Guardian 0.7.0 Release
The 0.7.0
release of Guardian introduces the ability to schedule the enabling and disabling of alarms in maintenance groups using CloudWatch Events and Lambda.
Previously, alarm actions on alarms could only be enabled/disabled via the cfn-guardian cli tool, which meant users needed to run this manually when wanting to suppress alarm triggers for a period of expected noise.
Making use of CloudWatch Event Rules and a Lambda function written in Python, you are now able to provide cron expressions in your MaintenanceGroup
record(s) to schedule this functionality instead.
Resources:
Http:
- Id: https://myapp.com
StatusCode: 200
MaintenanceGroups:
AppUpdate:
Schedules:
Disable: '30 0 * * ? *'
Enable: '00 1 * * ? *'
Debug: 'true'
Http:
EndpointAvailable:
- Id: https://myapp.com
EndpointStatusCodeMatch:
- Id: https://myapp.com
Providing the Schedules
key along with the Disable
and Enable
keys in your maintenance group records will create Event Rules with the desired cron expressions that targets the function that also gets deployed. Optionally you can provide the Debug
key as shown to allow for debug level logging on the function.
The Lambda function will turn off the alarm’s actions when the disable event is invoked, while the enable event turns on the alarm’s actions and sets the state to OK along with a reason message.
This functionality will be useful to implement for use-cases where alarms may trigger for a known period of time. For example, you may run scheduled updates every Monday night between 12:30am - 01:00am where downtime is expected but alarms can be ignored. This will help cut down on unnecessary noise.
Further documentation can be found in the Guardian README
Additional changes:
- use minimum statistic as default for Elasticsearch storage space critical alarm