2

我有一个 SNS 主题,它有两个订阅,一个是 pagerduty API,另一个是 pagerdutyEmail。我想使用该主题的订阅过滤策略从 pagerduty 电子邮件订阅中排除警报。

我不确定我应该如何排除它,过滤策略是否有类似选项

我尝试在下面使用但不起作用。

  "AlarmArn": [
    {
      "prefix": "arn:aws:cloudwatch"
    }
  ]
}
4

2 回答 2

2

我认为这Subscription filter policy不允许您根据警报 ARN 或 Cloudwatch JSON 有效负载中发送的任何其他元数据过滤 Cloudwatch 警报。

过滤策略需要MessageAttributes有效负载中的一个字段发送到 SNS 主题,并且该字段应包含您希望添加过滤策略以过滤通知的属性。

Cloudwatch 警报发送的 JSON 有效负载不包含这些属性,如下面的示例有效负载所示:

{
    "Type": "Notification",
    "MessageId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
    "TopicArn": "arn:aws:sns:eu-west-1:000000000000:cloudwatch-alarms",
    "Subject": "ALARM: \"Example alarm name\" in EU - Ireland",
    "Message": "{\"AlarmName\":\"Example alarm name\",\"AlarmDescription\":\"Example alarm description.\",\"AWSAccountId\":\"000000000000\",\"NewStateValue\":\"ALARM\",\"NewStateReason\":\"Threshold Crossed: 1 datapoint (10.0) was greater than or equal to the threshold (1.0).\",\"StateChangeTime\":\"2017-01-12T16:30:42.236+0000\",\"Region\":\"EU - Ireland\",\"OldStateValue\":\"OK\",\"Trigger\":{\"MetricName\":\"DeliveryErrors\",\"Namespace\":\"ExampleNamespace\",\"Statistic\":\"SUM\",\"Unit\":null,\"Dimensions\":[],\"Period\":300,\"EvaluationPeriods\":1,\"ComparisonOperator\":\"GreaterThanOrEqualToThreshold\",\"Threshold\":1.0}}",
    "Timestamp": "2017-01-12T16:30:42.318Z",
    "SignatureVersion": "1",
    "Signature": "Cg==",
    "SigningCertUrl": "https://sns.eu-west-1.amazonaws.com/SimpleNotificationService-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.pem",
    "UnsubscribeUrl": "https://sns.eu-west-1.amazonaws.com/?Action=Unsubscribe&SubscriptionArn=arn:aws:sns:eu-west-1:000000000000:cloudwatch-alarms:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}

我已经使用 Cloudwatch 有效负载中可用的键值对之一测试了过滤策略,但它对我不起作用。

参考文档:
https ://docs.aws.amazon.com/sns/latest/dg/sns-subscription-filter-policies.html

您可能必须使用首选客户端库编写 Lambda 函数并使用 Pagerduty Events API 来制定解决方案。

参考:
https ://developer.pagerduty.com/docs/tools-libraries/client-libraries/ https://developer.pagerduty.com/docs/events-api-v2/trigger-events/

于 2021-01-13T08:00:36.203 回答
0

上面的过滤器实际上匹配AlarmArn带有前缀的消息arn:was:cloudwatch

您可以尝试使用anything-but命令。

"AlarmArn": [{
    "anything-but": [{
        "prefix": "arn.aws.cloudwatch"
    }]
}]

有关更多信息,请参阅https://docs.aws.amazon.com/sns/latest/dg/sns-subscription-filter-policies.html

于 2020-11-18T20:16:31.917 回答