Account Health Tool Monitoring

The 0.3.9 release of the Account Health feature introduces a new stack to deploy called Monitoring with the purpose of providing an extra layer of monitoring on the developers tools deployed to enviroments. The monitoring stack currently serves the purpose of monitoring two tools, GuardDuty and Shelvery.

GuardDuty

The monitoring for guardduty ensures that at any given time atleast 1 detector is present in the given environment, if not a metric is pushed to cloudwatch which then triggers an associated alarm for prompt investigation and action.

Shelvery

The monitoring for shelvery is aimed to ensure that no misconfiguration occurs for the resources compatible with shelvery. This is done by retrieving all compatible resources in an environement that are currently untagged and pushing these as metrics to cloudwatch for investigation, with the idea that all resources should be explicitly enabled or disabled for shelvery backup.