Create a Lambda function that responds to CloudWatch Alarm actions

To create a Lambda function that responds to CloudWatch Alarm actions and modifies AWS resources accordingly, you can follow these steps.

This guide will demonstrate creating a Lambda function in Node.js that can stop EC2 instances as a response to an alert, but the concept can be extended to other resources and actions (e.g., modifying or terminating resources).

Prerequisites:

• AWS CLI installed and configured.
• Basic knowledge of AWS services (Lambda, CloudWatch, EC2).
• Node.js installed locally if you wish to test the script outside of AWS initially.

Step 1: Create an IAM Role for Lambda

1. IAM Console: Go to the IAM console in AWS.
2. Create Role: Select "Lambda" as the service that will use this role.
3. Attach Policies: Attach policies that grant the necessary permissions. For stopping EC2 instances, attach the AmazonEC2FullAccess policy. In a production environment, you should create a custom policy with more restricted permissions.
4. Review and Create: Name your role (e.g., LambdaEC2ManagementRole) and create it.

Step 2: Create the Lambda Function

1. Lambda Console: Go to the AWS Lambda console and choose "Create function".
2. Configuration:
   • Name your function (e.g., StopEC2Instances).
   • Select Node.js as the runtime.
   • Choose the IAM role created in Step 1.

Function Code: Use the AWS SDK for JavaScript in Node.js. Below is a simple example that stops a specific EC2 instance when triggered. Replace 'INSTANCE_ID' with the actual instance ID you want to stop.

const AWS = require('aws-sdk');
const ec2 = new AWS.EC2();

exports.handler = async (event) => {
    console.log("Event: ", JSON.stringify(event, null, 2));

    const params = {
        InstanceIds: ['INSTANCE_ID'], // Replace with your instance ID
        DryRun: false
    };

    try {
        const data = await ec2.stopInstances(params).promise();
        console.log("Success", JSON.stringify(data, null, 2));
    } catch (err) {
        console.error("Error", err);
    }
};

Deploy: After entering your code, deploy the Lambda function.

Step 3: Configure CloudWatch Alarm or AWS Budgets to Trigger Lambda

• For CloudWatch Alarms: Navigate to the CloudWatch console, create or select an existing alarm, and specify the Lambda function as the action for the alarm state (e.g., "In Alarm").

• For AWS Budgets Alerts:

  • Go to the AWS Budgets console.
  • Create a budget or select an existing one.
  • In the "Alerts" section, add a new alert.
  • Set the alert to publish to an SNS topic.
  • Subscribe the Lambda function to the SNS topic either through the Lambda console or the SNS console.

Step 4: Testing and Verification

• Invoke Manually: Initially, you might want to invoke the Lambda function manually with a test event to ensure it operates as expected without waiting for an alarm.
• Monitor Logs: Check the CloudWatch Logs for your Lambda function to verify it's being triggered and is executing correctly.
• Trigger Alarm: To fully test the integration, you can configure conditions that trigger the CloudWatch Alarm or exceed your AWS Budgets threshold to ensure the Lambda function is invoked automatically.