Setup integration: Amazon ElastiCache Notification

You need to setup an AWS SNS HTTPS endpoint for this integration!

This integration requires marbot  plus

Amazon ElastiCache provides in-memory databases such as Redis or memcached. ElastiCache Event Notifications are published when significant events happen on a cache cluster. An event can be the start of an automated backup, a failover to a replica, or much more. You can get either all event types or none; there is no filter feature available in ElastiCache.

Monitoring Multi-AZ failovers

You need an existing ElastiCache Redis cluster (Multi-AZ with Auto-Failover enabled) for this example to work!

You can run the Redis cluster in Multi-AZ with Auto-Failover mode. Multi-AZ will use at least two virtual machines to host your cluster (primary and replicas). The replicas keep the same data in-memory as the primary. If the primary goes down, AWS will failover to one of the secondaries. But this will take up to 6 minutes. You may want to know about this event because it will cause connection errors in your applications.

Before you can start to set up ElastiCache Notifications, you have to make one change to the SNS topic endpoint that is required for this integration. You have to allow ElastiCache Notifications to send messages to your topic.

Allowing AWS to send messages to your topic

  1. Visit https://console.aws.amazon.com/sns/?region=us-east-1
  2. Click on the Topics link on the left
  3. Select the topic that you created for marbot
  4. Click on the Actions button, where you click on the Edit topic policy link.
    Edit SNS topic policy
  5. Select the Advanced view tab

If this is the first time you edit the SNS topic policy, you should see a default entry like this:

{
"Version": "2008-10-17",
"Id": "__default_policy_ID",
"Statement": [
{
"Sid": "__default_statement_ID",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
[...TRUNCATED...]
}
]
}

You can replace the default policy with:

{
"Version": "2012-10-17",
"Id": "Id1",
"Statement": [
{
"Sid": "AmazonElastiCacheNotifications",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "sns:Publish",
"Resource": "ARN",
"Condition": {
"StringEquals": {
"AWS:SourceOwner": "ACCOUNT_ID"
}
}
}
]
}

The policy allows all resources in your AWS Account to publish messages to your SNS topic. This does not follow the idea of least privileges but is the only way to allow ElastiCache to use your SNS topic today.

If the topic contains already a policy, you have to add an entry to the Statement array:

{
"Sid": "AmazonElastiCacheNotifications",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "sns:Publish",
"Resource": "ARN",
"Condition": {
"StringEquals": {
"AWS:SourceOwner": "ACCOUNT_ID"
}
}
}
  1. Replace ARN with your SNS topic ARN that you created for marbot.
  2. Replace ACCOUNT_ID with your AWS Account ID.
  3. Click on the Update policy button to save the policy.

Save SNS topic policy

Now, ElastiCache is allowed to send notifications to your topic. Continue to enable ElastiCache Notifications for your Redis cluster.

Enabling ElastiCache Notifications

  1. Visit https://console.aws.amazon.com/elasticache/home?region=us-east-1
  2. Click on the Redis link on the left
  3. Select your Redis cluster
  4. Click on the Modify button
  5. Set *Enabling ElastiCache Notifications to marbot or your other SNS topic name
  6. Enable Apply immediately
  7. The other fields can stay as they are
  8. Save by clicking the Modify button.
    Enabling ElastiCache Notifications

Sample Alert

You can simulate a failover with the AWS CLI. Replace the following value in the command below:

  • REPLICATION_GROUP_ID with the name of the Redis cluster
aws --region us-east-1 elasticache test-failover --replication-group-id REPLICATION_GROUP_ID --node-group-id 0001

You should get an alert in Slack via a direct message:

ElastiCache Notification