Which solution will accomplish this with the LEAST amount of development effort?
Create an Amazon EventBridge rule that runs periodically and targets an AWS Lambda function. Within the Lambda function, evaluate the current state of the AWS environment and compare deployed resource values to resource limits on the account. Notify the senior manager if the account is approaching a service limit.
Deploy an AWS Lambda function that refreshes AWS Trusted Advisor checks, and configure an Amazon EventBridge rule to run the Lambda function periodically. Create another EventBridge rule with an event pattern matching Trusted Advisor events and a target Lambda function. In the target Lambda function, notify the senior manager.
Deploy an AWS Lambda function that refreshes AWS Health Dashboard checks, and configure an Amazon EventBridge rule to run the Lambda function periodically. Create another EventBridge rule with an event pattern matching Health Dashboard events and a target Lambda function. In the target Lambda function, notify the senior manager.
Add an AWS Config custom rule that runs periodically, checks the AWS service limit status, and streams notifications to an Amazon Simple Notification Service (Amazon SNS) topic. Deploy an AWS Lambda function that notifies the senior manager, and subscribe the Lambda function to the SNS topic.
Explanations:
This approach would require custom code to evaluate resource limits, which increases development effort. AWS does not provide a native API to get all current resource usages, making it difficult to implement without additional complexity.
Trusted Advisor provides service limit checks, and AWS can trigger events when limits are near. This option automates alerts with minimal development effort by leveraging Trusted Advisor’s checks and Amazon EventBridge notifications.
The AWS Health Dashboard does not monitor service limits; it focuses on AWS service events and outages. Therefore, it cannot directly alert when service limits are approached, making it unsuitable for the requirement.
AWS Config does not natively support monitoring service limits, and creating a custom rule would add significant development overhead. This approach is less efficient than using existing Trusted Advisor checks for service limits.