Amazon CloudWatch Integration Guide | PagerDuty

Integration Guide for Amazon CloudWatch

Integration Overview

Amazon CloudWatch provides monitoring for AWS resources and customer-run applications. The service can collect data, gain insight, and alert users to fix problems within applications and organizations. Amazon CloudWatch gives system-wide visibility into resource utilization and notifications can be set for when any metrics cross a specified threshold. These alarms can be automatically sent to PagerDuty, which then reliably alerts the correct on-call person through their preferred contact methods.

Follow the instructions below to configure your Amazon Cloudwatch with PagerDuty. If you have any questions or need any assistance, please contact our support team at support@pagerduty.com.

In PagerDuty

There are two ways that Amazon CloudWatch can be integrated with PagerDuty: via Global Event Routing or through an integration on a PagerDuty Service.

Integrating with Global Event Routing

Integrating with Global Event Routing may be beneficial if you want to build different routing rules based on the payload coming from AWS. You can also leverage features such as scheduling rules or appending information with a note. If you would like to learn more, please visit our article on Global Event Routing.

  1. From the Configuration menu, select Event Rules
  1. On the Event Rules screen, copy your Integration Key.
  1. Once you have your Integration Key, the Integration URL will be:

https://events.pagerduty.com/x-ere/[YOUR_INTEGRATION_KEY_HERE]

You can now proceed to the In the AWS Management Console section below.

Integrating with a PagerDuty Service

Integrating with a PagerDuty Service directly can be beneficial if you don’t need to route alerts from AWS to different responders based on the event payload. You can still use service-level event rules to perform actions such as suppressing.

  1. From the Configuration menu, select Services.
  2. On your Services page: If you are creating a new service for your integration, click +Add New Service. It is recommended that you create a service specifically for Amazon CloudWatch notifications.

If you are adding your integration to an existing service, click the name of the service you want to add the integration to. Then click the Integrations tab and click the +New Integration button.

  1. Select Amazon CloudWatch from the Integration Type menu and enter an Integration Name.
    If you are creating a new service for your integration, in General Settings, enter a Name for your new service. Then, in Incident Settings, specify the Escalation Policy, Notification Urgency, and Incident Behavior for your new service.
  2. Click the Add Service or Add Integration button to save your new integration. You will be redirected to the Integrations page for your service.
  3. Copy the Integration URL for your new integration.

In the AWS Management Console

  1. In the SNS console, click Create Topic. This will be used to route alerts to PagerDuty from AWS.
  1. Enter a Topic name and Display name, then click Create topic. You may want to name your topic after your PagerDuty service’s name.
  2. Now that your topic has been created, click Create Subscription.
  1. Make sure HTTPS is the selected Protocol. Paste your Integration URL from step 5 (above) into the Endpoint field and click Create Subscription.
  1. Your subscription should be automatically confirmed. Click the refresh icon to make sure the Subscription ID is not PendingConfirmation.
  1. Go to your EC2 Instances Console. Select your instance, click Actions, select CloudWatch Monitoring, and click Add/Edit Alarms.
  1. Click Create Alarm.
  2. Select your notification from the dropdown menu, configure the settings that you would like to use for the alarm, and click Create Alarm.
  1. At this point, you will receive alerts in PagerDuty for when an alarm has reported a critical alert, but the PagerDuty incident will not be resolved when the alarm clears. To enable automatic resolution in PagerDuty when an alarm clears, select your instance, click the Actions button, click CloudWatch Monitoring, and select Add/Edit Alarms again.

  2. You will see the alarm that you created earlier. Click view under More Options.

  1. Select your alarm, click the Actions button, then click Modify.
  1. On the Modify Alarm screen, verify your alarm threshold and settings. Add a new Action to Send Notification(s) when the alarm state reaches ALARM, by clicking + Notification.
  1. Add a notification for the OK state and check that your ALARM state notification is correct. Ensure both notifications are being sent to the Topic created earlier in the integration. Make sure to save your changes.
  1. You should then see that your Alarm was saved successfully.
  1. Congratulations! You have now integrated Amazon CloudWatch with PagerDuty! Now when your alarm threshold is met, an incident will be triggered within PagerDuty.
  1. Once that alarm is back in an OK state, the incident will automatically resolve within PagerDuty.

FAQ

What alarm statuses affect PagerDuty incidents?

An alarm with status ALARM will trigger incidents, and status OK will resolve them. Alarms with status INSUFFICIENT_DATA will only trigger PagerDuty incidents. If you need INSUFFICIENT_DATA to resolve an incident, we recommend using an email integration instead.

If I use an email integration, how can I verify my PagerDuty service’s email address?

If you send a confirmation email to your service’s PagerDuty address, you will be able to view the message body and verify that address from the PagerDuty console. To do so, find the incident that is created by the email and view its details to verify the email address.

The link to verify will be in the incident details. The SNS confirmation page requires JavaScript, which can not be executed in the iframe the message is rendered in. To confirm your subscription, open the confirmation link in a new tab or window by right-clicking on the link and choosing Open Link in New Tab/Window.