CloudWatch Events rule, and Amazon SNS topic to raise alerts. The workflow raises alerts for quota usage and defines alert levels. The workflow also sends all events to the reporting queue for saving usage data in DynamoDB.
Step 3 (hub template)
Deployment management – The workflow provisions AWS Systems Manager Parameter Store, a CloudWatch Events rule, a Lambda function, and CloudFormation StackSets. The workflow makes needed configuration changes to start monitoring the updated list of OUs or accounts.
Step 4 (Service Quotas spoke template)
Quota list generation – The workflow provisions a Lambda function and two DynamoDB tables. The workflow manages an active and validated list of Service Quotas that support usage monitoring using CloudWatch metrics.
Step 5 (Service Quotas spoke template)
Quota utilization alerting – The workflow provisions a schedule-based Lambda function, custom EventBridge bus, and a CloudWatch Events rule. The cw-poller function queries the quota list table and fetches usage data for those quotas from CloudWatch metrics. The workflow sends all usage data as events on the EventBridge bus. The spoke bus routes the usage events to the centralized bus.
Step 6 (Trusted Advisor spoke template)
Trust Advisor alerting – The workflow provisions a Lambda function and a CloudWatch Events rule to support quota usage monitoring using AWS Trusted Advisor. The Lambda function executes at an interval of 24 hours to refresh Trusted Advisor checks. The Events rule routes Trusted Advisor usage events to the centralized bus.
Step 1 (hub template)
Reporting – This workflow provisions an Amazon Simple Notification Service (Amazon SNS) topic, Amazon Simple Queue Service (Amazon SQS) queue, AWS Lambda function summarizer, and Amazon DynamoDB table. The queue receives usage events from all monitored accounts. The Lambda function puts all usage data on the DynamoDB table.
Step 2 (hub template)
Centralized event collection – The workflow provisions a custom Amazon EventBridge bus, Amazon CloudWatch Events rule, and Amazon SNS topic to raise alerts. The workflow raises alerts for quota usage and defines alert levels. The workflow also sends all events to the reporting queue for saving usage data in DynamoDB.
Step 3 (hub template)
Deployment management – The workflow provisions AWS Systems Manager Parameter Store, a CloudWatch Events rule, a Lambda function, and CloudFormation StackSets. The workflow makes needed configuration changes to start monitoring the updated list of OUs or accounts.
Step 4 (Service Quotas spoke template)
Quota list generation – The workflow provisions a Lambda function and two DynamoDB tables. The workflow manages an active and validated list of Service Quotas that support usage monitoring using CloudWatch metrics.
Step 5 (Service Quotas spoke template)
Quota utilization alerting – The workflow provisions a schedule-based Lambda function, custom EventBridge bus, and a CloudWatch Events rule. The cw-poller function queries the quota list table and fetches usage data for those quotas from CloudWatch metrics. The workflow sends all usage data as events on the EventBridge bus. The spoke bus routes the usage events to the centralized bus.
Step 6 (Trusted Advisor spoke template)
Trust Advisor alerting – The workflow provisions a Lambda function and a CloudWatch Events rule to support quota usage monitoring using AWS Trusted Advisor. The Lambda function executes at an interval of 24 hours to refresh Trusted Advisor checks. The Events rule routes Trusted Advisor usage events to the centralized bus.
Related content
This course is an introduction to AWS Trusted Advisor, the AWS service that provides real-time guidance to help you provision your resources following AWS best practices.
Establishing visibility and usage analysis through spend dashboards, spend limits, chargebacks, anomaly detection and response, allows customers to identify opportunities to optimize expenses for cloud services. Customers can allocate current costs, plan and forecast future spend with the Cloud Financial Management capability. This enables customers to track, notify, and apply cost optimization techniques across their environment.