# Guide for Configuring the External Service Incident CloudWatch on the Elven Platform The integration of the **External Service Incident CloudWatch** with the **Elven Platform** is a solution designed to simplify your life by centralizing **incident management** in a single place. With it, you receive **notifications** directly from **Amazon CloudWatch**, eliminating the need to switch between platforms and allowing a clear and efficient view of everything happening in your work environment. In addition, the integration is fully **customizable**. You define which **metrics** and **conditions** are most relevant to your business, ensuring that the **incident notifications** you receive are useful and aligned with your needs. It’s a practical way to turn **monitoring** into a more fluid, organized, and accurate experience. {% embed url="" %} ## **API Token Configuration** To configure the **External Service Incident** in **CloudWatch**, it is necessary to generate an **API Token**. This token will be used as an essential part of the **authentication** process, being incorporated directly into the **request Path**. It acts as an additional layer of **security**, ensuring that only properly authorized users can access and interact with the **external service**. In this context, the **API Token** is included as a **URL parameter** in the call to the **API**. This ensures that **client authentication** is correctly performed during the sending of **incident notifications** or interaction with the service. * In the top menu, under your user configuration section, click on **Organization Settings**. * In the **API** tab, click the **+** button to create a new **API Token**.

## **Accessing External Service Incident CloudWatch** * Navigate to the main menu and click on **Services Hub**. * In **External Services Monitoring**, select the **Incident CloudWatch** item.

## **External Service Incident CloudWatch Configuration** The configuration of the fields in **External Service Incident CloudWatch** is an essential step to ensure that your **incident notifications** on the **Elven Platform** work efficiently and reach the right people at the right time. The first field, **External Service Name**, is where you should assign a name to the service being integrated. This name will appear in **dashboards** and **reports**, making it easier to quickly identify the service among others. Choose a clear and descriptive name, as it will be your reference for managing and reviewing the **incident history** in the future. The **Responders** field is the bridge between the **incident** and its resolution. Here you define who will be notified when the **incident notification** is triggered, whether specific individuals, entire teams, or even **automated systems**. This field is vital to ensure that **incident notifications** reach the right people, avoiding delays and confusion. Add relevant contacts, such as **emails** or **team IDs**, and make sure all responsible parties have the necessary information and access to act quickly.

## **Lambda Function of the External Service Incident CloudWatch** When configuring an **External Service Incident CloudWatch**, one of the most important steps is selecting the **API Token** you previously generated. This key acts as a unique credential that securely connects your system to the **incident notification service**. Think of it as a master key that enables **authentication** and **communication** between platforms. Make sure to choose the correct **API Token** and keep it protected, as it is essential for the service to function and to ensure the integrity of the integration. After selecting the **API Token**, you will gain access to the **function**, which is generated automatically. This **function** will be responsible for mediating the communication between **CloudWatch alarms** and the **Elven Platform**, processing the received **events** and sending clear and actionable **notifications**. The integration is designed to transform raw **data** into structured **incident notifications**, ensuring that any important **event** is captured and delivered efficiently. This guarantees that you are always informed about the critical states of your **resources**, allowing for a fast and accurate response.

## **AWS Lambda and AWS SNS** This automation is a **key component** for speeding up the identification and response to issues in your **monitoring environment**. In this process, the **Lambda function** and the **SNS (Simple Notification Service)** play fundamental roles. The **Lambda function** acts as the intelligent intermediary, processing the **events** generated by **CloudWatch alarms**. When properly configured, it transforms these raw **notifications** into information that can be sent to the **Elven Platform**, ensuring you receive **clear and actionable incident notifications**. Without **Lambda**, the automated data flow between **CloudWatch** and the **Elven Platform** would not be possible. The **SNS (Simple Notification Service)** plays a crucial role as the “**messenger**” in the integration system with the **Elven Platform**. It manages and distributes the **notifications** generated by **CloudWatch alarms**, ensuring that each relevant **event** is delivered to the **Lambda function** and subsequently processed for delivery to the **Elven Platform**. This configuration allows **incident notifications** to be forwarded efficiently and in **real time** to the platform, where they can be centralized and managed more effectively. ## **Configuring in CloudWatch** #### **In AWS, you need to create a Lambda. In the services menu, search for Lambda, then click Create function:**

When creating the **Lambda**, you need to provide the **name** and the **Runtime**. By default, the one used is **Node.js 20.x**.\ After filling in the fields above, click **Create function**. #### **After accessing the created Lambda, in Code Source, replace the default content with the one obtained during the creation of the External Service CloudWatch.**

Click on **Deploy** after inserting the provided **code**. #### **Access the SNS service.**

After accessing the **service**, go to **Topics** and then click on **Create Topic**: Select the **Standard** option and give it a name of your choice.

After that, click **Create topic**. #### **When creating the topic, the next step is to associate the created Lambda. To do this, scroll down to the bottom of the page and click Create subscription.**

#### **After creating the SNS Topic, we must configure it in CloudWatch.**

When accessing the CloudWatch service, the next step is to create the alarm by clicking Create alarm.\ Select the metric you want to monitor, in the example below, we are monitoring the CPU Utilization metric.

Define the conditions according to your operation.

Click Next to proceed to the next step. #### In **Configure actions**, we must set up the **notification** for all three **statuses**. * In Alarm * OK * Insufficient data All of them must send to the **SNS topic** created, as shown in the example:

Click Next to proceed to the next step and then name the created alarm.

Verify if the **alarm** and **conditions** were created correctly and click **Create alarm** to finish. After that, all **CloudWatch alerts** should appear in the **Elven Platform**. Once configured, the service will appear in the **External Services Monitoring Center**, categorized by **status**, making it easier to monitor **incidents**, with priority given to those in **alarm state**. ## **Additional security and performance settings** * **IP Whitelist**: **API communication** can be configured to allow only **authorized IPs**. To enable or modify this setting, contact **Elven Platform support**. * **Rate Limiting**: The default **request limiting** time is **5 minutes**, but it can be adjusted as needed. For changes, contact **Elven Platform support**. These settings ensure greater **security** and **control** over the **data traffic** between the integrated systems. ## **Glossary of Technical Terms** **API Token**: A unique key used for secure authentication between systems. In the context of this documentation, it is essential for connecting **CloudWatch** to the **Elven Platform**. **CloudWatch**: AWS monitoring service that collects and tracks metrics, monitors logs, and generates alarms for changes in your environment. **External Service Name**: Descriptive name assigned to an external service integrated with the **Elven Platform**, used for identification in dashboards and reports. **Responders**: People, teams, or systems designated to receive alert notifications and act accordingly. **Lambda Function**: A function in **AWS Lambda** that processes events generated by **CloudWatch** alarms and forwards them to the **Elven Platform**. **SNS (Simple Notification Service)**: AWS messaging service that delivers notifications generated by **CloudWatch** alarms to the **Lambda Function** or other endpoints. **Node.js Runtime**: Execution environment used for the **Lambda Function**. In this documentation, **Node.js 20.x** is mentioned as the default. **Code Source**: Area within the **Lambda Function** where the processing code is inserted or edited before deployment. **Topics (SNS)**: **SNS** feature used to organize and distribute messages to specific subscribers, such as **Lambda Functions**. **Subscription**: Association between an **SNS Topic** and an endpoint (e.g., a **Lambda Function**) that ensures notification delivery. **CPU Utilization**: Common metric used in resource monitoring to assess CPU usage by instances or applications in **AWS**. **Standard Topic (SNS)**: Type of **SNS Topic** that delivers messages with maximum effort for availability and reliability. **Endpoint**: Destination where **SNS** notifications are sent, such as a **Lambda Function** configured for integration.