Boto / Cloudwatch recover instance alarm

Question

I've been banging my head against a wall trying to make this work. I'm attempting to use python/boto to create a cloutwatch alarm that recovers a failed ec2 instance. I'm having difficulty in getting the ec2:RecoverInstance action to work. I suspect my topic isn't setup correctly.

topics = sns_conn.get_all_topics()

topic = topics[u'ListTopicsResponse']['ListTopicsResult']['Topics'][0]['TopicArn']

# arn:aws:sns:us-east-1:*********:CloudWatch

status_check_failed_alarm = boto.ec2.cloudwatch.alarm.MetricAlarm(
         connection=cw_conn,
         name=_INSTANCE_NAME + "RECOVERY-High-Status-Check-Failed-Any",
         metric='StatusCheckFailed',
         namespace='AWS/EC2',
         statistic='Average',
         comparison='>=',
         description='status check for %s %s' % (_INSTANCE, _INSTANCE_NAME),
         threshold=1.0,
         period=60,
         evaluation_periods=5,
         dimensions={'InstanceId': _INSTANCE},
         # alarm_actions = [topic],
         ok_actions=[topic],
         insufficient_data_actions=[topic])

# status_check_failed_alarm.add_alarm_action('arn:aws:sns:us-east-1:<acct#>:ec2:recover')
# status_check_failed_alarm.add_alarm_action('arn:aws:sns:us-east-1:<acct#>:ec2:RecoverInstances')
status_check_failed_alarm.add_alarm_action('ec2:RecoverInstances')

cw_conn.put_metric_alarm(status_check_failed_alarm)

Any suggestions would be highly appreciated.

Thank you.

--MIke

Where is `topic` being defined. You can either query for all the topics, e.g. `sns = connect_to_region(...); topics = sns.get_all_topics()` or just look up the SNS ARN in the AWS Management console. It should look like `arn:aws:sns:::`. — AChampion, Dec 06 '16 at 17:03
Hi AChampion -- I've updated my code to show the topics-retrieval portion. — Michael Bogucki, Dec 06 '16 at 19:22

score 0 · Accepted Answer · answered Dec 06 '16 at 21:08

I think the issue is these alarm actions do not have <acct> in the arn. The cli reference documents the valid arns:

Valid Values: arn:aws:automate:region:ec2:stop | arn:aws:automate:region:ec2:terminate | arn:aws:automate:region:ec2:recover

I would think it is easier to pull the metric from AWS and create an alarm from that rather than trying to construct it from the ground up, e.g. (untested code):

topics = sns_conn.get_all_topics()
topic = topics[u'ListTopicsResponse']['ListTopicsResult']['Topics'][0]['TopicArn']

metric = cloudwatch_conn.list_metrics(dimensions={'InstanceId': _INSTANCE},
                                      metric_name="StatusCheckFailed")[0]
alarm = metric.create_alarm(name=_INSTANCE_NAME + "RECOVERY-High-Status-Check-Failed-Any",
                            description='status check for {} {}'.format(_INSTANCE, _INSTANCE_NAME),
                            alarm_actions=[topic, 'arn:aws:automate:us-east-1:ec2:recover'],
                            ok_actions=[topic],
                            insufficient_data_actions=[topic],
                            statistic='Average',
                            comparison='>=',
                            threshold=1.0,
                            period=60,
                            evaluation_periods=5)

Hi AChampion, Thank you very much.... That's certainly much easier and it works perfectly. — Michael Bogucki, Dec 07 '16 at 15:42

Boto / Cloudwatch recover instance alarm

1 Answers1