DAX のアラームで他アカウントのSNSトピックに通知できることを確認したメモ。
セットアップ手順
DAX
$ cat <<EOF > dax-assume-role-policy-document.json { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "dax.amazonaws.com" }, "Action": "sts:AssumeRole" } ] } EOF $ aws iam create-role --role-name DAXRole --assume-role-policy-document file://dax-assume-role-policy-document.json $ aws iam attach-role-policy --role-name DAXRole --policy-arn arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess $ aws dax create-subnet-group --subnet-group-name dax-default-sg --subnet-ids subnet-f2****** subnet-02****** $ aws dax create-cluster --cluster-name dax-r4l-3nodes --node-type dax.r4.large --replication-factor 3 --subnet-group-name dax-default-sg --security-group-ids sg-85****** --iam-role-arn arn:aws:iam::123456789012:role/DAXRole
他アカウントでSNSトピック作成
{ "Version": "2008-10-17", "Id": "__default_policy_ID", "Statement": [ { "Sid": "__default_statement_ID", "Effect": "Allow", "Principal": { "AWS": "*" }, "Action": [ "SNS:GetTopicAttributes", "SNS:SetTopicAttributes", "SNS:AddPermission", "SNS:RemovePermission", "SNS:DeleteTopic", "SNS:Subscribe", "SNS:ListSubscriptionsByTopic", "SNS:Publish", "SNS:Receive" ], "Resource": "arn:aws:sns:ap-northeast-1:234567890123:dynamodb", "Condition": { "StringEquals": { "AWS:SourceOwner": [ "123456789012", "234567890123" ] } } } ] }
DAXにアクセスするアプリをセットアップ。
実行
- DAXにアクセスするアプリを実行
$ export SDKVERSION=1.11.641 $ export DAX_HOME=/home/ec2-user/trydax $ export CLASSPATH=.:$DAX_HOME/DaxJavaClient-latest.jar:$DAX_HOME/aws-java-sdk-$SDKVERSION/lib/aws-java-sdk-$SDKVERSION.jar:$DAX_HOME/aws-java-sdk-$SDKVERSION/third-party/lib/* $ java TryDax dax-r4l-3nodes.******.clustercfg.dax.apne1.cache.amazonaws.com:8111
- 以下のメールが届く
You are receiving this email because your Amazon CloudWatch Alarm "awsdax-dax-r4l-3nodes-High-" in the Asia Pacific (Tokyo) region has entered the ALARM state, because "Threshold Crossed: 1 datapoint [22251.0 (29/09/19 11:02:00)] was greater than or equal to the threshold (0.0)." at "Sunday 29 September, 2019 11:03:49 UTC". View this alarm in the AWS Management Console: https://ap-northeast-1.console.aws.amazon.com/cloudwatch/home?region=ap-northeast-1#s=Alarms&alarm=awsdax-dax-r4l-3nodes-High- Alarm Details: - Name: awsdax-dax-r4l-3nodes-High- - Description: - State Change: INSUFFICIENT_DATA -> ALARM - Reason for State Change: Threshold Crossed: 1 datapoint [22251.0 (29/09/19 11:02:00)] was greater than or equal to the threshold (0.0). - Timestamp: Sunday 29 September, 2019 11:03:49 UTC - AWS Account: 123456789012 Threshold: - The alarm is in the ALARM state when the metric is GreaterThanOrEqualToThreshold 0.0 for 60 seconds. Monitored Metric: - MetricNamespace: AWS/DAX - MetricName: TotalRequestCount - Dimensions: [ClusterId = dax-r4l-3nodes] - Period: 60 seconds - Statistic: Average - Unit: not specified - TreatMissingData: missing State Change Actions: - OK: - ALARM: [arn:aws:sns:ap-northeast-1:23456789012:dynamodb] - INSUFFICIENT_DATA:
