Building an automated Serverless new resource discovery notification

2024-05-09 2 min read Projects Barny Baron

Journey: 📊 Community Builder 📊

Subject matter: Building on AWS

Task: Building an automated Serverless new resources discovery notification.

This project is about observability, and receiving real-time notifications when new resources are provisioned in an AWS Account.

Using the 6 Pillars of the AWS Well-Architected Framework, Security and Cost Optimisation will be achieved in this build.

I will be setting up a method of keeping a close eye on newly created AWS resources by obtaining real-time notifications to a mailbox when AWS Config recognises new resources spinning up.

Security

Credit: This serverless architecture was created using guidance from Mahira on Medium Here.

What did I use to build this environment?

AWS Config
Amazon EventBridge
SNS
AWS Management Console

What is built?

A real-time notification system using AWS Config as the monitoring catalyst
SNS Topic
SNS Subscription
Amazon EventBridge “Config Configuration Item Change” rule for specific resources

This task involved using AWS Config to detect new resources being created before notifying Amazon EventBridge to trigger a notification via email to the Account Administrator.

I also used the following AWS documentation:

https://repost.aws/knowledge-center/config-email-resource-created

https://docs.aws.amazon.com/sns/latest/dg/sns-getting-started.html

https://docs.aws.amazon.com/sns/latest/dg/sns-create-topic.html

https://docs.aws.amazon.com/sns/latest/dg/sns-create-subscribe-endpoint-to-topic.html

https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html

Once I had configured all of the areas, I created a new S3 Bucket and AWS Config successfully notified me of the provisioned resource.